Vaultwarden

Vaultwarden

Password Manager


Homelab
vaultwarden containers homelab

A while back a coworker told me about Bitwarden and Vaultwarden. My dad set up his own Bitwarden instance, which inspired to host my own too. I decided to host my own instance of Vaultwarden, and added it to my existing podman instance.

Here’s the code I used:

  • version: "3"
    services:
      vaultwarden:
        image: vaultwarden/server:latest
        container_name: vaultwarden
        restart: unless-stopped
        ports:
         - 9445:80 #map any custom port to use (replace 8445 not 80)
        volumes:
         - ./bitwarden:/data:rw
        environment:
    #     - ROCKET_TLS={certs="/ssl/certs/certs.pem",key="/ssl/private/key.pem"}  // Environment variable is specific to the Rocket web server
    #     - ADMIN_TOKEN=${ADMIN_TOKEN}
         - WEBSOCKET_ENABLED=true
         - SIGNUPS_ALLOWED=false
         - SMTP_HOST=${SMTP_HOST}
         - SMTP_FROM=${SMTP_FROM}
         - SMTP_PORT=${SMTP_PORT}
         - SMTP_SSL=${SMTP_SSL}
         - SMTP_USERNAME=${SMTP_USERNAME}
         - SMTP_PASSWORD=${SMTP_PASSWORD}
         - DOMAIN=${DOMAIN}

For ADMIN_TOKEN, you can generate the value using openssl rand -base64 48. I stored all these variables in a .env file. I followed the guide here (make sure to disable the admin page after you’ve set up the admin account).

Vaultwarden syncs between devices, each containing a local copy in the event that the server goes down.
I highly recommend the following browser extension settings:

  • Show auto-fill menu on form fields: When auto-fill icon is selected
  • Make Bitwarden your default password manager
  • Auto-fill on page load
  • Default URI match detection: Host

I also removed the passwords out of my browser to prevent conflicts with the extension.

Have a wonderful rest of your day, and as always, cheers!

© 2024 Cameron Krischel