{"id":106034,"date":"2021-10-19T23:58:03","date_gmt":"2021-10-19T20:58:03","guid":{"rendered":"https:\/\/computingforgeeks.com\/?p=106034"},"modified":"2023-09-18T16:15:33","modified_gmt":"2023-09-18T13:15:33","slug":"running-bitwarden-password-manager-using-docker-container","status":"publish","type":"post","link":"https:\/\/computingforgeeks.com\/running-bitwarden-password-manager-using-docker-container\/","title":{"rendered":"Run Bitwarden Password Manager in Docker Container"},"content":{"rendered":"\n<p>Welcome to this amazing guide on how to set up <strong>Bitwarden<\/strong> Self-Hosted Password Manager using Docker Container. By the end of this guide, you should be able to install the latest version of docker and docker-compose, as well as setting up an automatic password saving with Bitwarden.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What is Bitwarden?<\/h3>\n\n\n\n<p>Bitwarden is a free and open-source password manager that stores sensitive information such as websites credentials in an encrypted vault as well as generating strong|unique passwords for browsers or devices. It has two plans i.e  a <strong>free<\/strong> and a <strong>paid<\/strong> version both coming with many amazing features<\/p>\n\n\n\n<p>Features of Bitwarden include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>It is open-source<\/li>\n\n\n\n<li>Bitwarden uses 256-bit AES to secure the user data<\/li>\n\n\n\n<li>Two-factor authentication via applications such as email, Duo e.t.c<\/li>\n\n\n\n<li>Password auditing and breach monitoring.<\/li>\n\n\n\n<li> It supports biometric unlock.<\/li>\n\n\n\n<li>The Bitwarden server is self-hosted on-premises keeping content safe and secure<\/li>\n\n\n\n<li>Cross-platform client applications with desktop applications, web interface, browser extensions, mobile applications as well as CLI.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Getting Started<\/h3>\n\n\n\n<p>Before we begin this guide, ensure that your system is updated and the required packages installed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\"><em>## On RHEL\/CentOS\/RockyLinux 8<\/em><\/span><strong><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\"><em>\n<\/em><\/span><\/strong>sudo yum update\nsudo yum install curl vim\n\n<span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-cyan-blue-color\"><em>## On Debian\/Ubuntu\n<\/em><\/span>sudo apt update &amp;&amp; sudo apt upgrade\nsudo apt install curl vim\n\n<span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-light-green-cyan-color\"><em>## On Fedora\n<\/em><\/span>sudo dnf update\nsudo dnf -y install curl vim<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Step 1 &#8211; Install Docker and Docker-Compose<\/h2>\n\n\n\n<p>In this guide, you need docker and docker-compose installed on your machine. Install the latest version of Docker on your Linux system using the guide on:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/computingforgeeks.com\/solve-error-package-docker-ce-stable-requires-container-selinux\/\" target=\"_blank\" rel=\"noreferrer noopener\">How to Install Docker CE on Linux Systems<\/a><\/li>\n<\/ul>\n\n\n\n<p>Check the installed docker version.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-pink-color\">docker -v<\/span>\nDocker version 24.0.6, build ed223bc<\/code><\/pre>\n\n\n\n<p>Add your user account to Docker group:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo usermod -aG docker $USER\nnewgrp docker<\/code><\/pre>\n\n\n\n<p>With Docker installed successfully, proceed and install the latest version of Docker-Compose using cURL as well.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl -s https:\/\/api.github.com\/repos\/docker\/compose\/releases\/latest | grep browser_download_url  | grep docker-compose-linux-x86_64 | cut -d '\"' -f 4 | wget -qi -<\/code><\/pre>\n\n\n\n<p>Make the downloaded file executable.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>chmod +x docker-compose-linux-x86_64<\/code><\/pre>\n\n\n\n<p>Move the file to your PATH.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo mv docker-compose-linux-x86_64 \/usr\/local\/bin\/docker-compose<\/code><\/pre>\n\n\n\n<p>Now confirm your installation by checking the docker-compose version installed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-pink-color\">docker-compose version<\/span>\nDocker Compose version v2.21.0<\/code><\/pre>\n\n\n\n<p>Start and enable docker.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl start docker &amp;&amp; sudo systemctl enable docker<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Step 2 &#8211;  Provision the Bitwarden Server<\/h2>\n\n\n\n<p>Now we will create a folder for the Bitwarden server. I will name mine <strong>bitwarden<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd ~\nmkdir bitwarden &amp;&amp; cd bitwarden<\/code><\/pre>\n\n\n\n<p>Now in the folder, we will create a <strong><em>docker-compose.yml<\/em><\/strong> file. This file will be used by docker-compose to orchestrate the docker instance.