Skip to content

Vaultwarden(Bitwarden) On a Docker Container.

Published Feb 09, 2023 by akkupy

Introduction¤

Bitwarden is a free/freemium open-source password management service that stores sensitive information such as website credentials in an encrypted vault. The platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a command-line interface.

What is Vaultwarden?¤

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

** ⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to vaultwarden, regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.

Installation¤

Method 1 (Auto):¤

  1. Run the following script
wget -qO- https://raw.githubusercontent.com/akkupy/Homelab/main/scripts/install_vaultwarden.sh | bash

This will preserve any persistent data under /vaultwarden of User Directory, you can adapt the path to whatever suits you.

Method 2 (Manual):¤

  • Folder Setup Script

  • First thing we need to do is setup the folder structure.

Run the following code 

sudo mkdir -p /home/$USER/vaultwarden

  1. Now we need to move into that directory using the following:

cd /home/$USER/vaultwarden
3. Pull the docker image and mount a volume from the host for persistent storage:

docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /home/$USER/vaultwarden:/data/ -p 4001:80 vaultwarden/server:latest
This will preserve any persistent data under /vaultwarden of User Directory, you can adapt the path to whatever suits you.

IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault from HTTPS.

  1. This can be configured in vaultwarden directly or using a third-party reverse proxy NPM(Recommended).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates. Some proxies automatically do this step, like Caddy.

Post Installation¤

(Optional): Configure Reverse Proxy using the documentation here

Access the Web UI by going to https://raspberrypi_ip:4001 or by using the Nginx Reverse Proxy Domain Address.

Sign up a new account and start using the service.