diff --git a/README_EN.md b/README_EN.md deleted file mode 100644 index 624e7d0..0000000 --- a/README_EN.md +++ /dev/null @@ -1,200 +0,0 @@ -# NodeWarden - -An alternative implementation of the Bitwarden server API running on Cloudflare Workers, designed for personal use. - -English | [中文](./README.md) - ---- - -## ⚠️ Important Notice - - -> **Disclaimer** -> This project is for educational purposes only. We are not responsible for any data loss. Regular backups are strongly recommended. -> This project is not associated with Bitwarden. Do not report issues to Bitwarden's official support channels. - ---- - -## Features - -- ✅ Full password, note, card, and identity management -- ✅ Folders and favorites -- ✅ File attachments (R2 storage, 100MB limit) -- ✅ Import/Export functionality -- ✅ Website icons -- ✅ Login rate limiting (lockout after 5 failed attempts for 15 minutes) -- ✅ API rate limiting (60 requests/minute) -- ✅ End-to-end encryption (server cannot access plaintext) -- ✅ Compatible with all official Bitwarden clients - ---- - -## Quick Start - -### One-Click Deploy - -Click the button below to deploy to Cloudflare Workers: - -[![Deploy to Cloudflare Workers](https://deploy.workers.cloudflare.com/button)](https://deploy.workers.cloudflare.com/?url=https://github.com/shuaiplus/nodewarden) - -**Deployment Steps:** - -1. Sign in with GitHub and authorize -2. Log in to your Cloudflare account -3. **Important**: Set `JWT_SECRET` to a strong random string (use `openssl rand -hex 32`) -4. KV storage and R2 bucket will be auto-provisioned -5. Click Deploy and wait for completion - -> ⚠️ **Reminder**: Always use a strong random `JWT_SECRET`. Never use example values or simple strings! - -### Client Setup - -After deployment, open any Bitwarden client: - -1. Click Settings (⚙️) -2. Select "Self-hosted environment" -3. Enter Server URL: `https://your-project.workers.dev` -4. Save and return to login page - -**First-time registration**: Visit your Workers URL directly to register an account. - ---- - -## Manual Deployment - -```bash -# Clone -git clone https://github.com/shuaiplus/nodewarden.git -cd nodewarden - -# Install -npm install - -# Login to Cloudflare -npx wrangler login - -# Create KV storage -npx wrangler kv namespace create VAULT -# Copy the id to wrangler.toml [[kv_namespaces]] - -# Create R2 bucket (for file attachments) -npx wrangler r2 bucket create nodewarden-attachments - -# Set JWT secret (use a strong random string) -npx wrangler secret put JWT_SECRET -# Recommended: openssl rand -hex 32 - -# Deploy -npm run deploy -``` - ---- - -## NodeWarden vs Vaultwarden - -NodeWarden focuses on **personal users** with core features, keeping the codebase minimal. Here's a comparison with Vaultwarden: - -| Feature | NodeWarden | Vaultwarden | Notes | -|---------|:----------:|:-----------:|-------| -| Passwords/Notes/Cards/Identity | ✅ | ✅ | Full support | -| Folders & Favorites | ✅ | ✅ | Full support | -| File Attachments | ✅ | ✅ | R2 storage, 100MB limit | -| Import/Export | ✅ | ✅ | Full support | -| Website Icons | ✅ | ✅ | Proxy fetch | -| Login Rate Limiting | ✅ | ✅ | Brute-force protection | -| Single User Mode | ✅ | ✅ | Personal use | -| Bitwarden Send | ❌ | ✅ | Secure sharing | -| Two-Factor Auth (2FA) | ❌ | ✅ | TOTP/WebAuthn etc | -| Emergency Access | ❌ | ✅ | Emergency contacts | -| Organizations/Teams | ❌ | ✅ | Multi-user collaboration | -| Real-time Sync (WebSocket) | ❌ | ✅ | Instant multi-device push | -| Email Notifications | ❌ | ✅ | Requires SMTP | -| Change Master Password | ❌ | ✅ | Re-encrypt vault | -| Admin Panel | ❌ | ✅ | Backend management | - -> **💡 Recommendation** -> If you only need personal password management, NodeWarden is sufficient and easier to deploy. -> For team features or advanced capabilities, consider [Vaultwarden](https://github.com/dani-garcia/vaultwarden). - ---- - -## Update Guide - -If you deployed via the one-click button, the code is forked to your GitHub account. To get the latest updates: - -### Method 1: Manual Sync (Recommended) - -```bash -# In your forked repository -git remote add upstream https://github.com/shuaiplus/nodewarden.git -git fetch upstream -git merge upstream/main -git push origin main -``` - -### Method 2: GitHub Actions Auto-Sync - -The project includes built-in auto-sync configuration. In your forked repository: - -1. Go to the **Actions** tab -2. If you see "Workflows aren't being run on this forked repository", click **I understand my workflows, go ahead and enable them** -3. Auto-sync will run daily at 2:00 AM UTC -4. You can also manually trigger by clicking **Sync Fork with Upstream** → **Run workflow** - -> **⚠️ Note**: If you've modified the code, auto-sync may cause merge conflicts that require manual resolution. - ---- - -## Limitations - -- Single user only (personal use) -- No two-factor authentication -- No organization/team support -- Cannot change master password -- File attachment size limit: 100MB - ---- - -## Tech Stack - -- **Runtime**: Cloudflare Workers -- **Data Storage**: Cloudflare KV -- **File Storage**: Cloudflare R2 -- **Language**: TypeScript -- **Encryption**: Client-side AES-256-CBC, JWT with HS256 - ---- - -## Security Recommendations - -1. **Strong JWT_SECRET**: Generate with `openssl rand -hex 32` -2. **Regular Backups**: Export your vault and store securely -3. **HTTPS Access**: Cloudflare Workers provides HTTPS by default -4. **Access Control**: Use Cloudflare WAF rules or IP whitelist - ---- - -## FAQ - -**Q: How to backup data?** -A: In the client, select "Export Vault" and save the JSON file. - -**Q: Forgot master password?** -A: Cannot be recovered due to end-to-end encryption. Keep your master password safe. - -**Q: Can multiple people use it?** -A: Not recommended. This project is designed for single user. Use Vaultwarden for multi-user scenarios. - ---- - -## License - -MIT License - ---- - -## Acknowledgments - -- [Bitwarden](https://bitwarden.com/) - Original design and clients -- [Vaultwarden](https://github.com/dani-garcia/vaultwarden) - Server implementation reference -- [Cloudflare Workers](https://workers.cloudflare.com/) - Serverless platform