Bitwarden is a popular password manager that can be used to store and manage passwords securely. It is available as a hosted service, but it can also be self-hosted on a VPS. Self-hosting Bitwarden gives you more control over your data and can be more cost-effective in the long run.
Requirements
To self-host Bitwarden, you will need the following:
- A Linux operating system-based server.
- Root access to the server.
- A subdomain connected to the server.
Installing Bitwarden Server (Standalone)
The standalone version of Bitwarden is the easiest to install. It is a single Docker container that can be installed and run on any Linux system.
Step 1: Install Docker and cURL
Before you can install Bitwarden, you need to install Docker and cURL. You can do this with the following command:
apt install docker.io docker-compose curl -y
Step 2: Download the Installation Script
Next, you need to download the Bitwarden installation script. You can do this with the following command:
curl -s -o bitwarden.sh \
https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh \
&& chmod +x bitwarden.sh
Step 3: Run the Installation Script
Once you have downloaded the installation script, you can run it with the following command:
./bitwarden.sh install
Step 3A: Install SSL Certificate (optional)
It is recommended to install an SSL certificate for your Bitwarden instance. This will encrypt all traffic between your browser and your Bitwarden server. You can install an SSL certificate with the following command:
./bitwarden.sh install-cert
Step 3B: Getting an Installation ID and Key
Enter the email address that you’d like to be admin to get your ID and Key. You’ll then enter your Installation ID and Installation Key into the console.
The console will prompt you for your ID first:
Step 4: Create an Account
Once the installation script has finished running, you can create an account on your Bitwarden instance. You can do this by going to your subdomain in your browser and creating an account.
Installing Vaultwarden Server (Bitwarden)
Vaultwarden is an unofficial Bitwarden-compatible server that can be used to self-host Bitwarden. It is written in Rust and is more lightweight than the standalone version of Bitwarden.
Step 1: Install Docker and Other Needed Programs
Before you can install Vaultwarden, you need to install Docker and other necessary programs. You can do this with the following command:
apt install apache2 docker.io docker-compose curl git wget sudo certbot python3-certbot-apache -y
Step 2: Create a Virtual Host
To tell the web server which port Vaultwarden is running on, you first need to insert a Virtual Host. You can create this with the following command:
nano /etc/apache2/sites-available/bitwarden.conf
And paste in the following content:
<VirtualHost *:80>
ServerName <Your(Sub)Domain>
ProxyPreserveHost On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://localhost:8081/
ProxyPassReverse / http://localhost:8081/
</VirtualHost>
Step 3: Activate the Required Modules
Enable required modules with this command (the server needs these modules to work properly):
a2enmod ssl proxy proxy_http proxy_balancer lbmethod_byrequest
You’ll need to restart the server afterward in order for the changes to take effect. Use this command to restart your server:
systemctl restart apache2
Step 4: Install SSL certificate
Unlike the first variant, you’ll need to manually install the SSL certificate.
Fortunately, it’s a simple step. All you need to start the certification process is enter in this command:
certbot --apache
The rest of the SSL certification process is straightforward, so we won’t go into details here.
Step 5 (Last Step): Download and Run Vaultwarden
After all the preparations are complete, you can download the Vaultwarden image with this command:
docker pull vaultwarden/server:latest
And then start the container with this command:
docker run -d --name vaultwarden -v /vw-data/:/data/ -p 8081:80 vaultwarden/server:latest
Now, go to your (sub)domain in the browser and create an account there.
Once you’ve created an account, your Vaultwarden (or Bitwarden instance) install is complete and ready to use. Thanks for following with us on this tutorial!
Conclusion
Self-hosting Bitwarden is a great way to take control of your password management. It is easy to do and can be done on any Linux VPS. With the help of this tutorial, you can have your own Bitwarden instance up and running in no time.
Additional Notes
-
If you are running Bitwarden on a low-powered VPS, you may want to consider using the Vaultwarden version instead of the standalone version. Vaultwarden is more lightweight and will use less resources.
-
You can also use a reverse proxy like Nginx or Apache to proxy requests to your Bitwarden instance. This can add an extra layer of security and make it easier to manage multiple Bitwarden instances.
-
If you are using a VPS with a firewall, you will need to open port 8081 for your Bitwarden instance.