While I have been quite satisfied using a self-hosted official Bitwarden server,
the large amount of containers and high resource usage has always seemed over the top for a “simple password vault”.
Now, I ran into
Bitwarden RS Vaultwarden, which is a server-api compatible server
written in Rust as a single docker image having a lower resource demand.
Vaultwarden looked promising, so I decided to try it out to compare against the official server. The Using Docker Compose wiki page was of great help to set it up.
I’m already using Caddy Server as my main webserver and reverse proxy and set it up to serve Vaultwarden. So I just have to run the Vaultwarden image:
version: '3' services: bitwarden: image: vaultwarden/server restart: always volumes: - /data/vaultwarden:/data environment: - WEBSOCKET_ENABLED=true - SIGNUPS_ALLOWED=false - ADMIN_TOKEN=<admin-token> ports: - 82:80 - 3012:3012
Vaultwarden will be accessible from the
internet intranet (the app caches the data, so there is no need
to allow access from the internet; better safe than sorry!), so we can use the
on our phones, but I don’t want to allow people other than within my family to sign up for use of it. So I blocked it by setting
All in all, moving over from the official server to Vaultwarden was done in a breeze and works just fine with the official Bitwarden app.
By the way, Vaultwarden allows setting up an organization which allows to share passwords between users. For the official server, this is a premium feature!
September 23, 2020