Install Bitwarden on AlmaLinux 8: Secure Password Manager

In this guide, we’ll walk you through the process to Install Bitwarden on AlmaLinux 8. Bitwarden is a robust and secure open-source password manager, offering a wealth of features at a compelling price point. It empowers you to take control of your password security without sacrificing convenience.

Bitwarden provides all the essential security tools you’d expect from a top-tier password manager. This includes strong encryption, two-factor authentication (2FA), password security auditing to identify weak or reused passwords, password breach monitoring to alert you if your credentials have been compromised, and flexible hosting options, allowing you to choose between cloud-based or local (self-hosted) deployments. Let’s get started with the installation!

Follow the steps below on the Orcacore website to set up the Bitwarden password manager on AlmaLinux 8.

Before proceeding, ensure you have the following prerequisites in place:

• A server running AlmaLinux 8.
• A non-root user with sudo privileges. You can achieve this by following our guide on Initial Server Setup with AlmaLinux 8.
• Docker and Docker Compose installed on your server. Refer to our guide on Install and Use Docker on AlmaLinux 8 for detailed instructions.

Once you’ve satisfied these requirements, you’re ready to begin the Install Bitwarden on AlmaLinux 8 process.

1. Configure Firewall For Bitwarden

Assuming you have firewalld enabled (which is common on AlmaLinux 8), you need to open ports 80 (HTTP) and 443 (HTTPS) to allow access to your Bitwarden instance. Execute the following commands:

# sudo firewall-cmd --permanent --zone=public --add-service=http
# sudo firewall-cmd --permanent --zone=public --add-service=https
# sudo firewall-cmd --zone=public --add-masquerade --permanent

These commands permanently add the HTTP and HTTPS services to the public zone and enable masquerading. Masquerading is useful if your server is behind a NAT (Network Address Translation) device.

To apply these changes, reload the firewall:

sudo firewall-cmd --reload

2. Request Hosting Installation ID & Key From Bitwarden

To proceed with the Install Bitwarden on AlmaLinux 8, you’ll need an Installation ID and Key. Visit the Bitwarden Host page.

Enter your email address and click Submit. Bitwarden will then send you an email containing your unique Installation ID and Key.

Keep these credentials safe, as you’ll need them in the next step.

3. Download, Install, and Access Bitwarden Login

Now, download the Bitwarden installer script using the following curl command:

sudo curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh

This command downloads the bitwarden.sh script from Bitwarden’s official server and saves it to your current directory.

Make the downloaded file executable:

sudo chmod +x bitwarden.sh

This command grants execute permissions to the bitwarden.sh script.

Start the Bitwarden installation process on AlmaLinux 8 with the following command:

sudo ./bitwarden.sh install

The script will guide you through a series of prompts.

• Domain Name: Enter the domain name you intend to use for your Bitwarden instance (e.g., your.domain.com).
• Let’s Encrypt: You’ll be asked whether you want to use Let’s Encrypt to automatically generate SSL certificates. For this example, we’ll enter N (no) and continue. If you choose ‘yes’ the script will attempt to automatically configure TLS certificates using Let’s Encrypt.
• Database Name: Set a database name for Bitwarden.
• Installation ID & Key: Enter the Installation ID and Key you received from Bitwarden in step 2. If you encounter an error message like "Unable to validate installation ID. Problem contacting Bitwarden server," try re-running the command. This issue is sometimes transient.

After the installation completes, run the rebuild command before starting the Bitwarden service:

./bitwarden.sh rebuild

This command rebuilds the Bitwarden Docker containers.

Now, start the Bitwarden service on AlmaLinux 8:

./bitwarden.sh start

If you encounter the following error:

This error often indicates an issue with Docker’s networking. Restart the Docker service to resolve it:

sudo systemctl restart docker

Then, start Bitwarden again:

./bitwarden.sh start

Congratulations! Your Bitwarden instance should now be up and running, accessible at https://your.domain.com.

Conclusion

You’ve successfully learned how to Install Bitwarden on AlmaLinux 8. Remember, if you encounter issues starting Bitwarden, restarting the Docker service is often the solution. This guide provided you with the necessary steps to get your own password manager running on your server.

