What is Vaultwarden?
Vaultwaren is a fork in Rust of the Bitwarden password manager, it allow you to access and sync between devices your login and password.
It also manage TOTP like Google Authenticator.
The server is compatible with the offical Bitwarden clients.
You need to have docker and docker compose installed on your server, you can see how to do that by following this post:
To deploy Vaultwarden, you can use this
version: '3' services: vaultwarden: image: vaultwarden/server:latest container_name: vaultwarden environment: - SIGNUPS_ALLOWED=true - DOMAIN=https://vaultwarden.yourdomain.com - WEBSOCKET_ENABLED=true volumes: - /path/local/datas:/data/ ports: - 80 - 3012 restart: always
Access the container with HTTPS
You can't create an account or login to Vaultwarden without using HTTPS.
The easier method is to either using reverse proxy like swag and use the pre-set configuration for Vaultwarden (see here), or you can use Cloudflare tunnel if you don't want to open a port and / or expose your public IP.
Once you manage to access your Vaultwarden in HTTPS and create your first account, I recommend you to deactivate the account creation by editing the docker-compose file and modify the line
SIGNUP_ALLOWED=false an do
docker-compose up -d
Activate Two-step login
Once connected, the first thing to do is to activate the Two-step login for your user to enforce the security of your Vaultwarden installation.
Use Bitwarden clients
Now you have a running Vaultwarden server, you can install
- The Bitwarden web extension, to access your vault directly from your browser and auto-fill login password and OTP.
- The mobile app, Bitwarden as an Android and IOS app to access your Vault from your mobile device and can replace the Android or IOS password manager.
- There is also a Desktop client, but I never used it.