The Soda Pop
HomeBlogAbout Me

Bitwarden Server



Introduction

This article will cover setting up your own self-hosted Bitwarden instance with Docker and configuring ngnix to allow for public exposure for cross-device access to your vault.

What is Bitwarden?

Bitwarden is a free and open-source password management service that stores sensitive information such as website credentials in an encrypted vault. The Bitwarden platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a CLI.

I use Bitwarden as my main password vault. It stores my card details for automating the filling out of payment forms. Saves me from having to find or remember my card details. I also use Bitwarden for storing all of my passwords.

Having Bitwarden as a public endpoint means that I can connect to my password vault using the Bitwarden app on Android, specifying my self hosted instance.

Setting up the Bitwarden Server

This section of the tutorial is to set up the main Bitwarden 'hub'. This will be a publicly exposed Bitwarden API that will live on your server.

Step 1: Setting up your Linux server

Bitwarden is a free and open source password management solution for individuals, teams, and business organizations. The base image used to serving static content such as the Bitwarden web vault. This will download the BitWarden Docker container from hub.docker.com. Then all you need to do is start it: docker-compose up -d && docker-compose logs -f. The 'up -d' option actually starts the container called 'app' which is actually your BitWarden rust server in 'daemon' mode, which means it'll keep running unless you tell it to stop. Seems going to bitwarden-nginx on 8443 as https did the job and it's now forwarding correctly! Kspearrin closed this May 24, 2020 Sign up for free to join this conversation on GitHub.

You'll need to either have an existing server instance or create one. I use a Proxmox instance running on a server in my loft. You could also use something like Digital Ocean to host your Bitwarden Server. Using the following link will give you $100 worth of credits for 60 days to play around with, just sign up using this link.

Blackjack against computer. Once you have the server set up, or have logged in. You'll need to do some updates and run some prerequisite installs.

Step 2: Provisioning your Bitwarden Server

Next, you'll need to create a new folder, this will house your Bitwarden Server, you can call it anything memorable. I'll just call mine bitwarden

Next, you'll need to create a docker-compose.yml file. This is an orchistration file which docker-compose will use to provision your Docker instance.

Next, you'll need to edit your `docker-compose.yml` file and paste in the following content.

I'm using bitwarden_rs as it's written in Rust, faster and more reliable. Also entirely opensource with a heavy user-base.

Save your docker-compose.yml file and exit back to your bitwarden directory.

Step 3: Running your Bitwarden Server locally

Now, you have everything provisioned for running your Bitwarden Server.

The next thing to do is run it.

This will start up your Bitwarden Server inside Docker, it may take some time to pull down the images.

You can eventually see your instance running by executing the following

This will list your running instance.

If all is well, you can locally view your Bitwarden Server by navigating to http://localhost:PORT. Or from another machine by using your ip address instead of localhost

You should see something that looks like the following.

Finally, you'll just need to register for an account on your new hosted instance.

Click the Create Account button

Then fill out your details. If you have an existing Bitwarden account, you'll still have to create a new account on this instance. You can then Export and Import between accounts.

The last thing to do is hit Submit

Step 4: Exposing your new server publicly

This part may sound scary, but it is required to allow your Bitwarden Clients (Android, iOS, Chrome extension etc) to connect to your server.

We're going to be using nginx.

Setting up nginx

Nginx is a reverse proxy that allows you to point incoming web traffic to your new Bitwardeb server.

Firstly, install nginx if you haven't already

If you have UFW installed, you will have to Allow Nginx through your local firewall.

I have a tutorial for setting up UFW here

As you can see, there are three profiles available for Nginx:

  • Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
  • Nginx HTTP: This profile opens only port 80 (normal, unencrypted web traffic)
  • Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)

It is recommended that you enable the most restrictive profile that will still allow the traffic you’ve configured. Since we will be configuring SSL for our server we will need to allow traffic on port 443.

You can enable this by typing:

Next thing to do is just double check your nginx server is up and running

You should see something that looks like the following

The next part allows us to take incoming traffic and point it to your container instance. Allowing you to expose your Bitwarden server to the internet.

Navigate to /etc/nginx/

Use your favorite text editor and open the following file with sudo Closest slot casino.

I use the following code for my syncing server

Port-forwarding

You will need to port forward your instance to allow public access to your instance. This will involve googling how to port forward from your router.

You'll need to point port 443 to your instance where nginx is set up.

Linking Bitwarden Server with your public domain

You will also need to set up a public domain name. This can then be used to call your new public instance with port 443 exposed.

For example, I would set up a subdomain on bowlerdesign.tech to be vault.bowlerdesign.tech. Notice this is also the domain I specified in my nginx config above.

Here's something to search for with regards to setting up a domain name

Setting up Certbot

Certbot allows us to generate SSL certificates for free with Let's Encrypt. It's simple to install and use. Even hooks in with nginx, meaning that there's no more manual configuration required.

To install Certbot, simply run the following command

Then, to set up your SSL certificate, run

Follow the instructions, select your domain name from the nginx list.
Also, select redirect as this will upgrade any http requests to https.

Step 5: Connecting to your new Bitwarden instance from a client.

I'm going to use the Firefox Bitwarden Plugin for this part of the tutorial. But the process is identical for all Bitwarden clients.

First, if you haven't already, install your chosen Bitwarden client and open it.

In the top left corner, click the cog icon

You'll then get some configuration. Simply add your full url into the Server URL field

Like so, then just hit Save and log in as normal

That's it

Pretty easy right?

Please don't hesitate to get in touch in the comments if you get stuck. I'd be more than happy to help out with any issues you may face.

Also, if this helped, please consider buying me a beer! It helps with server costs and providing these blog posts.

Thanks for reading!

This article is written for those who were searching for a detailed and simple for the understanding guide on how to install Bitwarden on Ubuntu Server.

Bitwarden is a free open-source password manager with the ability to sync your account information across all devices.

Minimum system requirements for the Bitwarden server:

  • Processor: x64, 1.4GHz
  • RAM: 2GB
  • Storage: 10GB
  • Docker: Engine 1.8+ и Compose 1.17.1+

In this guide, we will consider the case when you already have a server with the Ubuntu Server 18.04 LTS operating system installed on it.

You can read more about how to install Ubuntu Server 18.04 LTS in my guide «Installing Ubuntu Server 18.04 LTS».

Also on the server must be installed Docker Engine – Community and Docker Compose.

You can learn how to install Docker Engine – Community on Ubuntu Server by reading «Installing Docker Engine – Community on Ubuntu Server».

In my guide «Installing Docker Compose on Ubuntu Server», you can learn how to install Docker Compose on Ubuntu Server.

In addition, OpenSSH must be installed on the server, and port 22 must be open in order to be able to connect to the server using the SSH protocol.

To install OpenSSH on the server, you can use the command:

sudo apt-get install openssh-server

If you plan to connect to the server using the Windows operating system, you can use PuTTY, a freeware client for various remote access protocols, including SSH, Telnet, rlogin.

This guide covers connecting to a server using the iTerm2 terminal emulator installed on the macOS operating system.

First, you need to request the installation ID and installation key to host Bitwarden on your server. You must use a unique identifier and key for each installation of Bitwarden.

Please note that you will need to open the following TCP ports to access your server:

Bitwarden Serverless

  • 80 – to receive a free cryptographic certificate through the Let’s Encrypt certificate authority.
  • 443 – to access the Bitwarden control panel.

Follow the link https://bitwarden.com/host/, specify the email address in the “Admin Email Address” field and click on the “Submit” button.

Save the received “Installation Id” and “Installation Key”. These values will be required during the installation of Bitwarden.

Connect to the server on which it is planned to install Bitwarden.

Download the Bitwarden installation script using the command:

sudo curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh

Allow the execution of the file “bitwarden.sh” using the command:

sudo chmod +x bitwarden.sh

Now start the installation of Bitwarden with the command:

sudo ./bitwarden.sh install

Now you need to specify the domain name that you plan to use to access the Bitwarden control panel.

Specify the domain name to access Bitwarden and press the “Enter” button.

Serverless

Bitwarden Server Without Docker

This guide discusses how to obtain a free cryptographic certificate through the Let’s Encrypt Certificate Authority.

Press the “y” button, then “Enter”.

Bitwarden Server Github

Orion label maker 3 20. Specify the email address to which Let’s Encrypt will send notifications about the expiration of the certificate, and press the Enter button.

Specify the previously received “Installation Id” and press the “Enter” button.

Specify the previously received “Installation Key” and press the Enter button.

Bitwarden Api

Bitwarden has been successfully installed.

Now run Bitwarden with the command:

sudo ./bitwarden.sh start

Bitwarden launched successfully.

Bitwarden Server

To access the Bitwarden control panel, you must go from workstation to the link https://bitwarden.heyvaldemar.net, where bitwarden.heyvaldemar.net is the name of my server. Accordingly, you need to specify the name or IP address of your server with Bitwarden installed.

Next, you will need to register to start using the Bitwarden control panel.





Bitwarden Server
Back to posts
This post has no comments - be the first one!

UNDER MAINTENANCE