Need a quote? A specific configuration, a project? Contact us on 02 51 99 13 03 .
Tutoriel

BITWARDEN DOCKER installation tutorial

Tuto installation BITWARDEN DOCKER

Equipe Sparwan |

A password manager? To do what ?

The CNIL has just published a new recommendation for mastering cybersecurity. Multi-factor authentication is recommended by the commission.

 

https://www.cnil.fr/fr/mots-de-passe-une-nouvelle-recommandation-pour-maitriser-sa-securite

 

Before dealing with this practice in a future article, it is necessary to review the basics of good password management.

 

Indeed, the security of your passwords is very important and it is common for most people to reuse the same one for several applications. This represents a security vulnerability.

 

However, how do you find secure passwords each time you create an account on this or that website?

 

And above all, how to save passwords for different sites and make them accessible and synchronized on all your devices?

 

The best solution is a password manager.

 

At Sparwan, our teams use Bitwarden, which has the advantage of being deployable on a private server and which is a free solution. We also recommend this solution to our customers.

 

Bitwarden installs and configures quickly with Docker and Docker Compose.

 

If you have already browsed the Newsletters section of our Shop, you know that we have already published a tutorial for installing Docker.

 

PUvr4NSoD1rEUOoBv2dAuhIB9el_F0Q5gsKuN90m_p8henMAE9Q_SpWdKEbkIOjaZdg8LbiuYV243JOpY84Iu5tAjgmX8MjPwntZ6UegXgme4crunTgGAzow5ZYhNFjJMq31lGxZcoJlkYgGoNg_psriib 9Z3gxx6LZuHoP1n27RtQRcpj-fQLLLRw

 

In this new tutorial, we will describe the steps to follow to install Bitwarden on a Docker server.

 

If you do not have a Docker server, please follow this tutorial so that you can install Bitwarden.

 

Installation steps

 

Below are the system specifications:

Minimum

Recommended

Processor

x64, 1.4GHz

x64, dual-core 2GHz

Memory

2 GB of RAM

4 GB of RAM

Storage

12 GB

25 GB

Docker version

Engine 19+ and composition 1.24+

Engine 19+ and composition 1.24+



Configure your domain

 

Set DNS records for a domain name pointing to your machine and open ports 80 and 443 on the machine.

You can follow the following documentation (in English):

 

https://bitwarden.com/help/install-on-premise-linux/#configure-your-domain

zk9AvnQ8nzligndOjP7dCv4ti7atZ7kJBl5ZmRazmBAYaXX1DX_zkdzOqqGvfdoIgO7YuTPTPPQfRbcWi23NzjVhXlaHjKKljcpdqu6bkm0nOykEfaqwISiWxk94NIK5eMTGr-uw_DBJ9m2oRSI vOwkD1XB2wf7fO_5AsikQzb0fDyXAwac3KWNP4Q

Install Docker and Docker Compose on your machine

 

As specified in the introduction to this article, you can refer to the following tutorial on our shop: https://sparwan.com/article%20/tutoriel-d-installation-de-docker-b25.html

Create a Bitwarden user and directory from which to complete the installation

We recommend setting up your Linux server with a dedicated Bitwarden account.

This will isolate your Bitwarden instance from other applications running on your server.

These steps are best practices recommended by Bitwarden, but are not required.



Create a bitwarden user:
 sudo adduser bitwarden

Set password for user bitwarden (strong password):
 sudo passwd bitwarden

Create a docker group (if it doesn't already exist):
 sudo groupadd docker

Add the bitwarden user to the docker group:
 sudo usermod -aG docker bitwarden

Create a bitwarden directory:
sudo mkdir /opt/bitwarden

Set permissions for the /opt/bitwarden directory:
 sudo chmod -R 700 /opt/bitwarden

Make the user bitwarden the owner of the directory:
 sudo chown -R bitwarden:bitwarden /opt/bitwarden

Obtain an installation ID and key from https://bitwarden.com/host to use during installation.

xh9SxinvWuja_c8RzdHhd39H476wWIP5cNJ0uOduD_usrswFaVWtcB5pqGh_nViWWbHd1ZFwCYLsUulSs3g-6cKOaXKkKctkEyzUA-WP9VTa7JDqZH8ppU0KZuLHW67knsiWDnDPKIz1LMO JzcwFNQIhLV-uVjSkwmwcSz9nvIPxsLQxWewhaup8aA

Install Bitwarden on your machine

Bitwarden provides a shell script for easy installation on Linux and macOS (Bash) or Windows (PowerShell). Complete the following steps to install Bitwarden using shell script:

If you created a Bitwarden user and directory , follow these steps as the Bitwarden user in the /opt/bitwarden directory .

  1. Download the Bitwarden installation script (bitwarden.sh) to your computer:
     curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh && chmod 700 bitwarden.sh

  2. Run the installation script.

A ./bwdata directory will be created relative to the location of bitwarden.sh .
 ./bitwarden.sh install

b6U6KdwpJvPW1BRUICG2yb-Q0yTUI9HJQDisCjRshR0g_gMmKHfgXMOs4XJJLOoy9Pq003QnZgf5E2WtDniU9djXwVy9nMnRVgIDdnnVIhWE1C_dRXmhnSPIO4F3I6bFLQqqffgYWhnzBQw3 _vqi2eoXwZ8Af7xI8b0qyPN5Zl8UW2vpAkGFaOFOgA

  1. Complete the installer prompts:

  • Enter the domain name of your Bitwarden instance:
     Typically, this value should be the configured DNS record.

  • Do you want to use Let's Encrypt to generate a free SSL certificate? (we) :
     Specify y to generate a trusted SSL certificate using Let's Encrypt. You will be prompted to enter an email address for Let's Encrypt expiration reminders.

  • Enter your installation ID:
    Retrieve an installation ID using a valid email on https://bitwarden.com/host .

  • Enter your installation key:
     Retrieve an installation key using a valid email from https://bitwarden.com/host .

  • Do you have an SSL certificate to use? (we) :
    If you already have your own SSL certificate, specify y and place the necessary files in the ./bwdata/ssl/your.domain directory . You will be asked if it is a trusted SSL certificate (y/n). 

  • Do you want to generate a self-signed SSL certificate? (we) :
    Specify y so that Bitwarden generates a self-signed certificate for you. This option is only recommended for testing. If you specify n , your instance will not use an SSL certificate and you will need to use your installation with an HTTPS proxy, otherwise Bitwarden applications will not work properly.

  1. Configure your environment 

Some Bitwarden features are not configured by the bitwarden.sh script . Configure these settings by editing the environment file, located in ./bwdata/env/global.override.env . At a minimum, you should replace the values ​​for:

5rPfD-4LwJVUH3GVXJpfWO9YBrqFIhTeCdzbraBTRPISd_e1J-MiDu-26nVedih0X6e1p2Jmyaf eXimnUJISDsCTqQ9C8PlBZADnuXkbCUJAu15aZPvvsGAtHjsHFZUO5x7a2_3oybfKgiBgoBneki OsROkCwyESzPTj4otzYwtyMsD6mhb-Xbgvaw

Replace globalSettings__mail__smtp...= placeholders to connect to the SMTP mail server which will be used to send verification emails to new users and invitations to organizations. Adding an email address to adminSettings__admins= will provide access to the admin portal.

After modifying global.override.env , run the following command to apply your changes:

./bitwarden.sh restart

The Bitwarden installation script uses the settings in ./bwdata/config.yml to generate the assets needed for installation. Some installation scenarios (such as installations behind a proxy with alternate ports) may require adjustments config.yml that was not provided during the standard installation.

Edit config.yml if necessary and apply your changes by running

./bitwarden.sh rebuild

  1. Start your instance

Once you have completed all the previous steps, start your Bitwarden instance:

./bitwarden.sh start

 

Noticed:

The first time you start Bitwarden, it may take a while because it downloads all the images from Docker Hub.

Verify that all containers are working properly:

docker ps

 

<p dir="ltr" style="line-height:1.7999999999999998;margin-left:36p

Back to top