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>touch docker-compose.yml<\/code><\/pre>\n\n\n\n<p>Then open the file for editing using your favorite text editor.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim docker-compose.yml<\/code><\/pre>\n\n\n\n<p>Add the contents below in the file.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># docker-compose.yml\nversion: '3'\n\nservices:\n  bitwarden:\n    image: bitwardenrs\/server\n    restart: always\n    ports:\n      - 8000:80\n    volumes:\n      - <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-purple-color\">.\/bw-data<\/span>:\/data\n    environment:\n      WEBSOCKET_ENABLED: 'true' # Required to use websockets\n      SIGNUPS_ALLOWED: 'true'   # set to false to disable signups<\/code><\/pre>\n\n\n\n<p>In this guide, I will use the <strong>bitwarden_rs Docker image<\/strong> written in Rust, this is faster and more reliable and it is entirely open-source with high usage all over.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Step 3 &#8211; Run Bitwarden Self-Hosted Password Manager using Docker<\/h2>\n\n\n\n<p>Now that everything is provisioned for the Bitwarden Server, we will proceed and run it using the simple code below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker-compose up -d<\/code><\/pre>\n\n\n\n<p>In case the above command fails to start, you might be required to execute it using the root user privileges.<\/p>\n\n\n\n<p>The command above will start pulling the images as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;+] Running 8\/8\n \u283f bitwarden Pulled                                                        6.5s\n   \u283f 33847f680f63 Pull complete                                            1.9s\n   \u283f 64e13e5f1ad2 Pull complete                                            2.7s\n   \u283f 148922a88961 Pull complete                                            2.8s\n   \u283f cc66172bd48b Pull complete                                            3.2s\n   \u283f 2372942a3bb8 Pull complete                                            3.6s\n   \u283f 35b316a20d10 Pull complete                                            3.7s\n   \u283f 6b2893b1d24a Pull complete                                            3.9s\n&#91;+] Running 2\/2\n \u283f Network bitwarden_default        Created                                0.1s\n \u283f Container bitwarden-bitwarden-1  Started                                0.9s                                                                                                                   <\/code><\/pre>\n\n\n\n<p>See the Bitwarden Server instance using the command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker ps<\/code><\/pre>\n\n\n\n<p>Sample Output:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><strong><span class=\"has-inline-color has-luminous-vivid-amber-color\">CONTAINER ID   IMAGE                COMMAND                  CREATED          STATUS                             PORTS                                             NAMES\n<\/span><\/strong>62fbe97d43e5   bitwardenrs\/server   \"\/usr\/bin\/dumb-init \u2026\"   About a minute ago   Up About a minute (healthy)   3012\/tcp, 0.0.0.0:8000-&gt;80\/tcp, :::8000-&gt;80\/tcp   bitwarden-bitwarden-1<\/code><\/pre>\n\n\n\n<p>You can now access the Bitwarden web dashboard on the server&#8217;s IP address and port <strong>8000.<\/strong> But you will not be able to create an account with Bitwarden <strong>unless<\/strong> you have access to the site using <strong>HTTPS<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Step 4 &#8211; Secure Bitwarden with Trusted Certificates.<\/h2>\n\n\n\n<p>Install Nginx webserver for reverse proxy<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><strong><em>##On RHEL\/CentOS\/Rocky Linux 8\n<\/em><\/strong>sudo yum install nginx\n\n<strong><em>##On Debian\/Ubuntu\n<\/em><\/strong>sudo apt install nginx<\/code><\/pre>\n\n\n\n<p>For this instance I am using a Rhel-based system, I will create a conf file at <strong>\/etc\/nginx\/conf.d\/bitwarden.conf<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim \/etc\/nginx\/conf.d\/bitwarden.conf<\/code><\/pre>\n\n\n\n<p>In the file, add the content below for VirtualHost replacing your domain name appropriately<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>    server {\n        listen       80 default_server;\n        listen       &#91;::]:80 default_server;\n        server_name  <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">bitwarden.example.com<\/span>;\n        root         \/usr\/share\/nginx\/html;\n\n        # Load configuration files for the default server block.\n        include \/etc\/nginx\/default.d\/*.conf;\n\n        location \/ {\n\tproxy_pass http:\/\/localhost:8000\/;\n            index  index.html index.htm;\n        }\n\n        error_page 404 \/404.html;\n            location = \/40x.html {\n        }\n\n        error_page 500 502 503 504 \/50x.html;\n            location = \/50x.html {\n        }\n    }<\/code><\/pre>\n\n\n\n<p>Grant Nginx privileges to the created file above.