Vaultwarden is an unofficial Bitwarden server implementation written in Rust. It is compatible with the official Bitwarden clients, and is ideal for self-hosted deployments where running the official resource-heavy service is undesirable
Code Source: GitHub
Skip to Docker Run Code / Skip to Compose & Portainer Code
Guide Parts: Installing Vaultwarden > Reverse Proxy > Configure Apps
Vaultwarden implements the Bitwarden APIs required for most functionality, including:
- Web interface (equivalent to https://vault.bitwarden.com/)
- Personal vault support
- Organization vault support
- Password sharing and access control
- File attachments
- Website icons
- Bitwarden Authenticator (TOTP)
- Bitwarden Send
- Emergency Access
- Live sync (WebSocket only) for desktop/browser clients/extensions
- Trash (soft delete)
- Master password re-prompt
- Personal API key
- Two-step login via email, Duo, YubiKey, and FIDO2 WebAuthn (including Nitrokeys and Solokeys)
- Username generator integration with SimpleLogin, AnonAddy, or Firefox Relay
- Directory Connector support (basic implementation, no group support)
Before we start, please ensure you have Docker installed. This can be installed through the Synology Package Center.
Create the Docker Folder
Head into File Station and open the Docker folder. Select Create, choose Create folder and name it vaultwarden. (see demonstration)
Create the Scheduled Task
We will now head into Control Panel > Task Scheduler > Create > Scheduled Task and click User-defined script. (see demonstration)
Configure the Scheduled Task
In the window that appears, insert the following:
In the General tab, In the Task field, enter Vaultwarden. From the User list, select root. Uncheck the Enabled option.
In the Schedule tab, Select Run on the following date (make sure It’s today’s date). Now select Do not repeat.
In the Task Settings tab, under Notification, You can choose to turn this on, otherwise skip this. Now copy-paste the following code into the Run command area. Now click OK.
docker run -d \ --name vaultwarden \ -e SIGNUPS_ALLOWED=False \ -e ADMIN_TOKEN=EnterLongString \ -v /volume1/docker/vaultwarden:/data/ \ -p 1003:80 \ --restart unless-stopped \ vaultwarden/server:latest
Important: Ensure you update the code to reflect your details.
Accept the warning prompt
When the below warning appears, press OK.
Run the Scheduled Task
From the list of tasks, select Vaultwarden. From the top menu, press Run.
When prompted to run, press Yes.
Create Reverse Proxy
Head into Control Panel > Login Portal > Advanced. Click Reverse Proxy and then click Create. A dialog box will appear prompting you to edit the following settings (ensure you change the values to your own). If you do not yet have a DDNS, you can find a guide on how to do this here.
|Reverse Proxy Name||Vaultwarden|
|Hostname||localhost or your Synology IP address|
Head over to https://vault.yourhostname.me/admin to get started.
You will see the following screen. Enter you admin token. This is the token you added to the Docker run/Compose code. Press Enter.
If you noticed in the Docker code, we disabled signups so we need to invite ourself as a user to our Vaultwarden.
Under Settings, click General settings. Under Domain URL, enter the URL to your Vaultwarden. This is all we’ll change here. Feel free to scroll down and change any settings accordingly. Scroll to the very bottom and press Save.
Head into SMTP Email Settings. If you are lucky enough and Self-hosting your email, feel free to go ahead and input your SMTP Settings. For me I’ll be using Office365 SMTP Settings. Go ahead and fill out the SMTP details. Press Save.
Ensure you fill out the SMTP details correctly otherwise you won’t be able to continue.
Once saved, go back into SMTP Email Settings, scroll down until you see Test SMTP. Enter your email address and press Send test email. If you receive an error at this point, double check your details. Once you receive the test email, continue.
From the top menu, select Users. Down at the bottom under Invite User, enter your email address and press Invite.
Check your email, click the Join Organization button. On the page that loads, click Create account. Now fill in your details and press Create acount.
That’s you all done, you can now log in and enjoy Vaultwarden.
Linking your app to your Vaultwarden is very simple. On your mobile, load up your app store and search for Bitwarden Password Manager. Open the app and click the little settings icon at the top right. Under Self-hosted environment, enter the link to your Vaultwarden i.e https://vault.neellik.synology.me. Press Save. Simply login and you are good to go. Use this same process for Browser extensions you wish to use
Docker Compose and Portainer
If you would prefer to install with Docker Compose or Portainer, use the following code. You can also view a demonstration here.
version: '3.3' services: server: container_name: vaultwarden environment: - SIGNUPS_ALLOWED=False - ADMIN_TOKEN=EnterLongString volumes: - '/volume1/docker/vaultwarden:/data/' ports: - '1003:80' restart: unless-stopped image: 'vaultwarden/server:latest'
Actual AdGuard airsonic Audiobookshelf autobrr Bitcoin Calibre-Web Cleanarr Composerize Crypto DailyTxT deemix Deluge Emby Ethereum Euterpe FileBot FilePizza FileZilla Flame Focalboard FreshRSS Grafana Grocy Heimdall Homarr Home Assistant Homebridge Jackett Jellyfin Jellyseerr Joplin Kavita Komga LanguageTool LibreOffice Lidarr Mealie MediaGoblin Medusa Memegen Minecraft Minecraft Bedrock MQTT MusicBrainz MyMediaForAlexa Navidrome Node-RED NZBGet NZBHydra Ombi Overseerr PaperlessNGX Pashword Password Cards Petio Pi-Hole Picard Plex Portainer PostgreSQL Prowlarr PUID & PGID pwndrop Radarr Radicale Readarr ruTorrent SABnzbd SearX Seed Phrase Shiori Sonarr SpeedTest Stash Storm Tailscale TasmoAdmin Tautulli Theia Trilium TubeSync Unpackerr Uptime Kuma Vaultwarden Watchtower WebPDF Whisparr Wordle YouTubeDL