DEV Community

Cover image for Deploying Bitwarden Password Management Vault on Ubuntu 24.04
Vultr profile image Sanskriti Harmukh
Sanskriti Harmukh for Vultr

Posted on with Aashish Chaurasiya • Originally published at docs.vultr.com

Deploying Bitwarden Password Management Vault on Ubuntu 24.04

#docker #security #selfhosted #devops

Bitwarden is an open-source, end-to-end encrypted password manager. The official self-hosted server runs as a stack of Docker containers and ships with an interactive installer that wires up TLS and the database. This guide installs the official Bitwarden server on Ubuntu 24.04, configures automatic Let's Encrypt TLS through the installer, and creates the first vault user. By the end, you'll have a self-hosted Bitwarden vault available securely at your domain.

Prerequisites: Ubuntu 24.04 with at least 2 GB RAM (4 GB recommended), Docker + Docker Compose installed, a domain pointed at the server, and an Installation ID + Key from bitwarden.com/host.

Prepare the Environment

1. Add your user to the Docker group:

$ sudo usermod -aG docker $USER
$ newgrp docker
Enter fullscreen mode Exit fullscreen mode

2. Create and own the install directory:

$ sudo mkdir -p /opt/bitwarden
$ sudo chown -R $USER:$USER /opt/bitwarden
$ cd /opt/bitwarden
Enter fullscreen mode Exit fullscreen mode

Download and Install Bitwarden

1. Fetch the installer script:

$ curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh
$ chmod 700 bitwarden.sh
Enter fullscreen mode Exit fullscreen mode

2. Run the installer:

$ ./bitwarden.sh install
Enter fullscreen mode Exit fullscreen mode

Answer the interactive prompts:

  • Domain name: your fully qualified domain (e.g. bitwarden.example.com)
  • Use Let's Encrypt: y (recommended) — supply a contact email
  • Database name: vault (default is fine)
  • Installation ID and Key: from bitwarden.com/host
  • Region: US or EU to match where you obtained your install ID

Start the Server

1. Bring the stack online:

$ ./bitwarden.sh start
Enter fullscreen mode Exit fullscreen mode

2. Confirm the containers are running:

$ docker container ls
Enter fullscreen mode Exit fullscreen mode

The first start downloads images and builds configuration. Initial start can take a few minutes.

Create Your First User

  1. Open https://bitwarden.example.com in a browser.
  2. Click Create Account and complete the signup form.
  3. Verify the email address (configure SMTP in /opt/bitwarden/bwdata/env/global.override.env if not already set).
  4. Sign in to create your first organization and vault items.

Warning: Bitwarden uses zero-knowledge encryption. If the master password is lost, the vault cannot be recovered. Save it in a secure offline location.

Next Steps

Bitwarden is running securely at your domain. From here you can:

  • Configure SMTP so users receive invitations and password reset emails
  • Set up scheduled backups of /opt/bitwarden/bwdata
  • Use ./bitwarden.sh update and ./bitwarden.sh restart to roll new releases

For the full guide with additional tips, visit the original article on Vultr Docs.

Top comments (0)