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><strong><em># CentOS \/ RHEL \/ Fedora\n<\/em><\/strong>sudo chown nginx:nginx \/etc\/nginx\/conf.d\/bitwarden.conf\nsudo chmod 755 \/etc\/nginx\/conf.d\/bitwarden.conf\n\n<strong><em># Debian \/ Ubuntu\n<\/em><\/strong>sudo chown www-data:www-data \/etc\/nginx\/conf.d\/bitwarden.conf\nsudo chmod 755 \/etc\/nginx\/conf.d\/bitwarden.conf<\/code><\/pre>\n\n\n\n<p>Start the Nginx web server.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl start nginx\nsudo systemctl enable nginx<\/code><\/pre>\n\n\n\n<p>In case Nginx fails to start, remove the server part in the<strong><em> \/etc\/nginx\/nginx.conf<\/em><\/strong> file.<\/p>\n\n\n\n<p>In this guide, I will demonstrate two ways to install trusted certificates on your Linux system. The main aim of this step is to add <strong>HTTPS<\/strong> access to the BItwarden site.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Using <strong>Let&#8217;s encrypt<\/strong>(Public IPs\/FQDN)<\/li>\n\n\n\n<li>Using a <strong>self-signed Certificate<\/strong>(Private IPs)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4.a &#8211; Using Let\u2019s Encrypt SSL<\/h3>\n\n\n\n<p>Since we need to access the web via HTTPS, we are required to generate SSL certificates. Let&#8217;s Encrypt is used to issue trusted SSL certificates free for any <strong>FQDN<\/strong>. Install Certbot as below:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">##On RHEL 8\/CentOS 8\/Rocky Linux 8\/Fedora\n<\/span>sudo dnf install https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-8.noarch.rpm \nsudo dnf install certbot python3-certbot-nginx\n\n<span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">##On Debian\/Ubuntu\n<\/span>sudo apt install certbot python3-certbot-nginx<\/code><\/pre>\n\n\n\n<p>Install the SSL certificates for your domain name<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo certbot --nginx<\/code><\/pre>\n\n\n\n<p>Proceed as below<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Saving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nEnter email address (used for urgent renewal and security notices)\n (Enter 'c' to cancel): <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">Enter a valid Email address here<\/span>          \n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nPlease read the Terms of Service at\nhttps:\/\/letsencrypt.org\/documents\/LE-SA-v1.2-November-15-2017.pdf. You must\nagree in order to register with the ACME server. Do you agree?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n(Y)es\/(N)o: <strong><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">y<\/span><\/strong>\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nWould you be willing, once your first certificate is successfully issued, to\nshare your email address with the Electronic Frontier Foundation, a founding\npartner of the Let's Encrypt project and the non-profit organization that\ndevelops Certbot? We'd like to send you email about our work encrypting the web,\nEFF news, campaigns, and ways to support digital freedom.\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n(Y)es\/(N)o: <strong><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">y<\/span><\/strong>\nAccount registered.\n\nWhich names would you like to activate HTTPS for?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n1: <strong><span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">bitwarden.example.com<\/span><\/strong>\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nSelect the appropriate numbers separated by commas and\/or spaces, or leave input\nblank to select all options shown (Enter 'c' to cancel): 1\n\nRequesting a certificate for bitwarden.example.com\nPerforming the following challenges:\nhttp-01 challenge for bitwarden.example.com\nWaiting for verification...\nCleaning up challenges\nDeploying Certificate to VirtualHost \/etc\/nginx\/conf.d\/bitwarden.conf\nRedirecting all traffic on port 80 to ssl in \/etc\/nginx\/conf.d\/bitwarden.conf\n\nSuccessfully received certificate.\nCertificate is saved at: a2enmod ssl\n\/etc\/letsencrypt\/live\/bitwarden.example.com\/fullchain.pem\nKey is saved at:         \/etc\/letsencrypt\/live\/bitwarden.example.com\/privkey.pem\nThis certificate expires on 2022-01-09.\nThese files will be updated when the certificate renews.\nCertbot has set up a scheduled task to automatically renew this certificate in the background.\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nIf you like Certbot, please consider supporting our work by:\n * Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate\n * Donating to EFF:                    https:\/\/eff.org\/donate-le\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<\/code><\/pre>\n\n\n\n<p>Now your configuration file at<strong> \/etc\/nginx\/conf.d\/bitwarden.conf <\/strong>will have the SSL certificates as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>...........