Alternative implementation of the Bitwarden server API written in Rust and compatible with , perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
Features
Full implementation of Bitwarden API is provided including:
- Organizations support
- Attachments and Send
- Vault API support
- Serving the static files for Vault interface
- Website icons API
- Authenticator and U2F support
- YubiKey and Duo support
- Emergency Access
Installation
Pull the docker image and mount a volume from the host for persistent storage:
docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest
Compose
version: '3.3'
services:
server:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: unless-stopped
volumes:
- /vw-data/:/data/
ports:
- 80:80
This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.
IMPORTANT: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault via HTTPS or localhost.
This can be configured in or using a third-party reverse proxy ().
If you have an available domain name, you can get HTTPS certificates with , or you can generate self-signed certificates with utilities like . Some proxies automatically do this step, like Caddy (see examples linked above).
Alternative implementation of the Bitwarden server API written in Rust and compatible with [upstream Bitwarden clients*](https://bitwarden.com/download/), perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
[Wiki](https://github.com/dani-garcia/vaultwarden/wiki)
[Github Discussions](https://github.com/dani-garcia/vaultwarden/discussions)
[Forum](https://vaultwarden.discourse.group/)
## Features
Full implementation of Bitwarden API is provided including:
- Organizations support
- Attachments and Send
- Vault API support
- Serving the static files for Vault interface
- Website icons API
- Authenticator and U2F support
- YubiKey and Duo support
- Emergency Access
## Installation
Pull the docker image and mount a volume from the host for persistent storage:
`docker pull vaultwarden/server:latest`
`docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest`
### Compose
```
version: '3.3'
services:
server:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: unless-stopped
volumes:
- /vw-data/:/data/
ports:
- 80:80
```
This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.
**IMPORTANT**: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like `Cannot read property 'importKey'`. To solve this problem, you need to access the web vault via HTTPS or localhost.
This can be configured in [vaultwarden directly](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS) or using a third-party reverse proxy ([some examples](https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples)).
If you have an available domain name, you can get HTTPS certificates with [Let's Encrypt](https://letsencrypt.org/), or you can generate self-signed certificates with utilities like [mkcert](https://github.com/FiloSottile/mkcert). Some proxies automatically do this step, like Caddy (see examples linked above).
(post is archived)