Bitwarden

Your password manager

Information security experts recommend using complex passwords and creating a unique one for each account. Even three or four passwords are difficult to remember, so people often use the same password or similar ones. A password manager solves this problem: it generates complex passwords and stores them in a convenient form.

Bitwarden can be downloaded and configured on your server, which is what we use as part of the SelfPrivacy project. Unlike other free (like freedom) password managers, Bitwarden provides easy synchronization of one database between all devices.

  • WEB-interface: available after SelfPrivacy server configuration, at https://password.YOUR.DOMAIN
  • Official client (GNU/Linux, Windows, macOS, Android, iOS)

Setting an admin token manually

First, make sure your system config is up to date. You may click “upgrade server” in the app and wait for a couple of minutes, or run the following command in the terminal:

cd /etc/nixos
git pull

Then, we have to generate an admin token. Run the following:

nix-shell -p openssl --run 'openssl rand -base64 48'

It will output a string like this:

47pFSgYBbS0G0vCG63nX1yyblzgNaqZ40bNuJnwq2hvOy8ABfe+iHRfBeXlfrRdJ

This will be a password to your admin account. Copy it and paste it somewhere safe. To set it, we will run the following, replacing PASSWORD with the password you just generated:

jq '.bitwarden.adminToken = "PASSWORD"' /etc/nixos/userdata/userdata.json > /etc/nixos/userdata/userdata.json.new && mv /etc/nixos/userdata/userdata.json.new /etc/nixos/userdata/userdata.json

Now, we have to apply the changes:

nixos-rebuild switch

And after rebuilding the system, restart Bitwarden:

systemctl restart vaultwarden

Now, your admin interface is available on https://password.YOUR.DOMAIN/admin.