# Vaultwarden Credentials

**Date:** 2026-02-01 21:25
**Context:** New Vaultwarden account created for NUC password management

## Access URLs

- **Local:** http://192.168.1.3:8222
- **HTTPS (via Tailscale Funnel):** https://nuc-tailscale.tail58f5ad.ts.net:8443

## Master Account

- **Email:** admin@nuc.local
- **Name:** NUC Admin
- **Master Password:** VaultNUC2026!Secure
- **Password Hint:** NUC vault 2026

## Tailscale Funnel Setup

The Funnel was configured to expose Vaultwarden with HTTPS (required for Web Crypto API):

```bash
ssh nuc "docker exec tailscale-posgwooww0s0c0okssooc4gw tailscale funnel --bg --https=8443 http://192.168.1.3:8222"
```

**Note:** Tailscale Funnel only supports ports 443, 8443, and 10000.

## Stored Credentials

The following credentials have been added to the vault:

1. **NocoDB** - http://192.168.1.3:8084
   - admin@nuc.local / NocoDBNUC2026
   - Includes API tokens and MCP configuration in notes

2. **Gitea** - http://192.168.1.3:3030
   - nuc / GiteaNUC2026!
   - SSH Clone URL: git@gitea-ho0cwgcwos88cwc48g84c0g8:nuc/<repo>.git

3. **Coolify** - http://192.168.1.3:8000
   - agutmou@icloud.com
   - API Token stored as password

4. **GitHub PAT** - https://github.com
   - alezmad
   - Personal Access Token (read-only) stored as password

5. **OpenWrt Router** - http://192.168.1.1
   - root
   - MCP API Token stored as password (SSH uses key auth)

## Bitwarden MCP Server

**Architecture:** Docker container on NUC + SSH tunnel to local Mac

### NUC Container (giuliolibrando/bitwarden-mcp-server)
```bash
# Location: ~/bitwarden-mcp/
# Port: 8007
docker compose up -d
```

### SSH Tunnel (LaunchAgent - auto-starts)
```bash
# LaunchAgent: ~/Library/LaunchAgents/com.nuc.bitwarden-mcp-tunnel.plist
# Forwards localhost:8007 → nuc:8007

# Manual control:
launchctl load ~/Library/LaunchAgents/com.nuc.bitwarden-mcp-tunnel.plist
launchctl unload ~/Library/LaunchAgents/com.nuc.bitwarden-mcp-tunnel.plist
```

### Claude Code MCP Config
```bash
claude mcp add bitwarden --transport http http://localhost:8007/mcp --scope user
```

### Bitwarden CLI (alternative access)
```bash
bw config server https://nuc-tailscale.tail58f5ad.ts.net:8443
bw login admin@nuc.local
bw unlock --raw  # Get session token
```

## Related

- Vaultwarden Service: Managed via Coolify
- Coolify Dashboard: http://192.168.1.3:8000
- Homepage Dashboard: http://192.168.1.3:3000