Installing Bitwarden RS on Raspberry Pi
Bitwarden is an Open Source password management tool. It can be used to store credentials and to fill out logon forms automatically (via plugins). Available as a commercial service, the open source nature of it makes it possible to run Bitwarden in a self-hosted environment. Docker images are provided by Bitwarden. The official installation is rather complex and will install around 12 containers. The CPU and memory footprint is considerably high, especially when only a few users is going to use the service.
Luckily, there is a lighter version of Bitwarden available: Vaultwarden (formerly known as Bitwarden_RS). The provided Docker image contains all services and consumes less resources. It can run on a Raspberry Pi 2. That’s what I did. I installed Docker on my Raspberry Pi 2 and then installed Vaultwarden.
Installation
To run Vaultwarden on Docker, just start it and provide some startup parameters. Take care of the ports. The example is mapping external port 8888 to Vaultwarden port 80 (web) and web socket port 3012. Provide a data directory for permanent storage.
docker pull vaultwarden/server:latest docker run -d --name bitwarden -v /bw-data/:/data/ -p 8888:80 -p 3012:3012 vaultwarden/server:latest
More secure setup
The above example is going to install and run Vaultwarden in the standard configuration. This is most likely not what you want. You might to disallow signups and invitations.
docker run -d --name bitwarden -e SIGNUPS_ALLOWED=false -e INVITATIONS_ALLOWED=false -v /bw-data/:/data/ -p 8888:80 -p 3012:3012 vaultwarden/server:latest
The be able to access the admin page, you need to activate it and provide an access token.
docker run -d –name bitwarden -e SIGNUPS_ALLOWED=false -e INVITATIONS_ALLOWED=false -e ADMIN_TOKEN= R0aicfhdUpsKuPtE3076bz3QWERTZeFEOnnnO57LGUq62Dazj/123Erf65XIvQR0 -v /bw-data/:/data/ -p 8888:80 -p 3012:3012 vaultwarden/server:latest
A token can be generated by running:
openssl rand -base64 48
Sample output
R0aicfhdUpsKuPtE3076bz3QWERTZeFEOnnnO57LGUq62Dazj/123Erf65XIvQR0
Additional security like 2FA might also be on your security list. Only after securing your server, make it external available.
Validation
Check if Vaultwarden is running.
docker ps -a
Initial login
With Vaultwarden running, the web UI is accessible under the URL http://<docker server>:8888
Create a new user.
2 Comments
Paul · November 21, 2022 at 05:50
Thanks for sharing the installation instructions.
I was looking for RasPI2 bitwardenrs latest docker image and couldn’t find it!
Iwan L · September 6, 2023 at 11:54
FYI: the vaultwarden/server:latest image no longer seems to run on my RPi2 (exit code 139).
After a lot of trial and error, I found out that I simply needed to use the vaultwarden/server:latest-arm32v6 image instead.
See also https://hub.docker.com/r/vaultwarden/server/tags