How to Set Up a Self-Hosted Bitwarden Add-On on Home Assistant

Abraham Smith

The same Home Assistant server that makes your home smart can also run other services like Bitwarden. All you have to do is set up a self-hosted Bitwarden server as an add-on on top of your Home Assistant installation. You can then use this Bitwarden server to create and store complex passwords on your smartphone or in a web browser on your PC.


The best part is that you never have to pay for the password manager service as it is completely open source and free.


things you need

You need Home Assistant Server running on a Raspberry Pi (preferably on a Raspberry Pi 4 4GB or 8GB). Although you can also install Home Assistant Server on a PC or other hardware, you must install and configure the add-ons manually using the command line shell as this version is not monitored.

After setting up Home Assistant on the Raspberry Pi, follow the steps below to install, configure and deploy Bitwarden.

Install the Bitwarden add-on

Follow these steps to install the Bitwarden add-on in Home Assistant:

  1. Login to your Home Assistant server and navigate to settings > addons.
  2. press the ADD ON STORE Button.
  3. Use the search bar to search and click Vaultwarden (Bitwarden).
  4. press the To install Button to start installing the Bitwarden add-on on your Home Assistant server. This can take up to a minute.
  5. After installation, enable Start at Boot, Watchdog, and Auto-Update options.
  6. Then click beginning.

If you can’t find it, click on it this link > Open connection to add the repository and then find and install the Bitwarden add-on.

You can now call up the IP of your Home Assistant server with port 7277. For example, 192.168.0.111:7277.

You can also click the open web UI button on the add-on page to open the Bitwarden web UI. However, you cannot create an account or register if you do not secure the Bitwarden server.

Configure the SSL with Cloudflared Tunnel

On the Home Assistant server, you can install and use the Cloudflared add-on to expose the local Bitwarden server to the internet with secure SSL/TLS encryption. Once you launch the Cloudflared tunnel, you or other users you create accounts for in Bitwarden can easily access and manage their password vaults from all their devices.

The steps are as follows:

  1. Register a free domain on Freenom.com or buy a new domain to host your Bitwarden server. Once you have the domain, create an account with Cloudflare and add your domain. Also, enable HTTPS.
  2. Click on this link and then on the Open connection Possibility. This will open your local Home Assistant instance and you can add this custom repository to your Home Assistant to install the required Cloudflared add-on.
  3. click Add to to add the repository.
  4. Under settings > addonslook for Cloudflared and click on it To install.
  5. Activate after installation Start at boot and guard dog options.
  6. Then click Construction and then click the three points > Edit in YAML.
  7. Paste the following code into the Options box. Make sure you’yourdomainname‘ with your domain name and IP address in the Service: with your Home Assistant server IP. Keep the port 7277. 
    additional_hosts:
    - hostname: bitwarden.YourDomainName.org
    service: http:
    external_hostname: YourDomainName.org
    tunnel_name: bitwardenserver
    tunnel_token: ""
    nginx_proxy_manager: false
    log_level: debug
    warp_enable: true
    warp_routes:
    - 192.168.0.2/24
  8. click Save on computer and then click Restart ADD ON.
  9. Go to Cloudflared’s add-ons page and click the protocol Tab.
  10. After a few seconds, you’ll see a Cloudflare URL. Copy and paste this URL into your web browser. This will open the Cloudflare page.
  11. Sign in to Cloudflare, then select the domain name you added.
  12. click Authorize. After authorization, the add-on creates a secure tunnel for your Bitwarden server.
  13. Open the file editor and click on the folder icon at top left.
  14. Click on that Configuration.yaml file and paste the following lines as shown below and click the Save on computer Symbol. 
    http:
    use_x_forwarded_for: true
    trusted_proxies:
    - 172.30.33.0/24
  15. Go to Developer Tools and click Check Configuration. When Configuration Valid is displayed, click Start anew. Wait for the server to restart.
  16. After the reboot, you can visit the URL https://bitwarden.yourdomainname.com to access the Bitwarden server on the internet with secure SSL/TLS encryption.

You can now log in and create user accounts for yourself and your family and friends.

Disable logins

Currently anyone can login and create vaults with your Bitwarden URL. To avoid this, you can disable logins. To do this, you need to access the Bitwarden admin panel at the following address:

https://bitwarden.yourdomainname.org/admin

Then paste the admin token (get the admin token/password in the logs) to open the admin panel. If you don’t see the access token, reinstall the add-on and check the log again after launching the add-on.

The add-on only displays the admin token once. Write it down somewhere safe.

Once you access the admin panel, you can edit and change various settings, including disabling logins. You can also enable two-factor authentication and create policies on how users can access and use their Bitwarden accounts hosted on your Home Assistant server.

Use Bitwarden on Android or iOS devices

To access and use Bitwarden on your Android or iOS device, you need to install the Bitwarden Password Manager app from the Google Play Store or App Store.

After installing the app, follow the steps below on your Android or iOS device:

  1. Open the Bitwarden Password Manager app and then tap the gear icon in the top left of the app.
  2. Give her Bitwarden Server URLie https://bitwarden.yourdomainname.com and save it.
  3. Then tap the log in and enter the username and password to login to your Bitwarden server vault and access all passwords.

Set up Bitwarden in the web browser

In order to access and use the Bitwarden server and accounts in your web browsers, you need to install the Bitwarden Password Manager extension. The extension is available for all major web browsers like Chrome, Edge, Mozilla Firefox, etc.

After installing the extension, follow the steps below to configure it and securely access or store all your passwords in your web browsers on all devices.

  1. In which chrome Web browser, click the Bitwarden extension and then click the gear Symbol.
  2. Enter your Bitwarden Server URL i.e. https://bitwarden.yourdomainname.com and click Save on computer.
  3. click registration and then enter the username and password on your Bitwarden server. If you have two-factor authentication enabled, enter the code to log in.
  4. You can now access all passwords and securely manage them right from your web browser.

The steps are more or less similar to those of other web browsers.

Free lifetime password manager

After setup is complete, you can export all your passwords from your web browser in JSON or CSV format and import them straight into your BitWarden vault.

With a Bitwarden self-hosted server, you never need to subscribe to a password manager. Secured with SSL/TLS via Cloudflared tunnels and multi-factor authentication (MFA), your server stays secure and passwords stay encrypted across all your devices. Passwords are also automatically synced across all your devices. Plus Bitwarden will also notify you if any of your passwords are found in leaks or data breaches.

Leave a Reply

Your email address will not be published. Required fields are marked *