railway-setup-vaultwarden

# Railway Setup: Vaultwarden ## Overview - **Project:** otf-vaultwarden-uptimekuma (`371f1892-dd0c-4aa3-be35-346e79482b07`) — shared with Uptime Kuma - **Template:** Railway Vaultwarden template - **Domain:** vault.optimified.com - **Port:** 8000 - **Version:** 1.35.4 - **Services:** vaultwarden, Postgres, Uptime Kuma ## Key Env Vars | Var | Value | |---|---| | `DOMAIN` | `https://vault.optimified.com` | | `SIGNUPS_ALLOWED` | `false` | | `INVITATIONS_ALLOWED` | `true` | | `ORG_CREATION_USERS` | `mike@optimified.com` | | `SMTP_HOST` | `smtp.resend.com` | | `SMTP_PORT` | `587` | | `SMTP_SECURITY` | `starttls` | | `SMTP_FROM` | `noreply@alert.optimified.com` | | `SMTP_FROM_NAME` | `Optimified Vault` | ## Custom Domain CNAME: `vault` → `vaultwarden-production-9bac.up.railway.app` (Cloudflare proxied) ## Sharing Model - Organization "Optimified" created - Sharing via **Collections**: create collections, assign items to collections, grant member access per collection - No explicit "Share" button in web vault — move items to org vault and assign to collections - For full UI (clone, move), use the **Bitwarden browser extension or desktop app** pointed at `https://vault.optimified.com` ## Access - **Web vault:** Limited UI — edit, view. Clone available but no share button. - **Browser extension / desktop app:** Full UI — clone, move to org, manage collections. Set self-hosted URL to `https://vault.optimified.com`. ## Issues Encountered - **ADMIN_TOKEN warning:** Startup log warns about plain text admin token. Should be hashed with Argon2 for production (`vaultwarden hash` command). Not critical but worth addressing. - **Web vault limitations:** No "Share" button in web vault — sharing is done by moving items to org collections. Confusing if you're used to the Bitwarden app UI.