← Back to Guides
Profile image for Jesbin

By Jesbin

Published 17th May 2022

Deploy Bitwarden on Northflank

Bitwarden is an open-source tool that helps you generate, save, and manage your logins safely and securely. You can also share secure information easily with others in your organization. Vaultwarden is an alternativve implementation of Bitwarden server API written in Rust and compatible with upstream Bitwarden clients. This is perfect for self-hosted deployments with limited resources, while the official setup requires separate containers for different services like database. The minimum hardware resources for this project is very low.

Note: This is guide is based on an unofficial image for Bitwarden known as Vaultwarden by Daniel García.

This guide can help you setup your own Vaultwarden server on Northflank.

  1. Create a new service inside your project.

    1. Select service type as Deployment.

    2. Select deployment source as External and image path as vaultwarden/server:latest.

    3. Expose the port 80 to access the web vault.

      • Port 80 will automatically be detected from the image manifest and will be exposed with the HTTP protocol.

    4. Create a new persistent volume inside the advanced options and set the mount path as /data/.

      Deploy Bitwarden on Northflank, service creation

  2. Once the service is ready, you can use the link on the top right corner to access the vault.

    Login to Bitwarden after deploying on Northflank

  3. Initially you need to create a new account. Once you have done that you can start managing your passwords from the vault.

Additional configurations

The official Vaultwarden wiki has many configurations to secure and add features to your installation.

To add environment variables to your server, head to the Environment tab inside your service dashboard. These are some of the environment variables that you can add to your existing server:

BitWarden additional environment variables

  1. Disable new signups

    SIGNUPS_ALLOWED=false
  2. Disable invitations by admins

    INVITATIONS_ALLOWED=false
  3. Enable admin page

    • Generate a token either using openssl rand -base64 48 on your terminal or the Key icon in the Northflank UI, highlighted in red in the screenshot above. If using the “Generate secret values” key icon, a 32 character length token will suffice.

    ADMIN_TOKEN=some_random_token_as_per_above_explanation
  4. Enable SMTP

    SMTP_HOST=<smtp.domain.tld> 
    SMTP_FROM=<vaultwarden@domain.tld> 
    SMTP_PORT=587 
    SMTP_SSL=true 
    SMTP_USERNAME=<username> 
    SMTP_PASSWORD=<password>
  5. Verify emails

    SIGNUPS_VERIFY=true
    SIGNUPS_VERIFY_RESEND_TIME=3600
    SIGNUPS_VERIFY_RESEND_LIMIT=6

Reference

Vaultwarden GitHub
Vaultwarden wiki

How to deploy Bitwarden on Northflank using the official Docker image

Northflank allows you to deploy your code within minutes. Sign up for a Northflank account and create a free project to get started.

  • Multiple read and write replicas
  • Observe & monitor with real-time metrics & logs
  • Low latency and high performance
  • Private and optional public load balancing as well as Northflank local proxy
  • Dedicated support plans

Share this article with your network