How to install Vaultwarden with docker compose
On this post we are going to see how to install Vaultwarden on your server.
What is Vaultwarden?
Vaultwaren is a fork in Rust of the Bitwarden password manager, it allow you to access and sync between devices your login and password.
It also manage TOTP like Google Authenticator.
The server is compatible with the offical Bitwarden clients.
Deployment
You need to have docker and docker compose installed on your server, you can see how to do that by following this post:
2nistech
To deploy Vaultwarden, you can use this docker-compose.yaml file
version: '3'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
environment:
- SIGNUPS_ALLOWED=true
- DOMAIN=https://vaultwarden.yourdomain.com
- WEBSOCKET_ENABLED=true
volumes:
- /path/local/datas:/data/
ports:
- 80
- 3012
restart: alwaysAccess the container with HTTPS
You can't create an account or login to Vaultwarden without using HTTPS.
The easier method is to either using reverse proxy like swag and use the pre-set configuration for Vaultwarden (see here), or you can use Cloudflare tunnel if you don't want to open a port and / or expose your public IP.
Once you manage to access your Vaultwarden in HTTPS and create your first account, I recommend you to deactivate the account creation by editing the docker-compose file and modify the line
SIGNUP_ALLOWED=true to SIGNUP_ALLOWED=false an do
docker-compose up -dFinalisation
Activate Two-step login
Once connected, the first thing to do is to activate the Two-step login for your user to enforce the security of your Vaultwarden installation.
Use Bitwarden clients
Now you have a running Vaultwarden server, you can install
- The Bitwarden web extension, to access your vault directly from your browser and auto-fill login password and OTP.
- The mobile app, Bitwarden as an Android and IOS app to access your Vault from your mobile device and can replace the Android or IOS password manager.
- There is also a Desktop client, but I never used it.
sources: