Bitwarden is one of the best password managers on the market. He just doesn’t Features include Which makes it ideal at home with teams and organizations, but you can also deploy your own tool instance, so you don’t have to worry about your company’s most sensitive data being synced, shared, or saved on a third party server. This is a great option for companies that work with very sensitive account details, notes, and identities.
Thank you dockerThe process of deploying Bitwarden in-house is actually very easy. I will walk you through the steps, so that you can use this password manager service within your LAN. You can deploy it on a single machine in your data center or even a virtual machine hosted on an external cloud service.
What will you need
Here’s what you’ll need to make this work:
- A running instance of a Docker-enabled operating system (I’ll demonstrate this on Ubuntu Server 22.04).
- A user with sudo privileges.
- SMTP server (I will explain the use of the Gmail SMTP service).
That’s it. Let’s get to work.
How to install Docker CE
If you haven’t installed Docker, here are the steps to do so.
First, add the official Docker GPG key with the command:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg & amp; & amp; | sudo gpg –dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
roll –FSL https:https://download.docker.com/linux/ubuntu/gpg & amp; & amp; | sudo gpg –my dear –a /usr/Involved/keychains/docker–Archives–key ring.gpg |
Next, add the Docker repository:
Echo “Deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg]& Ampere ; & Ampere ; https://download.docker.com/linux/ubuntu $(lsb_release -cs)stable” | & & amp; sudo tee /etc/apt/sources.list.d/docker.list > /dev/ null
sound echo “Deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg]& Ampere ; & Ampere ; https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable” | & Ampere ;& Ampere ; sudo tee /etc./suitable/sources.existing.Dr/docker.existing > /Dave/void |
Before you can install Docker, you have to install some dependencies with the command:
sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release -y
sudo suitable–Gets install suitable–transmit–https California–Testimonials roll gnupg lsb–launch –y |
proper update with:
Finally, we can install the latest version of the Docker CE runtime engine:
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
sudo suitable–Gets install docker–M docker–M–cli containers.io –y |
Add your user to the docker group with:
sudo usermod -aG docker $USER
sudo usermod –AG docker $user |
Sign out and sign back in for the changes to take effect.
Deploy Bitwarden with Docker
We are now ready to deploy Bitwarden. First, download the helpful script the company created for this process with the command:
curl -Lso bitwarden.sh “https://func.bitwarden.com/api/dl/?app=self-host&platform=linux” & & amp; chmod 700 bitwarden.sh
roll –Lso petwarden.u “https://func.bitwarden.com/api/dl/?app=self-host&platform=linux” & Ampere ;& Ampere ; chmod 700 petwarden.u |
Once downloaded, run the install command with:
During installation, you will be asked the following questions:
- Enter the domain name of your Bitwarden instance – if you don’t have a domain, you can use your hosting server’s IP address.
- Want to use Let’s Encrypt to generate a free SSL certificate? (y / n) – if you do not have a domain associated with this server, you must specify n.
- Enter your installation ID – this can be accessed by visiting https://bitwarden.com/host
- Enter the installation key – this key will be presented on the same page as the installation ID.
- Do you have an SSL certificate to use? (y / n) – If you have an SSL certificate, write y, otherwise write n.
- Do you want to generate a self-signed SSL certificate? (y/n) – If you don’t have an SSL certificate, answer yes.
It is crucial that you use an SSL certificate, otherwise you will not be able to create an account or use a number of Bitwarden’s features.
Once the installation is complete, you will need to configure the environment variables for the SMTP server. If you are using Gmail SMTP servers and 2FA is enabled for your account, you will need to create an app password, which can be done here.
SMTP server configuration
To configure the SMTP server, open the global env file with the command:
nano ~/bwdata/env/global.override.env
nano ~/bwdata/envy/worldwide.transcend.envy |
In this file, find the following lines:
globalSettings__mail__replyToEmail = REPLACE globalSettings__mail__smtp__host = REPLACE globalSettings__mail__smtp__port = 587 globalSettings__mail__smtp__ssl = false globalSettings__mail__smtp__username = REPLACE globalSettings__mail__smtp__password = REPLACE globalSettings__mail__smtp__password = REPLACE
globalSettings__mail__replyToEmail=replace globalSettings__mail__smtp__host=replace globalSettings__mail__smtp__port=587 globalSettings__mail__smtp__ssl=bloomer globalSettings__mail__smtp__ username=replace globalSettings__mail__smtp__ password=replace |
If you are using Gmail SMTP servers, change everything marked REPLACE to:
- Replace replyTo_email with your email address.
- Replace smtp__host with smtp.gmail.com.
- Replace smtp__username with your Gmail address.
- Replace smtp__password with the application password you created.
If you are using a different SMTP server, make sure to configure it as necessary.
Save and close the file.
Restart the Bitwarden instance with:
Once the Bitwarden service has restarted, open a web browser and point it to https://SERVER (where SERVER is the IP address or domain of your hosting server). You will be greeted by the Bitwarden login screen (Fig. 1).
Click Create Account, and in the resulting window (Fig. 2), fill in the information needed for the new account and click Create Account.
You will then be taken back to the login screen, where you can log in with your new account. In the resulting window (Fig. 3), click Send Email in the Email Verification box. An email will be sent where you can then verify the new account.
And that’s all it takes to deploy a local instance of the Bitwarden password manager server. Enjoy that extra level of privacy for your most important secrets.