How to Install BitWarden on Your Synology NAS

by

How to Install Bitwarden on Your Synology NAS

Bitwarden is a free and open-source password management (password manager) service that stores sensitive information such as website credentials in an encrypted vault. The Bitwarden platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a CLI. In this step by step guide I will teach you how to install official Bitwarden on your Synology NAS device using Docker & Portainer. Note: If you want to Install Vaultwarden instead of Bitwarden, check out my articles on How to Install Vaultwarden on Your Synology NAS and Install Vaultwarden With Portainer. Note: If you like, you can use Passbolt as an alternative to Bitwarden.

💡Note: This guide works perfectly with the latest Bitwarden v2023.3.0 release.

Warning: This is a beta release.

  • STEP 1

Please Support My work by Making a Donation.

  • STEP 2

Install Portainer using my step by step guide. If you already have Portainer installed on your Synology NAS, skip this STEP. Attention: Make sure you have installed the latest Portainer version.

  • STEP 3

Make sure you have a synology.me Wildcard Certificate. Follow my guide to get a Wildcard Certificate. If you already have a synology.me Wildcard certificate, skip this STEP.

  • STEP 4

Go to Control Panel / Login Portal / Advanced Tab / click Reverse Proxy. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 1 2023

  • STEP 5

Now click the “Create” button. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 2 2023

  • STEP 6

After you click the Create button, the window below will open. Follow the instructions in the image below.

On the General area, set the Reverse Proxy Name description: type in Bitwarden. After that, add the following instructions:

Source:
Protocol: HTTPS
Hostname: bitwarden.yourname.synology.me
Port: 443

Check Enable HSTS

Destination:
Protocol: HTTP
Hostname: localhost
Port: 9890

Bitwarden Synology NAS Set up 3 2023

  • STEP 7

On the Reverse Proxy Rules click the Custom Header tab. Click Create and then, from the drop-down menu, click WebSocket. After you click on WebSocket, two Header Names and two Values will be automatically added. Click Save. Follow the instructions in the image below.

Synology Proxy WebSocket

  • STEP 8

Go to Control Panel / Network / Connectivity tab/ Check Enable HTTP/2 then click Apply. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 4 2023

  • STEP 9

Go to Control Panel / Security / Advanced tab/ Check Enable HTTP Compression then click Apply. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 5 2023

  • STEP 10

Go to File Station and open the docker folder. Inside the docker folder, create one new folder and name it bitwarden. Follow the instructions in the image below.
Note: Be careful to enter only lowercase, not uppercase letters.

Bitwarden Synology NAS Set up 6 2023

  • STEP 11

Now create three new folders inside the bitwarden folder that you created at STEP 10 and name them data, db, logs. Follow the instructions in the image below.
Note: Be careful to enter only lowercase, not uppercase letters.

Bitwarden Synology NAS Set up 7 2023

  • STEP 12

Launch your browser then go to the official Bitwarden website by clicking on the blue link below.

https://bitwarden.com/host

On the Admin Email Address field type in your own email. I recommend you use a Gmail account. Click Submit. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 8 2023

  • STEP 13

After you click Submit at STEP 12, you will automatically get an INSTALLATION ID and an INSTALLATION KEY. Copy and save them to a safe place because you will need them at STEP 16.

Bitwarden Synology NAS Set up 9 2023

  • STEP 14

Follow my step by step guide on how to activate SMTP for your Gmail account. This step is mandatory. Note: If you don’t want to use the easiest way for SMTP with Google and you already have SMTP details from your own Mail Server, you can just skip this STEP and use your personalized email SMTP details instead.

  • STEP 15

Log into Portainer using your username and password. On the left sidebar in Portainer, click on Stacks then + Add stack. Follow the instructions in the image below.

1 Synology Portainer Add Stack

  • STEP 16

In the Name field type in bitwarden. Follow the instructions in the image below.

Note: Copy Paste the code below in the Portainer Stacks Web editor.

version: "3.9"
services:
  db:
    image: mariadb:jammy
    container_name: Bitwarden-DB
    hostname: bitwarden-db
    security_opt:
      - no-new-privileges:true
    healthcheck:
      test: ["CMD-SHELL", "mysqladmin ping -P 3306 -psuper-duper-strong-pass | grep 'mysqld is alive' || exit 1"]
    environment:
      - TZ=Europe/Bucharest
      - MYSQL_ROOT_PASSWORD=super-duper-strong-pass
      - MYSQL_DATABASE=bitwarden_vault
      - MYSQL_USER=bitwardenuser
      - MYSQL_PASSWORD=bitwardenpass
    volumes:
      - /volume1/docker/bitwarden/db:/var/lib/mysql:rw
    restart: always

  bitwarden:
    image: bitwarden/self-host:beta
    container_name: Bitwarden
    hostname: bitwarden
    security_opt:
      - no-new-privileges:true
    healthcheck:
      test: curl -fsSo - http://localhost:8080
    environment:
      - BW_DOMAIN=bitwarden.yourname.synology.me
      - BW_DB_PROVIDER=mysql
      - BW_DB_SERVER=bitwarden-db
      - BW_DB_DATABASE=bitwarden_vault
      - BW_DB_USERNAME=bitwardenuser
      - BW_DB_PASSWORD=bitwardenpass
      - BW_INSTALLATION_ID=Your-Own-Bitwarden-Installation-ID
      - BW_INSTALLATION_KEY=Your-Own-Bitwarden-Installation-KEY
      - UID=1026
      - GID=100
      - BW_ENABLE_ADMIN=true
      - adminSettings__admins=Your-own-gmail-address
      - globalSettings__disableUserRegistration=false
      - globalSettings__mail__replyToEmail=Your-own-gmail-address
      - globalSettings__mail__smtp__host=smtp.gmail.com
      - globalSettings__mail__smtp__ssl=false
      - globalSettings__mail__smtp__port=587
      - globalSettings__mail__smtp__username=Your-own-gmail-address
      - globalSettings__mail__smtp__password=Your-own-app-password
    ports:
      - 9890:8080
    volumes:
      - /volume1/docker/bitwarden/data:/etc/bitwarden
      - /volume1/docker/bitwarden/logs:/var/log/bitwarden
    restart: always
    depends_on:
      db:
        condition: service_started

Note: Before you paste the code above in the Web editor area below, change the value for TZ. (Select your current Time Zone from this list.)
Note: Before you paste the code above in the Web editor area below, change the value for BW_DOMAIN and type in your own synology.me DDNS without https:// at the beginning that you have previously created at STEP 6.
Note: Before you paste the code above in the Web editor area below, change the value for BW_INSTALLATION_ID and type in your own Bitwarden INSTALLATION ID that you have previously copied and saved at STEP 13.
Note: Before you paste the code above in the Web editor area below, change the value for BW_INSTALLATION_KEY and type in your own Bitwarden INSTALLATION KEY that you have previously copied and saved at STEP 13.
Note: Before you paste the code above in the Web editor area below, change the value numbers for UID and GID with your own values. (Follow my step by step guide on how to do this.) 1026 is my personal UID value and 100 is my personal GID value. You have to type in your own values.
Note: Before you paste the code above in the Web editor area below, change the value for adminSettings__admins and type in your own Gmail address. STEP 14.
Note: Before you paste the code above in the Web editor area below, change the value for globalSettings__mail__replyToEmail and type in your own Gmail address. STEP 14.
Note: Before you paste the code above in the Web editor area below, change the value for globalSettings__mail__smtp__username and type in your own Gmail address. STEP 14.
Note: Before you paste the code above in the Web editor area below, change the value for globalSettings__mail__smtp__password and type in your own Gmail app password. STEP 14.

Bitwarden Synology NAS Set up 10 new 2023

  • STEP 17

Scroll down on the page until you see a button named Deploy the stack. Click on it. Follow the instructions in the image below. The installation process can take up to a few minutes. It will depend on your Internet speed connection.

Bitwarden Synology NAS Set up 11 new2 2023

  • STEP 18

If everything goes right, you will see the following message at the top right of your screen: “Success Stack successfully deployed“.

Bitwarden Synology NAS Set up 12 2023

  • STEP 19

Go back to STEP 1 or you will deal with karma 🙂.

  • STEP 20

Now open your browser and type in your HTTPS/SSL certificate like this https://bitwarden.yourname.synology.me/#/register In my case it’s https://bitwarden.mariushosting.synology.me/#/register If everything goes right, you will see the Bitwarden Register account page. Type in your own Email, Name and Password, then click Create Account. Follow the instructions in the image below. Note: If you forget to add /#/register after your synology.me DDNS, you will not be able to register an account.

Bitwarden Synology NAS Set up 13 2023

  • STEP 21

Your account is created! Type in your own Master password that you have previously created at STEP 20 then click Log in with master password. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 14 2023

  • STEP 22

Once you are in your Vaults, click Send email to get a verification email. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 15 2023

  • STEP 23

Open your email then check the email that was automatically sent to you. Click on Verify Email Address Now. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 16 2023

  • STEP 24

Your email is now verified! Type in your own Master password that you have previously created at STEP 20 then click Log in with master password. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 17 2023

Your official Bitwarden at a glance!

Bitwarden Synology NAS Set up 18 2023

  • STEP 25

One of the most important things you need to know about Bitwarden is that anyone who can access your HTTPS Bitwarden link can register for a new account by default. Follow my step by step guide below to disable registration of new users in Bitwarden. Open Portainer then go to stack. Localize then click on your bitwarden stack that you have previously created at STEP 16. Click the EDITOR tab then change the value on line globalsettings__disableUserRegistration from:

– globalsettings__disableUserRegistration=false to – globalsettings__disableUserRegistration=true

Click Update the stack. Follow the instructions in the image below.

Bitwarden Synology NAS Set up 19 2023

When new users try to register, they will receive the following error message: “An error has occurred. Open Registration has been disabled by the system administrator”. To reactivate user registration, change the value from true to false.

Bitwarden Synology NAS Set up 20 2023

  • STEP 26

If you want, you can also access your Bitwarden admin dashboard at https://bitwarden.yourname.synology.me/admin In my case it’s https://bitwarden.mariushosting.synology.me/admin

Enjoy Bitwarden!

Note: Can I run Docker on my Synology NAS? See the supported models.
Note: Find out how to update the Bitwarden container with the latest image.
Note: How to Free Disk Space on Your NAS if You Run Docker.
Note: How to Schedule Start & Stop For Docker Containers.
Note: How to Activate Email Notifications.
Note: How to Add Access Control Profile on Your NAS.
Note: How to Change Docker Containers Restart Policy.
Note: How to Use Docker Containers With VPN.
Note: Convert Docker Run Into Docker Compose.
Note: How to Clean Docker.
Note: How to Clean Docker Automatically.
Note: Best Practices When Using Docker and DDNS.
Note: Some Docker Containers Need WebSocket.
Note: Find out the Best NAS Models For Docker.
Note: Activate Gmail SMTP For Docker Containers.

This post was updated on Wednesday / March 22nd, 2023 at 1:06 PM

🧡 I Need Your Help!