\n    server {\n        listen       443 ssl http2 default_server;\n        listen       &#91;::]:443 ssl http2 default_server;\n        server_name  _;\n        root         \/usr\/share\/nginx\/html;\n\n        ssl_certificate \"\/etc\/letsencrypt\/live\/<span class=\"has-inline-color has-vivid-purple-color\">bitwarden.example.com<\/span>\/fullchain.pem\";\n        ssl_certificate_key \"\/etc\/letsencrypt\/live\/<span class=\"has-inline-color has-vivid-purple-color\">bitwarden.example.com<\/span>\/privkey.pem\";\n        ssl_session_cache shared:SSL:1m;\n        ssl_session_timeout  10m;\n        ssl_ciphers PROFILE=SYSTEM;\n        ssl_prefer_server_ciphers on;\n\n        # Load configuration files for the default server block.\n        include \/etc\/nginx\/default.d\/*.conf;\n\n        location \/ {\n       proxy_pass http:\/\/localhost:8000\/;\n            index  index.html index.htm;\n       \t}\n\n        error_page 404 \/404.html;\n            location = \/40x.html {\n        }\n\n        error_page 500 502 503 504 \/50x.html;\n            location = \/50x.html {\n        }\n    }<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">4.b &#8211; Using a Self-signed Certificate<\/h3>\n\n\n\n<p>Another alternative for those who do not have a fully qualified domain name is to secure SSL certificates using self-signed certificates. Ensure that <strong>OpenSSL<\/strong> is installed on your system. Then proceed and create this config file for the certificates<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim <meta charset=\"utf-8\">bitwarden_ssl.conf<\/code><\/pre>\n\n\n\n<p>In the file, add the below information.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;req]\ndefault_bits       = 2048\ndefault_keyfile    = <meta charset=\"utf-8\">bitwarden_ssl.key\ndistinguished_name = req_distinguished_name\nreq_extensions     = req_ext\nx509_extensions    = v3_ca\n\n&#91;req_distinguished_name]\ncountryName                 = Country Name (2 letter code)\ncountryName_default         = KE\nstateOrProvinceName         = State or Province Name (full name)\nstateOrProvinceName_default = Nairobi\nlocalityName                = Locality Name (eg, city)\nlocalityName_default        = Nairobi\norganizationName            = Organization Name (eg, company)\norganizationName_default    = Bitwarden\norganizationalUnitName      = organizationalunit\norganizationalUnitName_default = Development\ncommonName                  = Common Name (e.g. server FQDN or YOUR name)\ncommonName_default          = <strong><span class=\"has-inline-color has-luminous-vivid-amber-color\">Your_IP-Address<\/span><\/strong>\ncommonName_max              = 64\n\n&#91;req_ext]\nsubjectAltName = @alt_names\n\n&#91;v3_ca]\nsubjectAltName = @alt_names\n\n&#91;alt_names]\nDNS.1   = localhost\nDNS.2   = <strong><span class=\"has-inline-color has-luminous-vivid-amber-color\">Your_IP-Address<\/span><\/strong><\/code><\/pre>\n\n\n\n<p>Now generate the certificates from the config file as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout bitwarden_ssl.key -out bitwarden_ssl.crt -config bitwarden_ssl.conf<\/code><\/pre>\n\n\n\n<p>Press <strong>enter<\/strong> till the end.<\/p>\n\n\n\n<p>Next copy the generated files to <strong>\/etc\/ssl\/certs<\/strong> directory as shown.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo cp bitwarden_ssl.crt \/etc\/ssl\/certs\/bitwarden_ssl.crt\nsudo mkdir -p \/etc\/ssl\/private\/\nsudo cp bitwarden_ssl.key \/etc\/ssl\/private\/bitwarden_ssl.key<\/code><\/pre>\n\n\n\n<p>With this command, your private key and signed certificate (.crt) will be saved in the <strong><em>\/etc\/ssl\/certs\/<\/em><\/strong> directory. Now copy these certificate paths to your Nginx conf as shown<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo vim  \/etc\/nginx\/conf.d\/bitwarden.conf<\/code><\/pre>\n\n\n\n<p>You will require to add them to Nginx as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>      server {\n        listen       443 ssl http2 default_server;\n        listen       &#91;::]:443 ssl http2 default_server;\n        server_name  <strong><span class=\"has-inline-color has-luminous-vivid-amber-color\">Your IP_Address<\/span><\/strong>;\n        root         \/usr\/share\/nginx\/html;\n\n        ssl_certificate <span class=\"has-inline-color has-luminous-vivid-amber-color\"><strong>\/etc\/ssl\/certs\/<\/strong>bitwarden_ssl<strong>.crt<\/strong><\/span>;\n        ssl_certificate_key <span class=\"has-inline-color has-luminous-vivid-amber-color\"><strong>\/etc\/ssl\/private\/<\/strong>bitwarden_ssl<strong>.key<\/strong><\/span>;\n\tssl_protocols TLSv1.2 TLSv1.1 TLSv1;\n\n        # Load configuration files for the default server block.\n        include \/etc\/nginx\/default.d\/*.conf;\n\n        location \/ {\n       proxy_pass http:\/\/localhost:8000\/;\n            index  index.html index.htm;\n       \t}\n\n        error_page 404 \/404.html;\n            location = \/40x.html {\n        }\n\n        error_page 500 502 503 504 \/50x.html;\n            location = \/50x.html {\n        }\n    }<\/code><\/pre>\n\n\n\n<p>Allow HTTP and HTTPS through the firewall if you are using firewalld.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo firewall-cmd --add-service=http --permanent\nsudo firewall-cmd --add-service=https --permanent\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<p>Reload the Nginx service.