By Jesbin
Published 17th May 2022
Bitwarden is an open-source tool that helps you generate, save, and manage your logins safely and securely. You can also share secure information easily with others in your organization. Vaultwarden is an alternativve implementation of Bitwarden server API written in Rust and compatible with upstream Bitwarden clients. This is perfect for self-hosted deployments with limited resources, while the official setup requires separate containers for different services like database. The minimum hardware resources for this project is very low.
Note: This is guide is based on an unofficial image for Bitwarden known as Vaultwarden by Daniel García.
This guide can help you setup your own Vaultwarden server on Northflank.
Create a new service inside your project.
Select service type as
Deployment
.Select deployment source as
External
and image path asvaultwarden/server:latest
.Expose the port 80 to access the web vault.
Port 80 will automatically be detected from the image manifest and will be exposed with the HTTP protocol.
Create a new persistent volume inside the advanced options and set the mount path as
/data/
.
Once the service is ready, you can use the link on the top right corner to access the vault.
Initially you need to create a new account. Once you have done that you can start managing your passwords from the vault.
The official Vaultwarden wiki has many configurations to secure and add features to your installation.
To add environment variables to your server, head to the Environment
tab inside your service dashboard. These are some of the environment variables that you can add to your existing server:
Disable new signups
SIGNUPS_ALLOWED=false
Disable invitations by admins
INVITATIONS_ALLOWED=false
Enable admin page
Generate a token either using openssl rand -base64 48 on your terminal or the Key icon in the Northflank UI, highlighted in red in the screenshot above. If using the “Generate secret values” key icon, a 32 character length token will suffice.
ADMIN_TOKEN=some_random_token_as_per_above_explanation
Enable SMTP
SMTP_HOST=<smtp.domain.tld> SMTP_FROM=<vaultwarden@domain.tld> SMTP_PORT=587 SMTP_SSL=true SMTP_USERNAME=<username> SMTP_PASSWORD=<password>
Verify emails
SIGNUPS_VERIFY=true SIGNUPS_VERIFY_RESEND_TIME=3600 SIGNUPS_VERIFY_RESEND_LIMIT=6
Vaultwarden wiki
Northflank allows you to deploy your code within minutes. Sign up for a Northflank account and create a free project to get started.
- Multiple read and write replicas
- Observe & monitor with real-time metrics & logs
- Low latency and high performance
- Private and optional public load balancing as well as Northflank local proxy
- Dedicated support plans