Vaultwarden(Bitwarden) On a Docker Container.
Introduction¤
Bitwarden is a free/freemium open-source password management service that stores sensitive information such as website credentials in an encrypted vault. The platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a command-line interface.
What is Vaultwarden?¤
Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
** ⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to vaultwarden, regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
Installation¤
Method 1 (Auto):¤
- Run the following script
wget -qO- https://raw.githubusercontent.com/akkupy/Homelab/main/scripts/install_vaultwarden.sh | bash
This will preserve any persistent data under /vaultwarden of User Directory, you can adapt the path to whatever suits you.
Method 2 (Manual):¤
-
Folder Setup Script
-
First thing we need to do is setup the folder structure.
Run the following code
sudo mkdir -p /home/$USER/vaultwarden
- Now we need to move into that directory using the following:
cd /home/$USER/vaultwarden
docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /home/$USER/vaultwarden:/data/ -p 4001:80 vaultwarden/server:latest
IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'
. To solve this problem, you need to access the web vault from HTTPS.
- This can be configured in vaultwarden directly or using a third-party reverse proxy NPM(Recommended).
If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates. Some proxies automatically do this step, like Caddy.
Post Installation¤
(Optional): Configure Reverse Proxy using the documentation here
Access the Web UI by going to https://raspberrypi_ip:4001 or by using the Nginx Reverse Proxy Domain Address.
Sign up a new account and start using the service.