Self-Hosting Bitwarden on DigitalOcean

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Bitwarden Docker Password Managers Rust ASPnetcore

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • Bitwarden

    The core infrastructure backend (API, database, Docker, etc). (by bitwarden)

    • > Bitwarden requires at least 2GB of RAM, so make sure to choose a plan with enough memory during creation

    Yeah, I recalled that for-real Bitwarden uses dotnet and mssql so I'm sure Digital Ocean loves the situation where someone needs a huge instance

    I was curious given the mention of "docker-compose" how exactly that worked (did it have them set with "restart: always" and similar operational sanity?) but while digging into it:

    Having a self-modifying script that curls from some malware-looking domain defeats the purpose of having tagged scripts, doesn't it? https://github.com/bitwarden/server/blob/v1.48.1/scripts/bit...

    Don't worry, even the redirected "self-host" version does the same trick for inexplicable reasons: https://github.com/bitwarden/self-host/blob/master/bitwarden...

    I never found the docker-compose files, so I guess their emitted as a side-effect of running the "bitwarden/setup" docker image or something: https://github.com/bitwarden/self-host/blob/master/run.sh#L1...

  • self-host

    Bitwarden's self-hosted release repository (by bitwarden)

    • > Bitwarden requires at least 2GB of RAM, so make sure to choose a plan with enough memory during creation

    Yeah, I recalled that for-real Bitwarden uses dotnet and mssql so I'm sure Digital Ocean loves the situation where someone needs a huge instance

    I was curious given the mention of "docker-compose" how exactly that worked (did it have them set with "restart: always" and similar operational sanity?) but while digging into it:

    Having a self-modifying script that curls from some malware-looking domain defeats the purpose of having tagged scripts, doesn't it? https://github.com/bitwarden/server/blob/v1.48.1/scripts/bit...

    Don't worry, even the redirected "self-host" version does the same trick for inexplicable reasons: https://github.com/bitwarden/self-host/blob/master/bitwarden...

    I never found the docker-compose files, so I guess their emitted as a side-effect of running the "bitwarden/setup" docker image or something: https://github.com/bitwarden/self-host/blob/master/run.sh#L1...

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • vaultwarden

    Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

    • Wow. This is insanely shitty if you ask me. I can't think of any non-malicious reason why it's done this way.

    I recommend using vaultwarden instead to self-host bitwarden: https://github.com/dani-garcia/vaultwarden

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts