Hosting a Private Password Vault with Vaultwarden
Relying on commercial password managers means trusting a third party with your most sensitive data. Vaultwarden (formerly Bitwarden_RS) is an open-source, lightweight implementation of the Bitwarden API written in Rust. It is perfect for deployment on an offshore VPS where you maintain 100% data sovereignty.
1. Server Setup
First, update your Ubuntu or Debian server and install Docker.
sudo apt update && sudo apt install docker.io docker-compose -y2. Docker Compose Deployment
Create a directory for your vault and a docker-compose.yml file. This ensures your database and icons are persistent across reboots.
version: '3'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
- SIGNUPS_ALLOWED=false
volumes:
- ./vw-data:/data
ports:
- 8080:803. Final Hardening
Set SIGNUPS_ALLOWED=false after creating your account to prevent unauthorized users from registering on your instance. Always use a strong Master Password and enable 2FA using a YubiKey or Authenticator app.