Here are some additional articles you might find interesting:

• Install and Configure Jekyll on AlmaLinux 8
• How To Install OpenSSL 3 on AlmaLinux 8
• VS Code Setup on AlmaLinux 8
• Network vulnerability scanner with Nessus on AlmaLinux 8
• Set up Vagrant on AlmaLinux 8
• Python 3.11 Setup Guide on AlmaLinux 8

Alternative Installation Methods

While the provided method utilizing the bitwarden.sh script is the officially recommended and often easiest approach to Install Bitwarden on AlmaLinux 8, let’s explore two alternative installation methods:

1. Manual Docker Compose Installation

This method offers more granular control over the Bitwarden installation process. You’ll manually download and configure the necessary Docker Compose files.

Explanation: Instead of relying on the bitwarden.sh script to handle the Docker Compose configuration, you can download the official docker-compose.yml file from Bitwarden and customize it according to your needs. This approach gives you the flexibility to modify ports, volumes, and other settings directly.

Steps:

1. Download the Docker Compose File:

   sudo curl -L https://raw.githubusercontent.com/bitwarden/server/master/docker/docker-compose.yml -o docker-compose.yml

2. Create a .env file: Create a .env file in the same directory as the docker-compose.yml file. Populate this file with the necessary environment variables, including your Installation ID and Key. Example .env file:

   globalSettings__mail__smtp__host=smtp.example.com
   globalSettings__mail__smtp__port=587
   globalSettings__mail__smtp__ssl=true
   globalSettings__mail__smtp__username=your_email@example.com
   globalSettings__mail__smtp__password=your_smtp_password
   globalSettings__mail__replyToEmail=your_email@example.com
   globalSettings__installationId=YOUR_INSTALLATION_ID
   globalSettings__installationKey=YOUR_INSTALLATION_KEY

   Remember to replace the placeholder values with your actual SMTP settings, Installation ID, and Installation Key.

3. Customize the docker-compose.yml (Optional): Edit the docker-compose.yml file to adjust any settings, such as port mappings or volume mounts.

4. Start Bitwarden:

   sudo docker-compose up -d

   This command starts the Bitwarden containers in detached mode.

5. Verification: Check the container logs to ensure that all services have started successfully. You can view the logs using:

   sudo docker-compose logs -f

This method provides greater control and transparency over the Bitwarden installation. It is more suitable for users with experience with Docker and Docker Compose.

2. Using a Pre-built Docker Image with Custom Configuration

This approach involves using a publicly available Docker image (ensure it’s from a trusted source) and configuring it with your specific settings.

Explanation: Instead of relying on the official script, some users prefer to use pre-built Docker images that might offer optimized configurations or additional features. However, caution is advised when using third-party images. Always verify the image’s source and integrity.

Steps:

1. Pull the Docker Image: (Replace example/bitwarden-custom with the actual image name)

   sudo docker pull example/bitwarden-custom

2. Create a Configuration Directory: Create a directory to store your Bitwarden configuration files.

   sudo mkdir /opt/bitwarden-config

3. Create a docker-compose.yml File: Create a minimal docker-compose.yml file that references the pulled image and mounts the configuration directory.

   version: "3.7"
   services:
     bitwarden:
       image: example/bitwarden-custom
       ports:
         - "80:80"
         - "443:443"
       volumes:
         - /opt/bitwarden-config:/config
       environment:
         - INSTALLATION_ID=YOUR_INSTALLATION_ID
         - INSTALLATION_KEY=YOUR_INSTALLATION_KEY

   Replace example/bitwarden-custom with the actual image name, YOUR_INSTALLATION_ID with your Installation ID, and YOUR_INSTALLATION_KEY with your Installation Key.

4. Start Bitwarden:

   sudo docker-compose up -d

5. Verification: As with the manual Docker Compose method, check the container logs to ensure successful startup.

Important Considerations:

• Security: When using pre-built Docker images, carefully evaluate the source and security of the image. Look for images from reputable publishers and check for any known vulnerabilities.
• Maintenance: Ensure that the image is actively maintained and updated with the latest security patches.
• Configuration: Understand the specific configuration options and environment variables required by the chosen image.

These alternative methods offer different levels of control and customization. The official bitwarden.sh script remains the simplest and most recommended option for most users, but these alternatives can be useful in specific scenarios where greater flexibility is required. Remember to exercise caution and prioritize security when using third-party Docker images. Successfully Install Bitwarden on AlmaLinux 8 is crucial for a secure password management system.