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl restart nginx<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Step 5 &#8211; Access the Bitwarden Web Interface<\/h2>\n\n\n\n<p>Now you can access the Bitwarden Web interface using the URL <a href=\"https:\/\/computingforgeeks.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/biwarden.example.com<\/a> or <a href=\"https:\/\/IP_Address\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/IP_Address<\/a> (for those using self-signed certificates)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"550\" height=\"548\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container.png\" alt=\"\" class=\"wp-image-106065\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container.png 550w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-300x300.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-150x150.png 150w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-422x420.png 422w\" sizes=\"auto, (max-width: 550px) 100vw, 550px\" \/><\/figure>\n\n\n\n<p>If you see this page, Bitwarden is running well. The first step is to create an account, do so by clicking on <strong>Create account<\/strong> on the login page displayed. A new window will appear where you are required to fill in the details.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"726\" height=\"662\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-1.png\" alt=\"\" class=\"wp-image-106066\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-1.png 726w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-1-300x274.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-1-696x635.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-1-461x420.png 461w\" sizes=\"auto, (max-width: 726px) 100vw, 726px\" \/><\/figure>\n\n\n\n<p>Fill each field appropriately and remember to use a strong master password. You will then be redirected to the login screen, log in with the set credentials, and access this web vault.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"627\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-1024x627.png\" alt=\"\" class=\"wp-image-106100\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-1024x627.png 1024w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-300x184.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-768x471.png 768w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-696x426.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10-685x420.png 685w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-10.png 1033w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Now your Bitwarden installation is complete successfully!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Step 6 &#8211; Disable Anonymous User Sign Up<\/h2>\n\n\n\n<p>Now that Bitwarden has been installed, we need to make it more secure by disabling user registration. Stop the running Bitwarden instance.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker-compose down<\/code><\/pre>\n\n\n\n<p>Navigate to the file you created the Bitwarden YAML file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd ~\/bitwarden<\/code><\/pre>\n\n\n\n<p>Edit the file and set SIGNUPS_ALLOWED=false as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim docker-compose.yml<\/code><\/pre>\n\n\n\n<p>Edit the file as below:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># docker-compose.yml\nversion: '3'\n\nservices:\n  bitwarden:\n    image: bitwardenrs\/server\n    restart: always\n    ports:\n      - 8000:80\n    volumes:\n      - .\/bw-data:\/data\n    environment:\n      WEBSOCKET_ENABLED: 'true' # Required to use websockets\n      <strong><span class=\"has-inline-color has-luminous-vivid-amber-color\">SIGNUPS_ALLOWED<\/span><\/strong>: '<strong><span class=\"has-inline-color has-vivid-red-color\">false<\/span><\/strong>'   # set to false to disable signups<\/code><\/pre>\n\n\n\n<p>Now start a new Bitwarden instance with <strong><code>SIGNUPS_ALLOWED<\/code><\/strong> set to <code><em>false<\/em><\/code> as below.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker-compose up -d<\/code><\/pre>\n\n\n\n<p>After this, trying to create a new account will result in the below error.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"945\" height=\"665\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1.png\" alt=\"\" class=\"wp-image-106102\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1.png 945w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1-300x211.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1-768x540.png 768w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1-696x490.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1-597x420.png 597w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-11-1-100x70.png 100w\" sizes=\"auto, (max-width: 945px) 100vw, 945px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Step 7 &#8211; Use Bitwarden Self-Hosted Password Manager<\/h2>\n\n\n\n<p>Now access the Bitwarden Web dashboard using the credentials created. There are a couple of activities you can do. Navigate to the tools window, here you can generate unique passwords, import and export data to the vault, check reports for exposed, weak, reused passwords e.t.c<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"666\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12.png\" alt=\"\" class=\"wp-image-106103\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12.png 1024w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12-300x195.