Self-Hosting Bitwarden Password Manager is a common requirement for VPS administrators. This guide provides practical instructions that you can follow on Ubuntu 22.04/24.04 or Debian 12, though most steps apply to other distributions as well.
Prerequisites
- A registered domain name (for public-facing services)
- Root or sudo access to the server
- A reverse proxy configured (Nginx or Traefik)
- Basic familiarity with the Linux command line
- A VPS running Ubuntu 22.04 or later (2GB+ RAM recommended)
Docker Compose Setup
Performance benchmarks show that properly tuned bitwarden can handle significantly more concurrent connections than the default configuration. The key improvements come from adjusting worker processes and connection pooling.
# docker-compose.yml
version: '3.8'
services:
bitwarden:
image: bitwarden/bitwarden:latest
restart: unless-stopped
ports:
- "8080:8080"
volumes:
- bitwarden_data:/data
- bitwarden_config:/config
environment:
- TZ=UTC
- PUID=1000
- PGID=1000
depends_on:
- db
db:
image: postgres:16-alpine
restart: unless-stopped
volumes:
- db_data:/var/lib/postgresql/data
environment:
- POSTGRES_DB=bitwarden
- POSTGRES_USER=bitwarden
- POSTGRES_PASSWORD=changeme
volumes:
bitwarden_data:
bitwarden_config:
db_data:
Make sure to restart the service after applying these changes. Some settings require a full restart rather than a reload to take effect.
Configuration Options
If you encounter issues during setup, check the system logs first. Most problems can be diagnosed by examining the output of journalctl or the application-specific log files in /var/log/.
Initial Configuration
It's recommended to test this configuration in a staging environment before deploying to production. This helps identify potential compatibility issues and allows you to benchmark performance differences.
# Reverse proxy configuration
server {
listen 443 ssl http2;
server_name bitwarden.example.com;
ssl_certificate /etc/letsencrypt/live/bitwarden.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bitwarden.example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
client_max_body_size 0;
}
}
These commands should be run as root or with sudo privileges. If you're using a non-root user, prefix each command with sudo.
Conclusion
This guide covered the essential steps for working with bitwarden on a VPS environment. For more advanced configurations, refer to the official documentation. Don't hesitate to reach out to our support team if you need help with your specific setup.