In the previous article, we delved into the step-by-step process of setting up Tailscale VPN in our Home Lab.
In this article, we will be looking into Vaultwarden - Powerful Password Manager which is a self-hosted version of Bitwarden.
Vaultwarden was previously known as Bitwarden_RS. It is an open-source server implementation of the Bitwarden password manager. Bitwarden is a popular and secure password management solution that allows users to store and manage their passwords in a centralized and encrypted vault.
Vaultwarden provides an alternative server implementation to the official Bitwarden server, allowing users to host their own instances of the service. Users can deploy Vaultwarden on their own servers which is what we'll be doing today in this article.
Vaultwarden is an independent project, it is built on the same underlying protocol as the official Bitwarden server. This means that the clients developed for Bitwarden can generally be used with Vaultwarden as well.
Steps to install Vaultwarden:
- We'll be using Portainer Stack again to install Vaultwarden in our Home Lab. First, let us log in to our Portainer instance and then head to our local docker instance by clicking on the local option.
- Here we can use the Stack option to deploy our Vaultwarden instance using our docker-compose file. Let's click on the Stacks option.
- We can click on the Add Stack button on the top right to create a new stack.
- We can give the name of the stack and then just copy and paste the below docker-compose file of our Vaultwarden instance. Make the needed changes in the docker-compose file based on your needs but this should mostly get the job done.
- Once done we can click on the Deploy the Stack button to deploy our Vaultwarden instance.
- We can see that the stack has been successfully created. On viewing it, we can see that our Vaultwarden has been successfully installed and the container has started running.
We have successfully installed the Vaultwarden instance on our Home Lab. We now need to configure our Vaultwarden before we can start using it.
- First, we need to head over to Vaultwarden's admin console. I'll just add a Proxy host in my Nginx Proxy Manager before proceeding further as Vaultwarden doesn't work without HTTPS.
- In the upcoming articles, we'll be covering the topics on how to create a self-signed SSL certificate and setting up reverse proxy using Nginx Proxy Manager. But for now, I'll make the changes.
- I have now successfully added my Vaultwarden instance in my Nginx Proxy Manager and have also configured the SSL with a self-signed certificate. We can now head over to our Vaultwarden instance by typing in the URL.
- We will be greeted with the above screen. Now we need to create an admin account for our Vaultwarden instance. We can click on the Create an Account button to proceed with the account creation.
- We can now fill in the details and hit the Create Account button to get our admin account created.
- The account has now been successfully created. Once after creating the account, the screen will get redirected to the login page. We now need to type in our email for the account that we just created to proceed further.
- We can now type in our master password for the account to log in to our Vaultwarden instance.
- We have successfully logged in to the account in our Vaultwarden Instance.
We have successfully installed and configured the Vaultwarden instance in our Home Lab. We will now be able to install the Bitwarden clients on our Desktop, Laptop, and Mobile devices to access our Vaultwarden installation.
Since Bitwarden client applications work well with Vaultwarden we can use the same to securely store and access our saved passwords and other details. Upon installing the respective apps on our devices, we just need to select the self-hosted option and type in our Vaultwarden URL which is the same as the one we gave in Nginx Proxy Manager.
Upon typing in the URL we will now be able to log in using the account that we created. We will now be able to securely store and use the passwords from our Home Lab itself.
And since we have already installed Tailscale VPN, we will be able to access these passwords when we are away from our Home Network when we are connected to the VPN. Also, Vaultwarden works offline and will sync up the passwords with the server once we are back on our Home Network.
In this article, we have explored Vaultwarden and went into the step-by-step process of deploying the same in our Home Lab.
In the next article, we will be looking into another service that we will be deploying in our Home Lab. Stay tuned for more detailed instructions on expanding our Home Labbing capabilities.