Installing and Configure Bitwarden on Ubuntu 23.10

Hello,

In this week’s feature highlight, we look at How to Install and Configure Bitwarden on Ubuntu 23.10

Bitwarden is an open-source password management platform that empowers individuals and organizations to securely store, manage, and share sensitive information, such as passwords, credit card details, and secure notes. With growing concerns about online security and data breaches, Bitwarden provides a reliable and user-friendly solution to the complex problem of password management.

Features of Bitwarden

  • Secure Password Storage: Bitwarden uses end-to-end encryption to safeguard your passwords, ensuring that only you can access your sensitive data.
  • Self-Hosting Option: In addition to Bitwarden’s cloud-hosted services, you have the option to self-host Bitwarden on your own server. This provides you with complete control over your data and enhances your privacy.
  • Two-Factor Authentication (2FA): Bitwarden supports 2FA, adding an extra layer of security to your account.
  • Secure Sharing: Share passwords and other items securely with trusted individuals or groups while maintaining control over who has access.
  • Password Generator: Bitwarden can generate strong, unique passwords for your accounts, reducing the risk of password-related security breaches.

By self-hosting Bitwarden on your Ubuntu server, you can ensure that your sensitive information is stored securely and accessed only by you and trusted individuals. This article will guide you through the installation process, helping you harness the full potential of Bitwarden for your personal or organizational needs.

Pre-requisites:

  • Ubuntu 23.10 installed with root access.
  • A domain with DNS recording pointing to the server’s IP address.
  • Minimum of 2GB RAM available on the server.

Update the System

We will first update the server to latest.

apt-get update

apt-get upgrade

Install Docker and Docker Compose

Bitwarden will be deployed and run on your server, below are the steps to install:

Install docker.io,

apt install docker.io

Once the install is complete, Enable the service so it can auto-start upon reboot,

systemctl enable docker --now

Check the status of the docker service,

systemctl status docker

Confirm that the docker service is running and now we will proceed to install docker compose,

curl -L "https://github.com/docker/compose/releases/download/v2.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

At the time of writing this article, Docker compose version 2.22.0 was the latest stable available.
Visit the Docker Compose repository to find the latest version and use that instead.

Next, set the correct permissions so that the docker-compose command is executable.

chmod +x /usr/local/bin/docker-compose

To verify that the installation was successful, you can run the following command.

docker-compose --version

Create a group called docker,

groupadd docker

Add an user into the docker user group,

usermod -aG docker $USER

If you want to add a different user, replace $USER with existing username.

View running docker apps on the server with,

docker ps

example:

root@server:~# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

Since no apps are running, you will see an empty list.

Create Bitwarden User and Directory

It is recommend configuring your server with a dedicated bitwarden service account, from which to install and run Bitwarden. Doing so will isolate your Bitwarden instance from other applications running on your server.

Create a Bitwarden user,

adduser bitwarden

Add Bitwarden user to the docker group,

usermod -aG docker bitwarden

Create a Bitwarden directory,

mkdir /opt/bitwarden

Update permissions for the /opt/bitwarden directory,

chmod -R 700 /opt/bitwarden

Update the ownership of the /opt/bitwarden directory,

chown -R bitwarden:bitwarden /opt/bitwarden

Download and Install Bitwarden

Bitwarden provides a script that can be downloaded and executed, which would install the service.

From this point on, we will switch over to the newly created bitwarden user.

su -l bitwarden

output:

root@server:~# su -l bitwarden
bitwarden@server:~$

Change the directory to /opt/bitwarden,

cd /opt/bitwarden

Download the installation script,

curl -Lso bitwarden.sh "https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" && chmod 700 bitwarden.sh

Run the installation script,

./bitwarden.sh

After this, you will be prompted to configure the installation,

  • Enter the domain name for your Bitwarden instance: Enter the domain name that has a DNS record pointing to the server.
  • Do you want to use Let’s Encrypt to generate a free SSL certificate?: Enter y so SSL certificate would be issued.
  • Enter your email address: Enter your email address, this will be used to send certificate expiration notifications.
  • Enter the database name for your Bitwarden instance: Enter a valid database name of your choice.

For the next steps, you will need to register yourself at Bitwarden site with your email address. You will be provided with Installation ID and a Key which will be used below.

images
  • Enter your installation id: Enter the ID here.
  • Enter your installation key: Enter the Key here.
  • Enter your region: Enter the region that was selected at the time of the request.

Output:

$ ./bitwarden.sh install
 _     _ _                         _
| |__ (_) |___      ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V  V / (_| | | | (_| |  __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_|  \__,_|\___|_| |_|

Open source password management solutions
Copyright 2015-2023, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2023.9.1
Docker version 24.0.5, build 24.0.5-0ubuntu1
Docker Compose version v2.22.0

(!) Enter the domain name for your Bitwarden instance (ex. bitwarden.example.com): bit.domainhere.info

(!) Do you want to use Let's Encrypt to generate a free SSL certificate? (y/n): y

(!) Enter your email address (Let's Encrypt will send you certificate expiration reminders): user@example.com
...
(!) Enter the database name for your Bitwarden instance (ex. vault): bit_vault
...
(!) Enter your installation id (get at https://bitwarden.com/host): YOUR INSTALLATION ID

(!) Enter your installation key: YOUR INSTALLATION KEY

(!) Enter your region (US/EU) [US]: US
...
Installation complete

If you need to make additional configuration changes, you can modify
the settings in `./bwdata/config.yml` and then run:
`./bitwarden.sh rebuild` or `./bitwarden.sh update`

Next steps, run:
`./bitwarden.sh start`

Start Bitwarden

Run the following command to start Bitwarden,

./bitwarden start

Post-Install Configuration

Before you start the Bitwarden service, we have SMTP configuration that can be done.
If you use your own SMTP mail server for sending mails, the following can be configured.

If you do not have your SMTP mail server, you can skip this step.

Edit the file ./bwdata/env/global.override.env,

nano ./bwdata/env/global.override.env

Update the below lines that contain REPLACE with actual SMTP values,

...
globalSettings__mail__smtp__host=REPLACE
globalSettings__mail__smtp__port=587
globalSettings__mail__smtp__ssl=false
globalSettings__mail__smtp__username=REPLACE
globalSettings__mail__smtp__password=REPLACE
globalSettings__disableUserRegistration=false
globalSettings__hibpApiKey=REPLACE
adminSettings__admins=
...

The above configuration will be used to connect to the SMTP mail server that will be used to send verification emails to new users and invitations to organizations.
Adding an email address to adminSettings__admins= will provision access to the admin portal.

Run the following command to apply your changes,

./bitwarden.sh restart

Create your Bitwarden Account

Once the installation and configuration is complete, launch your browser and navigate to your website.

Click on the Create Account,

images

Input the required details in the registration form,

images

Once the account has been created, login using the same.

images

Additional Information

Below are some of the additional commands that are used to manage Bitwarden.

CommandDescription
./bitwarden.sh startStart all containers.
./bitwarden.sh restartRestart all containers (same as start).
./bitwarden.sh stopStop all containers.
./bitwarden.sh updateUpdate all containers and the database.
./bitwarden.sh uninstallStops containers, deletes the bwdata directory and all its contents, and removes ephemeral volumes.

This concludes our topic of installing Bitwarden on Ubuntu 23.10 server.

(Visited 389 times, 1 visits today)