Featured image of post Self-Hosting Bitwarden Password Management on Synology DS220+
Private Cloud

Self-Hosting Bitwarden Password Management on Synology DS220+

Password management is a crucial need for internet users. If you care even a little about security, you’ll understand the importance of using unique and random passwords for each website.

But managing different random passwords for each site can be a big hassle. While there are many password management tools like LastPass, 1Password, etc., storing all your passwords on a public cloud service — is it really safe?

That’s when I chose Bitwarden, an open-source password manager, and decided to self-host it on my Synology DS220+, keeping the password vault stored safely on my own NAS.

Here’s how I set it up:

Preparation

Create a directory in DSM:

1

/docker/bitwarden

Pull the Image

Instead of using the official self-hosted server, I went for the community version of Bitwarden called Vaultwarden, which is lighter and better suited for running on NAS devices.

Vaultwarden is a community-maintained Bitwarden server that is fully compatible with the official Bitwarden app and browser extensions.
GitHub: https://github.com/dani-garcia/vaultwarden
Docker: https://hub.docker.com/r/vaultwarden/server

In DSM, open Container Manager, search for vaultwarden/server in the image repository, and download the latest version.

Create the Container

Once the image is downloaded, go to the Vaultwarden/server page and start the container setup. In the Advanced Settings step, make the following changes:

  • Map the local port 3012 to the container’s port 3012
  • Map another local port (I chose port 2280) to the container’s port 80, which will be used for the external service
  • Map the /docker/bitwarden directory to the container’s /data directory

After the setup is complete, the container will start running automatically.

Start Using Vaultwarden

Once the container is running, open your browser and go to:

http://Synology_IP:2280

This will bring you to the Vaultwarden web interface where you can create an account.

Next, configure the Bitwarden client to connect to your self-hosted server. Here’s how you do it in the Chrome extension:

  1. At the login page, scroll to the bottom and choose “Self-hosted”:

  1. In the Server URL, enter:

http://Synology_IP:2280

Then, save it.

  1. Log in using the account you created earlier.

The setup for other clients (desktop apps, mobile apps) is very similar.

Now, your passwords are securely and privately stored on your NAS, keeping them under your control, with no reliance on cloud services. 🎉