vaultwarden
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
Top Related Projects
Bitwarden infrastructure/backend (API, database, Docker, etc).
Free cross-platform password manager compatible with KeePass
A modern, open source password manager for individuals and teams.
:key: Cross-Platform Passwords & Secrets Vault
Quick Overview
Vaultwarden is an unofficial Bitwarden server implementation written in Rust. It aims to be a lightweight, fast, and feature-rich alternative to the official Bitwarden server, suitable for self-hosting and designed to work with existing Bitwarden clients.
Pros
- Lightweight and resource-efficient, making it ideal for self-hosting on low-powered devices
- Compatible with all official Bitwarden clients (web vault, mobile apps, browser extensions)
- Written in Rust, providing enhanced security and performance
- Supports most Bitwarden features, including organizations and sharing
Cons
- Unofficial implementation, which may lag behind official Bitwarden server updates
- Limited support for some enterprise features
- Potential compatibility issues with future Bitwarden client updates
- Smaller community compared to the official Bitwarden project
Getting Started
To get started with Vaultwarden, follow these steps:
- Install Docker on your system
- Run the following command to start Vaultwarden:
docker run -d --name vaultwarden \
-v /vw-data/:/data/ \
-p 80:80 \
vaultwarden/server:latest
- Access the Vaultwarden web interface at
http://your-server-ip
- Create an admin account and start using Vaultwarden with your preferred Bitwarden clients
For more advanced configuration options and deployment methods, refer to the official Vaultwarden documentation on GitHub.
Competitor Comparisons
Bitwarden infrastructure/backend (API, database, Docker, etc).
Pros of Bitwarden Server
- Official implementation with full feature support
- Extensive documentation and community support
- Regular updates and security audits
Cons of Bitwarden Server
- Higher resource requirements
- More complex setup and maintenance
- Requires a license for some enterprise features
Code Comparison
Bitwarden Server (C#):
public class User : ITableObject<Guid>
{
public Guid Id { get; set; }
public string Name { get; set; }
public string Email { get; set; }
public bool EmailVerified { get; set; }
}
Vaultwarden (Rust):
#[derive(Debug, Identifiable, Queryable, Insertable)]
#[table_name = "users"]
pub struct User {
pub uuid: String,
pub created_at: NaiveDateTime,
pub updated_at: NaiveDateTime,
pub email: String,
pub name: String,
}
The code snippets show differences in language and structure between the two projects. Bitwarden Server uses C# with a more concise class definition, while Vaultwarden employs Rust with additional attributes and fields.
Vaultwarden, being a third-party implementation, aims for API compatibility with Bitwarden while offering a lighter resource footprint and easier deployment. It's particularly suitable for self-hosting scenarios but may lack some advanced features found in the official Bitwarden Server.
Free cross-platform password manager compatible with KeePass
Pros of Keeweb
- Cross-platform compatibility: Works on web, desktop, and mobile devices
- Offline functionality: Can be used without an internet connection
- User-friendly interface: Intuitive design for easy password management
Cons of Keeweb
- Limited server-side features: Lacks advanced server management capabilities
- No built-in synchronization: Requires third-party services for syncing across devices
- Less extensive API support: Fewer integration options compared to Vaultwarden
Code Comparison
Keeweb (JavaScript):
const kdbxweb = require('kdbxweb');
const db = kdbxweb.Kdbx.create(credentials, 'My Database');
const group = db.createGroup(db.getDefaultGroup(), 'My Group');
const entry = db.createEntry(group);
entry.fields.Title = 'My Entry';
Vaultwarden (Rust):
use vaultwarden::db::DbConn;
use vaultwarden::api::EmptyResult;
pub fn create_cipher(conn: &DbConn, cipher: &NewCipher) -> EmptyResult {
cipher.save(conn)
}
The code snippets demonstrate the basic operations for creating entries in each system. Keeweb uses JavaScript and focuses on client-side operations, while Vaultwarden utilizes Rust for server-side functionality.
A modern, open source password manager for individuals and teams.
Pros of Padloc
- Built with modern web technologies (TypeScript, Web Components)
- Offers a more user-friendly and visually appealing interface
- Supports multiple vaults and organization features out of the box
Cons of Padloc
- Less mature and battle-tested compared to Vaultwarden
- Smaller community and fewer third-party integrations
- May require more resources to run due to its tech stack
Code Comparison
Padloc (TypeScript):
export class Vault extends Serializable {
@AsSerializable(Field)
name: string = "";
@AsSerializable(VaultItem)
items: VaultItem[] = [];
}
Vaultwarden (Rust):
#[derive(Debug, Serialize, Deserialize)]
pub struct Cipher {
pub uuid: String,
pub folder_uuid: Option<String>,
#[serde(rename = "type")]
pub type_: i32,
pub name: String,
pub notes: Option<String>,
}
This comparison highlights the different programming languages and approaches used in each project. Padloc uses TypeScript with decorators for serialization, while Vaultwarden employs Rust with derive macros for struct definitions.
:key: Cross-Platform Passwords & Secrets Vault
Pros of Buttercup
- Cross-platform desktop application with a user-friendly GUI
- Supports multiple vault formats and cloud storage options
- Offers a browser extension for easy password autofill
Cons of Buttercup
- Less robust server-side implementation compared to Vaultwarden
- May have fewer advanced features for enterprise use cases
- Smaller community and potentially slower development pace
Code Comparison
Buttercup (TypeScript):
export function createVault(name: string, password: string): Vault {
const vault = Vault.createWithDefaults();
vault.setPassword(password);
vault.setAttribute(Vault.Attribute.Name, name);
return vault;
}
Vaultwarden (Rust):
pub fn create_cipher(
&self,
user_uuid: &str,
data: CipherData,
headers: &Headers,
conn: &DbConn,
) -> ApiResult<Cipher> {
let mut cipher = Cipher::new(data.Type);
cipher.user_uuid = Some(user_uuid.to_string());
cipher.save(conn)?;
Ok(cipher)
}
The code snippets show different approaches to creating secure storage objects. Buttercup focuses on client-side vault creation, while Vaultwarden demonstrates server-side cipher creation with database integration.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
ð¢ Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.
Image is based on Rust implementation of Bitwarden API.
This project is not associated with the Bitwarden project nor Bitwarden, Inc.
â ï¸IMPORTANTâ ï¸: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
Features
Basically full implementation of Bitwarden API is provided including:
- Organizations support
- Attachments and Send
- Vault API support
- Serving the static files for Vault interface
- Website icons API
- Authenticator and U2F support
- YubiKey and Duo support
- Emergency Access
Installation
Pull the docker image and mount a volume from the host for persistent storage:
docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest
This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.
IMPORTANT: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'
. To solve this problem, you need to access the web vault via HTTPS or localhost.
This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).
If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).
Usage
See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.
Get in touch
To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use GitHub Discussions or the forum.
If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure you are on the latest version and there aren't any similar issues open, though!
If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!
Sponsors
Thanks for your contribution to the project!
Chris Alfano |
Numberly |
IQ333777 |
Top Related Projects
Bitwarden infrastructure/backend (API, database, Docker, etc).
Free cross-platform password manager compatible with KeePass
A modern, open source password manager for individuals and teams.
:key: Cross-Platform Passwords & Secrets Vault
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot