tips

Self-hosted password manager

It is always a good idea to use different passwords for different services, but it can be quite hard to remember them all.

I’ve recently decided to say goodbye to LastPass and to look for a self-hosted password manager.

After some googling, I found a good fit for my requirements in Bitwarden RS, a lightweight implementation of the Bitwarden server API.

To run it in a docker container on your own infrastructure, you need to pull the image down.

docker pull bitwardenrs/server:latest

To start the container, according to the README, you can do the following:

docker run -d --name bitwarden -v /bw-data/:/data/ -p 80:80 bitwardenrs/server:latest

BUT, I would suggest getting a free Mailgun account for sending password reminders and invites and starting the docker container with some additional environment variables e.g.

docker run -d --name bitwarden \
-e SMTP_HOST=smtp.mailgun.org \
-e SMTP_FROM=[email protected] \
-e SMTP_PORT=587 \
-e SMTP_SSL=true \
-e SMTP_USERNAME=[email protected] \
-e SMTP_PASSWORD=********* \
-v /bw-data/:/data/ \
-p 8000:80 \
bitwardenrs/server:latest

Note: If you already started the container, you can docker stop bitwarden, docker rm bitwarden and rerun with new environment variables. Your data is kept in a mounted volume under /bw-data, so it won’t disappear.

If you have a free Cloudflare account and reverse proxy set up, you can set up your own domain and SSL quite easily at the CDN level.

Either way, remember to add another environment variable for your URL, or the links in the emails will point to localhost e.g. -e DOMAIN=https://vault.mydomain.name