I’ve been able to host an instance of open source Bitwarden , intended for personal use, on a Raspberry PI home server and would like to share my learnings.

I followed through the excellent guide to deploy a lighter, single image alternative to the official Bitwarden solution. This version, known as the ‘Bitwarden unified’ is more suitable for devices like the Raspberry PI.

I deployed the solution with the following constraints:

No external domain.
No SMTP settings configured (for email)

I won’t be explaining the steps required to have the instance running as these have already been provided in the guide mentioned earlier. I would, instead, be sharing my notes.

These notes assume a familiarity with Linux and Docker

Configuration

The installation requires two key files: a docker-compose.yml that defines the containers, and a settings.env that defines the app’s settings. I’ll like to share my version of both of these files alongside a few pertinent notes.

Docker compose

docker-compose.yml

---
version: "3.3"

services:
  bitwarden:
    depends_on:
      - db
    env_file:
      - settings.env
    image: bitwarden/self-host:beta
    restart: always
    ports:
      - "5000:8080"
      - "5001:8443"
    volumes:
      - /home/bitwarden/etc:/etc/bitwarden

  db:
    environment:
      MARIADB_USER: "bitwarden"
      MARIADB_PASSWORD: "bitwarden"
      MARIADB_DATABASE: "bitwarden_vault"
      MARIADB_RANDOM_ROOT_PASSWORD: "true"
    image: mariadb:10
    restart: always
    volumes:
      - /home/bitwarden/data:/var/lib/mysql

volumes:
  bitwarden:
  data:

Notes

Bitwarden exposes the app on ports 8080 for HTTP and 8443 for HTTPS
Prior to installation, I created a bitwarden user and corresponding directory at /home/bitwarden. The directory was used as a base for the volume mounts for both the database and application

Settings

settings.env

# Server hostname
BW_DOMAIN=192.168.2.41

BW_DB_PROVIDER=mysql
BW_DB_SERVER=db
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=
BW_DB_PASSWORD=

BW_INSTALLATION_ID=
BW_INSTALLATION_KEY=

# Webserver ports
BW_PORT_HTTP=8080
BW_PORT_HTTPS=8443

# SSL
BW_ENABLE_SSL=true


BW_ENABLE_ADMIN=true
BW_ENABLE_API=true
BW_ENABLE_EVENTS=true
BW_ENABLE_ICONS=true
BW_ENABLE_IDENTITY=true
BW_ENABLE_NOTIFICATIONS=true

globalSettings__disableUserRegistration=false
globalSettings_logDirectory=/etc/bitwarden/logs

Notes

I learnt the hard way, that the values in the settings.env file should not be quoted; quoting the values for both the BW_INSTALLATION_ID and BW_INSTALLATION_KEY keys led to the services crashing on start due to faulty Guids.
Bitwarden requires HTTPS to work so the BW_ENABLE_SSL should be set to true.
The admin, api and identity services, enabled by the BW_ENABLE_ADMIN, BW_ENABLE_API and BW_ENABLE_IDENTITY values respectively, need to be enabled.
You can define a custom directory, within the container, to store application logs via the globalSettings_logDirectory value

Configuration#

Docker compose#

Notes#

Settings#

Notes#

Configuration

Docker compose

Notes

Settings

Notes