Lightweight self-hosted version of Bitwarden
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
Go to file
Daniel García 6aab2ae6c8
Document configuration a bit and increase JSON size limit to 10MB
6 years ago
docker Move settings out of web-vault 7 years ago
libs/jsonwebtoken Updated dependencies and removed some warnings from jsonwebtoken 7 years ago
migrations Improved two factor auth 7 years ago
src Added security headers to web-vault (fixes #44) 7 years ago
.dockerignore Fixed docker build and implemented automatic creation of JWT signing keys on platforms with OpenSSL (it needs to be on the PATH) 7 years ago
.env Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers 7 years ago
.gitignore Move settings out of web-vault 7 years ago
Cargo.lock Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 7 years ago
Cargo.toml Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 7 years ago
Dockerfile Use proper toolchain in Dockerfile 7 years ago
LICENSE.txt Upload and download attachments, and added License file 7 years ago
README.md Document configuration a bit and increase JSON size limit to 10MB 6 years ago
Rocket.toml Document configuration a bit and increase JSON size limit to 10MB 6 years ago
diesel.toml Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 7 years ago
rust-toolchain Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 7 years ago

README.md

Bitwarden_RS

This project is an unofficial implementation of the Bitwarden Core Server written in Rust.

(Note: This project is not associated with the Bitwarden project nor 8bit Solutions LLC.)

Build/Run

This project can be built and deployed in two ways:

Docker Setup (Easy)

Install Docker to your system and then, from the project root, run:

# Build the docker image:
docker build -t bitwarden_rs .

# Run the docker image with a docker volume:
docker run --name bitwarden_rs -t --rm -v bw_data:/data -p 80:80 bitwarden_rs

Then visit http://localhost:80

Manual Setup (Advanced)

Dependencies

  • Rust nightly (strongly recommended to use rustup)
  • OpenSSL (should be available in path, install through your system's package manager or use the prebuilt binaries)
  • NodeJS (required to build the web-vault, (install through your system's package manager or use the prebuilt binaries)

Install the web-vault

Download the latest official release from the releases page and extract it.

Modify web-vault/settings.Production.json to look like this:

{
  "appSettings": {
    "apiUri": "/api",
    "identityUri": "/identity",
    "iconsUri": "/icons",
    "stripeKey": "",
    "braintreeKey": ""
  }
}

Then, run the following from the web-vault directory:

npm install
npx gulp dist:selfHosted

Finally copy the contents of the web-vault/dist folder into the bitwarden_rs/web-vault folder.

Running

cargo run

Then visit http://localhost:80

Configuration

The available configuration options are documented in the default .env file, and they can be modified by uncommenting the desired options in that file or by setting their respective environment variables.

Note: the environment variables override the values set in the .env file.

Disabling user registrations

To disable user registrations, you can uncomment the SIGNUPS_ALLOWED line in the .env file and change the value to false.

You could also set the SIGNUPS_ALLOWED environment variable. To do that when using Docker, add the following line to the end of the docker run command:

-e SIGNUPS_ALLOWED=false

Enabling HTTPS

To enable HTTPS, you need to configure the ROCKET_TLS option, the same way as SIGNUPS_ALLOWED.

The values to the option must follow the format:

ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"}

Where:

  • certs: a path to a certificate chain in PEM format
  • key: a path to a private key file in PEM format for the certificate in certs

How to recreate database schemas (for developers)

Install diesel-cli with cargo:

cargo install diesel_cli --no-default-features --features sqlite-bundled

Make sure that the correct path to the database is in the .env file.

If you want to modify the schemas, create a new migration with:

diesel migration generate <name>

Modify the *.sql files, making sure that any changes are reverted in the down.sql file.

Apply the migrations and save the generated schemas as follows:

diesel migration redo

# This step should be done automatically when using diesel-cli > 1.3.0
# diesel print-schema > src/db/schema.rs