Copyright infringement

How to deploy a Bitwarden server with Docker

Are you looking to deploy an in-house password manager server? Jack Wallen shows you how to use Bitwarden and Docker.

security.jpg

Photo: BeeBright / Shutterstock

Bitwarden is one of my favorite password managers. But if you are very concerned about security and would rather not have your password database saved on a third party server, you may want to consider deploying your own Bitwarden server.

This might sound like a serious challenge, but thanks to Docker, it’s actually quite simple. I’ll show you how to do exactly that.

See: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)

What will you need

The only things you’ll need to make this happen is a server that supports Docker and a user with sudo privileges. I will explain on Ubuntu Server 20.04.

ready? OK.

How to install Docker

If you don’t have Docker installed, let’s do it now. We’ll be using Docker Compose, so there’s more to install than usual.

First, install the necessary dependencies with:

sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y

Next, add a Docker GPG key with:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Note: The above method for adding a key has been deprecated but it still works.

Add the correct repository:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Update and install apt with the following:

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose

How to create a Bitwarden user

To be safe, we will be running all of this with a specific user. First, we’ll create a user directory with:

sudo mkdir /opt/bitwarden

Create the user with:

sudo adduser bitwarden

Give the newly created directory the appropriate permission and ownership with:

sudo chmod -R 700 /opt/bitwarden
sudo chown -R bitwarden:bitwarden /opt/bitwarden

Add the bitwarden user to the docker group using:

sudo usermod -aG docker bitwarden

Change to bitwarden user using:

su bitwarden
cd

How to download the install script and deploy Bitwarden

Download the easy-to-use installer script with:

curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh && chmod 700 bitwarden.sh

Before we run the installer script, make sure there is no web server already running (because Bitwarden will run on port 80 and not start if that port is already taken). Kill Apache with:

sudo systemctl stop apache2

If this device was based on Red Hat, this command would be:

sudo systemctl stop httpd

If you are using NGINX, turn it off with the command:

sudo systemctl stop nginx

Run the installer with:

./bitwarden.sh install

You will be asked for the FQDN number. If you don’t plan to access Bitwarden from outside your LAN, you can always use an IP address for that.

This will take some time to check out and populate all containers.

Next, we need to configure the SMTP server that Bitwarden will use. After deployment is complete, open the config file with:

nano ~/bwdata/env/global.override.env

In this file, find and configure the following partitions, using an available SMTP server (I used Google):

globalSettings__mail__smtp__host=REPLACE
globalSettings__mail__smtp__port=REPLACE
globalSettings__mail__smtp__ssl=REPLACE
globalSettings__mail__smtp__username=REPLACE
globalSettings__mail__smtp__password=REPLACE
adminSettings__admins= ADMIN_EMAIL

Make sure to replace each REPLACE instance with the SMTP server settings and ADMIN_EMAIL with an email address for the admin user. Save and close the file.

Finally, start the Bitwarden server with:

./bitwarden.sh start

How to access your Bitwarden server

Open a web browser and point it to https://SERVER (where SERVER is the IP address or domain of the machine hosting your Bitwarden server). You should be presented with the Bitwarden web user interface (Figure A).

Figure A

bitwardenservera.jpg

Bitwarden’s web user interface is an easy-to-use password manager.

Click Create Account to create your Bitwarden account. Once it’s created, log in with the credentials and you can start using your Bitwarden server to house your passwords… all of which will stay on your own devices.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube to get the latest tech advice for business professionals from Jack Wallen.

see also