I’m hosting my own instance of bitwarden_rs since many month now. With the recent anouncement by lastpass to drastically limit its free offer, many people are considering moving to Bitwarden.
Besides the offical Bitwarden Server, there’s also the Bitwarden server API implementation written in Rust that’s named bitwarden_rs. It’s light-weight, open-source and can thus be self-hosted. As it implements the official API, bitwarden_rs server is fully compatible with the official clients (Linux, Android).
While it’s providing most of the features of the official server, some are missing (yet). From the missing ones, the only I’d really use is emergency access that allows a third party to access the vault in case I’ve lost access to it (in a safe way of course).
Install and run
Installing an running the server is as easy as :
Permanent data storage is located at <path/to/mountpoint>, don’t forget to backup this path ! Most of the data is located inside a SQLite database, in theory there’s no need to shutdown the container to back it up (unless there’s a write access to the database exactly at this moment). For the paranoid, a backup of the DB can be performed by running
sqlite3 db.sqlite3 ".backup 'db_20210104.sqlite3'" in the mountpoint directory (i.e. outside of the container)
The admin token is the “password” for the admin page.
The web interface is then accessible over HTTP on port 8090
Serving through nginx
HTTPS access is handled on nginx level which acts as a reverse proxy. More examples, also for other frontends like apache, caddy or traeffik is available in the bitwarden_rs wiki
Relevant configuration snippet is :
Accessing from command line (npm client)
More details can be found in the bitwarden_rs wiki