How To Set Up Bitwarden And Keep Your Passwords Safe On A Synology NAS

Store and manage all your passwords on your Synology NAS. Bitwarden is a popular password manager that can help you conveniently create and use more secure passwords for all your … Read more

Taylor Bell

Taylor Bell

Published on May 19, 2024

How To Set Up Bitwarden And Keep Your Passwords Safe On A Synology NAS

Store and manage all your passwords on your Synology NAS.

Bitwarden with Synology NAS

Bitwarden is a popular password manager that can help you conveniently create and use more secure passwords for all your accounts. By default, the available apps will use Bitwarden’s backend cloud infrastructure to store your passwords and provide access anywhere in the world. Because one of the primary goals of setting up network-attached storage (NAS) may be to run some services in-house, taking full control of your passwords and how they’re stored is easy by running Bitwarden on your server. This guide will walk you through how to set Bitwarden up on a Synology NAS.

How to install Bitwarden on Synology NAS

Vaultwarden on Synology DSM

This guide will use an unofficial docker version of the Bitwarden server stack called Vaultwarden.

  1. Log into your Synology NAS.
  2. Open Package Manager.
  3. Search for and install Container Manager.
  4. Open Container Manager.
  5. Click Registry.
    Downloading Vaultwarden image on Container Manager

  1. Search for “Vaultwarden.”
  2. Click Vaultwarden/server.
  3. Click Download.
  4. Click Apply.
    Downloading Vaultwarden image on Container Manager

  5. Click Container.
  1. Click Create.
    Creating a Vaultwarden DSM container

  2. Choose Vaultwarden/server:latest in the image drop-down menu.
  3. Check Enable auto-restart.
  4. Click Next.
  5. Enter a port number in the two available TCP fields.
  1. Click Add Folder. Select a folder to use for Vaultwarden. I recommend creating one within the docker folder. (Enter “https://www.xda-developers.com/data” in the blank field.)
    Configuring the new Vaultwarden DSM container

  2. Click Done.
    Vaultarden DSM settings summary

  3. Open Control Panel.
  4. Go to External Access> DNSS.
  5. Click Add.
    DDNS in DSM 7

  1. Choose Synology as the Service Provider.
  2. Enter a hostname. (For example: xda.synology.me.)
  3. Click Test Connection. (If it fails, the hostname is likely already taken.)
  4. Select Get a certificate from Let’s Encrypt and set it as default.
    Adding DDNS in Synology DSM 7

  5. Click OK.
  1. Click OK.
  2. Go to Login Portal> Advanced.
  3. Click Reverse Proxy.
  4. Click Create.
  5. Set a Proxy name.
  1. Change the source protocol to HTTPS.
  2. Enter the hostname. (vaultwarden.CHANGEME.synology.me.)
  3. Set the source port to 443.
  4. Check Enable HSTS.
  5. Set destination hostname to localhost.
  1. Set destination port to 9890.
    Adding a reverse proxy in Synology DSM 7

  2. Select the Custom Header tab.
  3. Click Create.
  4. Click WebSocket.
  5. Click Save.
  1. Click Close.
  2. Go to Network> Connectivity.
  3. Check Enable HTTP/2.
  4. Click Save.
  5. Go to Security> Advanced.
  6. Check Enable HTTP Compression.
  7. Click Save.

You’ll now be able to connect to your newly configured Vaultwarden instance and set everything up, following the handy on-screen wizard.

Which Synology NAS should you buy?

There are countless Synology enclosures available, but which would be best for running a Vaultwarden instance? Any Synology NAS would do and it depends if you want to run additional services alongside the password manager. Anything from the budget-friendly Synology DiskStation DS223j to the DiskStation DS224+ would work well. I recommend keeping the password manager on the same NAS as your home or office server for storage, keeping everything in one place, though you may wish to separate these deployments for added security.

TerraMaster and Asustor NAS

Related

Best NAS devices in 2024

Expand your PC storage with one of these NAS enclosures

Partager cet article

Inscrivez-vous à notre newsletter