Automatic Export Vault

BioLogico · November 5, 2023, 11:42am

Greetings,
I have been searching in this forum and a bit around duckduckgo-ing… could not exactely find what I need.
I hope I have some help here.
I would like to automate the Export vault on a daily basis.
I cant find the way to do that.
INFO:
I self host vaultwarden in a docker in an Ubuntu server. I created a stack in Portainer.
I do use a password and TOTP to access my vault.
I need to backup the vault for me and my family (4 users total)

QUESTIONS:

Is it possible to backup the vault?
If yes: is it possible in .json or best in one of the other formats? (for future restore in case of catastrophic event)
How can I do that? (CLI, already existing tools -mind I am in a docker).
And if possible to export it to (example) nextcloud? (I assume is possible to choose an encrypted or not export).

Thank you .
BioLogico

BlackDex · November 5, 2023, 6:32pm

I would suggest to read the Bitwarden documentation regarding this Export Vault Data | Bitwarden Help Center

There is no automation for this, but you could check GitHub - vwxyzjn/portwarden: Create Encrypted Backups of Your Bitwarden Vault with Attachments to help with this.
It uses the Bitwarden CLI to interact with the server.

BioLogico · November 6, 2023, 1:01pm

Fair point… I did read a bit about it but I am not sure to understand if it does work with the TOTP.
Any suggestion?

reinob · November 6, 2023, 4:07pm

I have vaultwarden in a cloud server, and keep a local replica in a raspberry pi at home.

At the server, a daily job does essentially:

sqlite3 ./data/db.sqlite3 ".backup /path/to/backup/snap_vaultwarden.sqlite3"

Then, also daily, the replica server (at home) stops the container, fetches the sqlite3 file, overwriting the local one, and restarts the vaultwarden container.

This way there’s always a local copy (and I can log in there even if the “master” server is down for any reason).

AFAIK the sqlite3 database has everything you need in terms of backup.

BioLogico · November 10, 2023, 9:58am

Thank you.
I will look into this technique. Basically you clone the cloud version of (docker) vaultwarden from the cloud to local (I also have mine in a cloud).
If I understand right, you dont directly backup your vault (or export it) but you do backup the DB that in turn has what you need.
Your ‘disaster’ strategy would then be that if the cloud server is compromised/broken/unreachable, you connect locally t o your local clone and you can still use it, correct?
It is something I will explore. good idea.

It is certainly more elaborated and complex than automate a vault export. I am no expert and the above technique will take quite sometimes to be implemented (eventually it will).

It is most important to keep a backup when you run your own server/services. If a machine dies and One rely on it… it becomes a real catastrophic event. (specially about passwords).

now, with the new passkey system, probably more than ever.
thank you for your help

cksapp · November 11, 2023, 5:06pm

Just an FYI the sqlite DB is not the only thing you will want to backup as this will not contain items such as attachments.

I highly recommend reading further below.

BlackDex · November 13, 2023, 7:00pm

And which tool are you using to export this then?
The Vaultwarden binary doesn’t have an export feature.

Topic		Replies	Views
Backing up docker volume of vaultwarden Help	1	2010	February 11, 2022
Export all vaults Help	3	1023	February 2, 2021
Confused with backing up Vaultwarden data folder Help	9	4355	April 14, 2022
Whitch data to Backup Help	8	4256	March 4, 2021
Backup of vault or database? Help	5	248	December 26, 2024

Automatic Export Vault

Related topics