Bitwarden is an awesome open source password manager that I've been using for a while. However I've never been entirely comfortable with storing my password database on someone else's computer, so I decided to look into options for self-hosting it.
Bitwarden: Security. Both LastPass and Bitwarden are very secure password managers — they have a lot of similar security features, including. 256-bit AES encryption — unbreakable encryption which governments and banks use to protect data. Bitwarden is free and open-source software, but unlike community-developed alternatives such as KeePass, it is a commercial venture. The core product is free and will stay free forever, but you can support the developer by paying a very reasonable $10 per year subscription fee for a premium personal account.
At Bitwarden, we share a sense of purpose—helping the global community of online users manage their sensitive information easily and securely. Our open source software is the foundation of who we are as a company, with transparency and collaboration at the forefront of our core values. What is Bitwarden I'm sure many of you here are already aware, but just in case you don't know Bitwarden, it's a set of opensource client applications (browser extensions, mobile apps, web app) and server API that gives you password manager, that supports synchronization between devices, password sharing and other nice features.
Enter bitwarden_rs; an unofficial implementation of the Bitwarden password manager written in rust, and brings a number of advantages to the original project.
- It's much more lightweight.
- It only requires a single Docker container to spin it up.
Prerequisites
Reddit Bitwarden Vs
So without further ado, let's get started. To follow this tutorial, you'll need:
- Our letsencrypt container installed and configured with your hostname and appropriate (sub)domains
- Your own (sub)domain setup correctly and free to dedicate to bitwarden.
Docker configuration
Although I tend to prefer to use containers we've produced ourselves, sometimes you have to admit that the original application author has hit the nail on the head with their own container, and that's the case here. So let's grab it from Docker Hub:
As you can see I've changed port 80 on the container side to be 8343 on the host as Unraid is currently using port 80. You can choose any free port for this tutorial — just remember what it is so you can configure the reverse proxy appropriately.
With that completed, let's move on.
Reverse proxy
Navigate to /config/nginx/site-confs/ on your LinuxServer.io Let's Encrypt container, and create a new server. Call the file bw.
In this file paste the following, making sure you edit it to change the variables $IP and $HOST_PORT_FOR_80 appropriate to your own config. Save and restart the Let's Encrypt container.
Finishing Up
You should find now you can access the Bitwarden web vault at https://bw.server.com
Now you can create a new account, and if you want to migrate from Bitwarden's own hosted system, export your passwords as a .json file and import them to your new self-hosted version.
Setting up Browser Extensions & Mobile Applications
To point the browser extension to your new self hosted Bitwarden instance, you need to log out from your current Bitwarden session and then click the tiny cog in the upper left corner like below:
Reddit Bitwarden Review
Fill out the Server URL box with https://bw.server.com.
Reddit Bitwarden Vs 1password
Robert's your mother's brother. You're done!