Updated steps for Vaultwarden native installation (no docker) for OSX (or others with tweaks)

This page summarizes the projects mentioned and recommended in the original post on /r/selfhosted
Bitwarden PHP Installation JavaScript Rust Homebrew

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • vaultwarden

    Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

    • Dependencies required: brew (https://brew.sh/) postgreSQL: brew install postgresql nodejs12: brew install node@12 node-sass: brew install node-sass rust dev version: brew install rustup-init nginx: brew install nginx vaultwarden for macOS with postgreSQL ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/dani-garcia/vaultwarden ./vaultwarden cd vaultwarden git checkout "$(git tag --sort=v:refname | tail -n1)" cargo build --features postgresql --release Congratulation, you have built a macOS binary for vaultwarden For web-vault (if you need it) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/bitwarden/web.git web-vault cd web-vault Open a web browser and go to https://github.com/dani-garcia/bw_web_builds to see latest available patch for vaultwarden git checkout v2.20.4 git submodule update --recursive --init export WEB_VERSION=v2.20.4 curl https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/${WEB_VERSION}.patch >${WEB_VERSION}.patch git apply ${WEB_VERSION}.patch -v npm config set python /usr/local/bin/python3 npm install npm run dist Congratulation, you have built the web vault Post compile instructions ~~~~~~~~~~~~~~~~~~~~~~~~~ Vaultwarden binary can be found in the vaultwarden/target/release directory web-vault pack can be found in the vaultwarden/web-vault/build directory now you can create a "ditribution directory" where you want, for example: /data/vaultwarden /data/vaultwarden/web-vault and copy the binary directory with: cp -R PATH/vaultwarden/target/release/ /data/vaultwarden cp -R PATH/vaultwarden/web-vault/build/ /data/vaultwarden/web-vault modify PATH/vaultwarden/.env.template with the path and settings you want cp PATH/vaultwarden/.env.template /data/vaultwarden/.env To automatically start vaultwarden at boot (after powerfailure) create a plist in /Library/LaunchDaemons named vaultwarden.plist with this content and CHANGE change_username AND change_groupname to the user/group you want vaultwarden to be run as Label vaultwarden RunAtLoad KeepAlive UserName change_username GroupName change_groupname EnvironmentVariables PATH /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin SHELL /bin/bash ProgramArguments /data/vaultwarden/vaultwarden WorkingDirectory /data/vaultwarden nginx proxy: server { if ($host = sub.example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 10.0.1.2:80; server_name sub.example.com; } server { listen 443 ssl http2; server_name sub.example.com; ssl_certificate /data/letsencrypt/live/sub.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /data/letsencrypt/live/sub.example.com/privkey.pem; # managed by Certbot ssl_dhparam /data/letsencrypt/dhparams.pem; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_early_data on; ssl_ecdh_curve secp384r1; server_tokens off; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Referrer-Policy no-referrer-when-downgrade; add_header X-Frame-Options "SAMEORIGIN" always; ssl_stapling on; ssl_stapling_verify on; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/opt/nginx/html; } location /robots.txt { return 200 "User-agent: *\nDisallow: /"; } location / { root /data/vaultwarden/web-vault; proxy_pass http://10.0.1.2:9000; client_max_body_size 100M; # Limit Document size to 100MB proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /notifications/hub/negotiate { root /data/vaultwarden/web-vault; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://10.0.1.2:9000; } location /notifications/hub { root /data/vaultwarden/web-vault; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://10.0.1.2:3012; } } brew services restart nginx sudo launchctl load /Library/LauchDaemons/vaultwarden.plist Vaultwarden should be up and running

  • HomeBrew

    🍺 The missing package manager for macOS (or Linux)

