Skip to content

Chen-Software/vaultwarden-containerised

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

104 Commits
bitwarden
bitwarden
 
 
.env.template
.env.template
 
 
.gitignore
.gitignore
 
 
Licence
Licence
 
 
ReadMe.md
ReadMe.md
 
 
compose.yaml
compose.yaml
 
 

Repository files navigation

Vaultwarden Containerised

Overview

A self-hosted password & secret management deployment using Vaultwarden (Bitwarden-compatible server) optimised for Apple Silicon / ARM64 architecture. This turns your M-series Mac Mini/Studio into a powerful professional (headless) home/studio server.

Originally forked from dadatuputi/bitwarden_gcloud, replaced and minimised external dependencies with CloudFlare Tunnel protection, and redesigned for on-premise ARM-based servers using MacOS native Apple/Container via Container Compose.

Why This Stack?

  • Zero-trust networking: CloudFlare Tunnel eliminates port forwarding and direct internet exposure
  • ARM-optimised: Native ARM64 images for better performance on Apple Silicon (Mac Mini M2/M4)
  • Low maintenance: Watchtower keeps containers automatically updated
  • Privacy-focused: Your data stays on your hardware

Features

Prerequisites

Getting Started

  1. Pull all required images:
container image pull vaultwarden/server:latest-alpine
container image pull cloudflare/cloudflared:latest
container image pull containrrr/watchtower:latest
  1. Configure your environment:
cp .env.template .env

Edit .env and set at minimum:

  • DOMAIN: Your fully-qualified domain (e.g., https://vault.example.com)
  • TUNNEL_TOKEN: Your CloudFlare Tunnel token
  • TZ: Your timezone (e.g., Etc/UTC)
  1. Start the services:
container-compose up -d

Services

  • bitwarden: Vaultwarden server (port 80)
  • tunnel: CloudFlare Tunnel for secure external access
  • watchtower: Automatic container updates (runs Sundays at 3am by default)

Configuration

See .env.template for all available configuration options including:

  • SMTP settings for email invitations
  • Push notification settings
  • Yubikey 2FA configuration
  • Organization creation restrictions

Licence

This project is a derivative work:

  • Modifications by Yumin Chen (2026) - Public Domain (Unlicense)
  • Original work by Bradford (2020) - MIT Licence

See Licence file for full details.

About

Vaultwarden optimised for on-premise ARM architecture servers using Apple's native container framework.

pass.chen.so

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors