Are you looking to deploy an in-house password manager server? Jack Wallen shows you how to use Bitwarden and Docker.
Bitwarden is one of my favorite password managers. But if you are very concerned about security and would rather not have your password database saved on a third party server, you may want to consider deploying your own Bitwarden server.
This might sound like a serious challenge, but thanks to Docker, it’s actually quite simple. I’ll show you how to do exactly that.
See: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)
What will you need
The only things you’ll need to make this happen is a server that supports Docker and a user with sudo privileges. I will explain on Ubuntu Server 20.04.
How to install Docker
If you don’t have Docker installed, let’s do it now. We’ll be using Docker Compose, so there’s more to install than usual.
First, install the necessary dependencies with:
sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y
Next, add a Docker GPG key with:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Note: The above method for adding a key has been deprecated but it still works.
Add the correct repository:
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Update and install apt with the following:
sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io docker-compose
How to create a Bitwarden user
To be safe, we will be running all of this with a specific user. First, we’ll create a user directory with:
sudo mkdir /opt/bitwarden
Create the user with:
sudo adduser bitwarden
Give the newly created directory the appropriate permission and ownership with:
sudo chmod -R 700 /opt/bitwarden sudo chown -R bitwarden:bitwarden /opt/bitwarden
Add the bitwarden user to the docker group using:
sudo usermod -aG docker bitwarden
Change to bitwarden user using:
su bitwarden cd
How to download the install script and deploy Bitwarden
Download the easy-to-use installer script with:
curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh && chmod 700 bitwarden.sh
Before we run the installer script, make sure there is no web server already running (because Bitwarden will run on port 80 and not start if that port is already taken). Kill Apache with:
sudo systemctl stop apache2
If this device was based on Red Hat, this command would be:
sudo systemctl stop httpd
If you are using NGINX, turn it off with the command:
sudo systemctl stop nginx
Run the installer with:
You will be asked for the FQDN number. If you don’t plan to access Bitwarden from outside your LAN, you can always use an IP address for that.
This will take some time to check out and populate all containers.
Next, we need to configure the SMTP server that Bitwarden will use. After deployment is complete, open the config file with:
In this file, find and configure the following partitions, using an available SMTP server (I used Google):
globalSettings__mail__smtp__host=REPLACE globalSettings__mail__smtp__port=REPLACE globalSettings__mail__smtp__ssl=REPLACE globalSettings__mail__smtp__username=REPLACE globalSettings__mail__smtp__password=REPLACE adminSettings__admins= ADMIN_EMAIL
Make sure to replace each REPLACE instance with the SMTP server settings and ADMIN_EMAIL with an email address for the admin user. Save and close the file.
Finally, start the Bitwarden server with:
How to access your Bitwarden server
Open a web browser and point it to https://SERVER (where SERVER is the IP address or domain of the machine hosting your Bitwarden server). You should be presented with the Bitwarden web user interface (Figure A).
Click Create Account to create your Bitwarden account. Once it’s created, log in with the credentials and you can start using your Bitwarden server to house your passwords… all of which will stay on your own devices.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube to get the latest tech advice for business professionals from Jack Wallen.