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12-768x500.png 768w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12-696x453.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-12-646x420.png 646w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Under the settings tab, you can change credentials for your master account, set the vault timeout, whether to lock or logout as a security enhancement<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"828\" height=\"656\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14.png\" alt=\"\" class=\"wp-image-106104\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14.png 828w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14-300x238.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14-768x608.png 768w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14-696x551.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-14-530x420.png 530w\" sizes=\"auto, (max-width: 828px) 100vw, 828px\" \/><\/figure>\n\n\n\n<p>You can also enable a two-factor authenticator for Bitwarden by navigating to <strong>Two-step Login <\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"898\" height=\"625\" src=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15.png\" alt=\"\" class=\"wp-image-106105\" title=\"\" srcset=\"https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15.png 898w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15-300x209.png 300w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15-768x535.png 768w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15-696x484.png 696w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15-603x420.png 603w, https:\/\/computingforgeeks.com\/wp-content\/uploads\/2021\/10\/Setup-Bitwarden-Self-Hosted-Password-Manager-using-Docker-Container-15-100x70.png 100w\" sizes=\"auto, (max-width: 898px) 100vw, 898px\" \/><\/figure>\n\n\n\n<p>Congratulations! We have successfully walked through how to set up Bitwarden Self-Hosted Password Manager using Docker Container. You can now manage your passwords using Bitwarden.<\/p>\n\n\n\n<p>See more guides on this page:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/computingforgeeks.com\/enable-ssl-encryption-password-authentication-postgresql\/\" target=\"_blank\" rel=\"noreferrer noopener\">Enable SSL Encryption and SCRAM-SHA-256 Password Authentication in PostgreSQL<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/computingforgeeks.com\/install-keeweb-password-manager-ubuntu\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install KeeWeb Password Manager on Ubuntu<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/computingforgeeks.com\/solve-unable-to-load-authentication-plugin-caching_sha2_password\/\" target=\"_blank\" rel=\"noreferrer noopener\">Solve Unable to load authentication plugin \u2018caching_sha2_password\u2019<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/computingforgeeks.com\/configure-user-password-aging-expiry-policy-in-linux\/\" target=\"_blank\" rel=\"noreferrer noopener\">Configure User Password Aging \/ Expiry Policy in Linux<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to this amazing guide on how to set up Bitwarden Self-Hosted Password Manager using Docker Container. By the end of this guide, you should be able to install the latest version of docker and docker-compose, as well as setting up an automatic password saving with Bitwarden. What is Bitwarden? Bitwarden is a free and &#8230; <a title=\"Run Bitwarden Password Manager in Docker Container\" class=\"read-more\" href=\"https:\/\/computingforgeeks.com\/running-bitwarden-password-manager-using-docker-container\/\" aria-label=\"Read more about Run Bitwarden Password Manager in Docker Container\">Read more<\/a><\/p>\n","protected":false},"author":21,"featured_media":106103,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[316,27,299,75],"tags":[36162,36164,36163],"class_list":["post-106034","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-containers","category-docker","category-how-to","category-security","tag-bitwarden","tag-password-manager","tag-setup-bitwarden"],"_links":{"self":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts\/106034","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/comments?post=106034"}],"version-history":[{"count":0,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts\/106034\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/media\/106103"}],"wp:attachment":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/media?parent=106034"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/categories?post=106034"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/tags?post=106034"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}