Deploy a Self-hosted Bitwarden Server on Ubuntu 20.04

Updated on February 2, 2021
Deploy a Self-hosted Bitwarden Server on Ubuntu 20.04 header image

Introduction

This article explains how to deploy a self-hosted Bitwarden server at Vultr. Bitwarden is a popular open-source password manager.

Prerequisites

This guide uses bitw.example.com as an example server name. Substitute your server and domain name.

Bitwarden needs a Hosting Installation Id and Key to install. Please Request your Hosting Installation ID and Key before performing the steps in this guide.

1. Create a Bitwarden User

Create a user to run Bitwarden. Use bash as the default terminal and /opt/bitwarden as the home directory.

$ sudo useradd -s /bin/bash -d /opt/bitwarden bitwarden

Add user bitwarden to group docker so it can access Docker.

$ sudo usermod -aG docker bitwarden

Create a working directory and grant user bitwarden full permission for it.

$ sudo mkdir -p /opt/bitwarden
$ sudo chown bitwarden: /opt/bitwarden
$ sudo chmod 700 /opt/bitwarden

Switch to the new user.

$ sudo su - bitwarden

2. Install Bitwarden Server

Download the official Bitwarden deployment script:

$ wget -O bitwarden.sh https://go.btwrdn.co/bw-sh
$ chmod +x bitwarden.sh

Execute the script.

$ ./bitwarden.sh install
  1. Enter your domain, such as bitw.example.com.
  2. Enter Y to get a free SSL certificate from Let's Encrypt.
  3. Enter an email address to receive Let's Encrypt reminders.
  4. Enter the installation id that you got from Step 1.
  5. Enter the installation key that you got from Step 1
  6. Wait for the installation to finish.

3. Configure the Environment

Run ./bitwarden.sh start to start the Bitwarden Server.

Note: Some Bitwarden features are not configured by the bitwarden.sh installer, and must be configured in the environment file, located at ./bwdata/env/global.override.env. At a minimum, you should configure:

...
globalSettings__mail__smtp__host=<placeholder>
globalSettings__mail__smtp__port=<placeholder>
globalSettings__mail__smtp__ssl=<placeholder>
globalSettings__mail__smtp__username=<placeholder>
globalSettings__mail__smtp__password=<placeholder>
...
adminSettings__admins=

Run the following command to apply your changes:

./bitwarden.sh restart

See the official docs for more configuration information specific to your needs.

4. Create an Account

Visit your domain in a web browser, then click the button Create Account to register an account on your server.

Next Steps

Install Bitwarden Client on your devices. Set the server address to your domain by clicking the Setting button in the login page's upper left corner.

More Resources