    • Dependencies required: brew (https://brew.sh/) postgreSQL: brew install postgresql nodejs12: brew install node@12 node-sass: brew install node-sass rust dev version: brew install rustup-init nginx: brew install nginx vaultwarden for macOS with postgreSQL ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/dani-garcia/vaultwarden ./vaultwarden cd vaultwarden git checkout "$(git tag --sort=v:refname | tail -n1)" cargo build --features postgresql --release Congratulation, you have built a macOS binary for vaultwarden For web-vault (if you need it) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/bitwarden/web.git web-vault cd web-vault Open a web browser and go to https://github.com/dani-garcia/bw_web_builds to see latest available patch for vaultwarden git checkout v2.20.4 git submodule update --recursive --init export WEB_VERSION=v2.20.4 curl https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/${WEB_VERSION}.patch >${WEB_VERSION}.patch git apply ${WEB_VERSION}.patch -v npm config set python /usr/local/bin/python3 npm install npm run dist Congratulation, you have built the web vault Post compile instructions ~~~~~~~~~~~~~~~~~~~~~~~~~ Vaultwarden binary can be found in the vaultwarden/target/release directory web-vault pack can be found in the vaultwarden/web-vault/build directory now you can create a "ditribution directory" where you want, for example: /data/vaultwarden /data/vaultwarden/web-vault and copy the binary directory with: cp -R PATH/vaultwarden/target/release/ /data/vaultwarden cp -R PATH/vaultwarden/web-vault/build/ /data/vaultwarden/web-vault modify PATH/vaultwarden/.env.template with the path and settings you want cp PATH/vaultwarden/.env.template /data/vaultwarden/.env To automatically start vaultwarden at boot (after powerfailure) create a plist in /Library/LaunchDaemons named vaultwarden.plist with this content and CHANGE change_username AND change_groupname to the user/group you want vaultwarden to be run as Label vaultwarden RunAtLoad KeepAlive UserName change_username GroupName change_groupname EnvironmentVariables PATH /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin SHELL /bin/bash ProgramArguments /data/vaultwarden/vaultwarden WorkingDirectory /data/vaultwarden nginx proxy: server { if ($host = sub.example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 10.0.1.2:80; server_name sub.example.com; } server { listen 443 ssl http2; server_name sub.example.com; ssl_certificate /data/letsencrypt/live/sub.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /data/letsencrypt/live/sub.example.com/privkey.pem; # managed by Certbot ssl_dhparam /data/letsencrypt/dhparams.pem; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_early_data on; ssl_ecdh_curve secp384r1; server_tokens off; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Referrer-Policy no-referrer-when-downgrade; add_header X-Frame-Options "SAMEORIGIN" always; ssl_stapling on; ssl_stapling_verify on; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/opt/nginx/html; } location /robots.txt { return 200 "User-agent: *\nDisallow: /"; } location / { root /data/vaultwarden/web-vault; proxy_pass http://10.0.1.2:9000; client_max_body_size 100M; # Limit Document size to 100MB proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /notifications/hub/negotiate { root /data/vaultwarden/web-vault; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://10.0.1.2:9000; } location /notifications/hub { root /data/vaultwarden/web-vault; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://10.0.1.2:3012; } } brew services restart nginx sudo launchctl load /Library/LauchDaemons/vaultwarden.plist Vaultwarden should be up and running

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • web

    Discontinued The website vault (vault.bitwarden.com). (by bitwarden)

    • Dependencies required: brew (https://brew.sh/) postgreSQL: brew install postgresql nodejs12: brew install node@12 node-sass: brew install node-sass rust dev version: brew install rustup-init nginx: brew install nginx vaultwarden for macOS with postgreSQL ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/dani-garcia/vaultwarden ./vaultwarden cd vaultwarden git checkout "$(git tag --sort=v:refname | tail -n1)" cargo build --features postgresql --release Congratulation, you have built a macOS binary for vaultwarden For web-vault (if you need it) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/bitwarden/web.git web-vault cd web-vault Open a web browser and go to https://github.com/dani-garcia/bw_web_builds to see latest available patch for vaultwarden git checkout v2.20.4 git submodule update --recursive --init export WEB_VERSION=v2.20.4 curl https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/${WEB_VERSION}.patch >${WEB_VERSION}.patch git apply ${WEB_VERSION}.patch -v npm config set python /usr/local/bin/python3 npm install npm run dist Congratulation, you have built the web vault Post compile instructions ~~~~~~~~~~~~~~~~~~~~~~~~~ Vaultwarden binary can be found in the vaultwarden/target/release directory web-vault pack can be found in the vaultwarden/web-vault/build directory now you can create a "ditribution directory" where you want, for example: /data/vaultwarden /data/vaultwarden/web-vault and copy the binary directory with: cp -R PATH/vaultwarden/target/release/ /data/vaultwarden cp -R PATH/vaultwarden/web-vault/build/ /data/vaultwarden/web-vault modify PATH/vaultwarden/.env.template with the path and settings you want cp PATH/vaultwarden/.env.template /data/vaultwarden/.env To automatically start vaultwarden at boot (after powerfailure) create a plist in /Library/LaunchDaemons named vaultwarden.plist with this content and CHANGE change_username AND change_groupname to the user/group you want vaultwarden to be run as Label vaultwarden RunAtLoad KeepAlive UserName change_username GroupName change_groupname EnvironmentVariables PATH /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin SHELL /bin/bash ProgramArguments /data/vaultwarden/vaultwarden WorkingDirectory /data/vaultwarden nginx proxy: server { if ($host = sub.example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 10.0.1.2:80; server_name sub.example.com; } server { listen 443 ssl http2; server_name sub.example.com; ssl_certificate /data/letsencrypt/live/sub.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /data/letsencrypt/live/sub.example.com/privkey.pem; # managed by Certbot ssl_dhparam /data/letsencrypt/dhparams.pem; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_early_data on; ssl_ecdh_curve secp384r1; server_tokens off; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Referrer-Policy no-referrer-when-downgrade; add_header X-Frame-Options "SAMEORIGIN" always; ssl_stapling on; ssl_stapling_verify on; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/opt/nginx/html; } location /robots.txt { return 200 "User-agent: *\nDisallow: /"; } location / { root /data/vaultwarden/web-vault; proxy_pass http://10.0.1.2:9000; client_max_body_size 100M; # Limit Document size to 100MB proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /notifications/hub/negotiate { root /data/vaultwarden/web-vault; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://10.0.1.2:9000; } location /notifications/hub { root /data/vaultwarden/web-vault; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://10.0.1.2:3012; } } brew services restart nginx sudo launchctl load /Library/LauchDaemons/vaultwarden.plist Vaultwarden should be up and running

