How to deploy the Bitwarden self-hosted server with Docker
Jack Wallen walks you through the process of deploying a Bitwarden vault server with the help of Docker containers.
Bitwarden is one of the best open-source password managers on the market. I might even go so far as to say it’s the best password manager period. One of the many reasons why this is so is because of the tool’s flexibility, and a perfect illustration of that is the ability to deploy your very own Bitwarden server using Docker.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
Why would you want to deploy your own Bitwarden server? You might have incredibly sensitive information that you only entrust to your internal teams. If that’s the case, why worry that data will be stored on a third-party host?
What you’ll need to deploy a Bitwarden server
I’ll be demonstrating on an instance of Ubuntu Server 22.04, but you can deploy the Bitwarden vault server on any platform that supports Docker.
How to install Docker
The first thing we’ll do is install the latest release of Docker. First, add the GPG key with the command:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
Next, add the repository:
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install the necessary dependencies with the command:
sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release -y
Finally, we can install the latest version of the Docker engine:
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
Make sure your user is a member of the docker group with the command:
sudo usermod -aG docker $USER
Log out and log back in for the changes to take effect.
How to deploy the Bitwarden server
Before we install, let’s create a new user with the command:
sudo add user bitwarden
Next, create a new directory with;
sudo mkdir /opt/bitwarden
Set the permissions and ownership of the new directory with:
sudo chmod -R 700 /opt/bitwarden
sudo chown -R bitwarden:bitwarden /opt/bitwarden
Thankfully, the developers of Bitwarden have created a handy installation script, which you can download with the command:
curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh && chmod 700 bitwarden.sh
Once the file has been downloaded, launch it with:
./bitwarden.sh install
Answer the required questions — such as domain and SSL details — and the script will then start pulling down the required Docker images. During the installation, you’ll be asked for your installation ID and key. You can access those keys from the Bitwarden host page, where you’ll be asked to enter an email address.
When that command completes, start the server with:
./bitwarden start
When the start command completes, you should be able to open a browser and point it to https://SERVER, where SERVER is the IP address or domain of the hosting server. You should see the login prompt (Figure A), where you can create a new account.
Figure A
Before you create your account, you’ll need to first configure SMTP.
How to configure SMTP for Bitwarden
Before you attempt to create a new account on the server, you’ll need to configure SMTP settings, otherwise, you cannot confirm your new account. To do this, open the environment variables file with the command:
nano ~/bwdata/env/global.override.env
In that file, look for (and configure) the following lines:
globalSettings__mail__replyToEmail= - the reply-to address
globalSettings__mail__smtp__host= - your SMTP host
globalSettings__mail__smtp__port= - your SMTP port
globalSettings__mail__smtp__ssl= - true is for SSL false is for TLS
globalSettings__mail__smtp__username= - username for the SMTP host
globalSettings__mail__smtp__password= - password for SMTP host
Save and close the file. Once you’ve made changes, issue the command:
./bitwarden.sh rebuild
Once everything has been rebuilt, head back to the login page, create your account and you’re good to go.
Congratulations, you’ve just deployed your very own Bitwarden server. You can now store all that team security information without hosting it on a third-party platform.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.