  • bw_web_builds

    Web vault builds for vaultwarden

    • Dependencies required: brew (https://brew.sh/) postgreSQL: brew install postgresql nodejs12: brew install node@12 node-sass: brew install node-sass rust dev version: brew install rustup-init nginx: brew install nginx vaultwarden for macOS with postgreSQL ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/dani-garcia/vaultwarden ./vaultwarden cd vaultwarden git checkout "$(git tag --sort=v:refname | tail -n1)" cargo build --features postgresql --release Congratulation, you have built a macOS binary for vaultwarden For web-vault (if you need it) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ git clone https://github.com/bitwarden/web.git web-vault cd web-vault Open a web browser and go to https://github.com/dani-garcia/bw_web_builds to see latest available patch for vaultwarden git checkout v2.20.4 git submodule update --recursive --init export WEB_VERSION=v2.20.4 curl https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/${WEB_VERSION}.patch >${WEB_VERSION}.patch git apply ${WEB_VERSION}.patch -v npm config set python /usr/local/bin/python3 npm install npm run dist Congratulation, you have built the web vault Post compile instructions ~~~~~~~~~~~~~~~~~~~~~~~~~ Vaultwarden binary can be found in the vaultwarden/target/release directory web-vault pack can be found in the vaultwarden/web-vault/build directory now you can create a "ditribution directory" where you want, for example: /data/vaultwarden /data/vaultwarden/web-vault and copy the binary directory with: cp -R PATH/vaultwarden/target/release/ /data/vaultwarden cp -R PATH/vaultwarden/web-vault/build/ /data/vaultwarden/web-vault modify PATH/vaultwarden/.env.template with the path and settings you want cp PATH/vaultwarden/.env.template /data/vaultwarden/.env To automatically start vaultwarden at boot (after powerfailure) create a plist in /Library/LaunchDaemons named vaultwarden.plist with this content and CHANGE change_username AND change_groupname to the user/group you want vaultwarden to be run as Label vaultwarden RunAtLoad KeepAlive UserName change_username GroupName change_groupname EnvironmentVariables PATH /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin SHELL /bin/bash ProgramArguments /data/vaultwarden/vaultwarden WorkingDirectory /data/vaultwarden nginx proxy: server { if ($host = sub.example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 10.0.1.2:80; server_name sub.example.com; } server { listen 443 ssl http2; server_name sub.example.com; ssl_certificate /data/letsencrypt/live/sub.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /data/letsencrypt/live/sub.example.com/privkey.pem; # managed by Certbot ssl_dhparam /data/letsencrypt/dhparams.pem; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_early_data on; ssl_ecdh_curve secp384r1; server_tokens off; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Referrer-Policy no-referrer-when-downgrade; add_header X-Frame-Options "SAMEORIGIN" always; ssl_stapling on; ssl_stapling_verify on; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/opt/nginx/html; } location /robots.txt { return 200 "User-agent: *\nDisallow: /"; } location / { root /data/vaultwarden/web-vault; proxy_pass http://10.0.1.2:9000; client_max_body_size 100M; # Limit Document size to 100MB proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /notifications/hub/negotiate { root /data/vaultwarden/web-vault; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://10.0.1.2:9000; } location /notifications/hub { root /data/vaultwarden/web-vault; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://10.0.1.2:3012; } } brew services restart nginx sudo launchctl load /Library/LauchDaemons/vaultwarden.plist Vaultwarden should be up and running

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • You're Installing Node.js Wrong. That's OK, Here Is How To Fix It 🙌

    2 projects | dev.to | 14 Mar 2024

  • Procurar pacote em múltiplos gerenciadores

    4 projects | /r/linuxbrasil | 11 Jul 2023

  • Vaultwarden docker container and MacOS

    2 projects | /r/vaultwarden | 8 Jun 2023

  • Does anyone have a good Compiler?

    2 projects | /r/C_Programming | 8 May 2023

  • 1Password to Add Telemetry

    3 projects | news.ycombinator.com | 24 Apr 2023