-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Building binary
This page is primarily for those interested in vaultwarden development, or who have a specific reason for wanting to build their own binary.
Typical users should either deploy via Docker, extract the pre-built binaries from the Alpine-based Docker images, or look for a third-party package.
-
Rust stable
(strongly recommended to use rustup) - On a Debian based distro some general packages to make sure building should go fine install the following:
build-essential
,git
-
OpenSSL
(should be available in path, see openssl crate docs) On a Debian based distro, you need to installpkg-config
andlibssl-dev
- For the SQlite3 backend on a Debian based distro you need to install
libsqlite3-dev
- For the MySQL backend on a Debian based distro you need to install
libmariadb-dev-compat
andlibmariadb-dev
- For the PostgreSQL on a Debian based distro you need to install
libpq-dev
andpkg-config
-
NodeJS
(only when compiling the web-vault, install through your system's package manager, use the prebuilt binaries) or nodesource binary distribution Note: Building the web-vault currently requires NodeJS v16 and NPM v8.11
# Compile with all backends and run
cargo run --features sqlite,mysql,postgresql --release
# or just compile with all backends (binary located in target/release/vaultwarden)
cargo build --features sqlite,mysql,postgresql --release
# Compile with sqlite backend and run
cargo run --features sqlite --release
# or just compile with sqlite (binary located in target/release/vaultwarden)
cargo build --features sqlite --release
# Compile with mysql backend and run
cargo run --features mysql --release
# or just compile with mysql (binary located in target/release/vaultwarden)
cargo build --features mysql --release
# Compile with postgresql backend and run
cargo run --features postgresql --release
# or just compile with postgresql (binary located in target/release/vaultwarden)
cargo build --features postgresql --release
When run, the server is accessible in http://localhost:8000.
A compiled version of the web vault can be downloaded from dani-garcia/bw_web_builds.
Note: building the Vault needs ~1.5GB of RAM. On systems like a RaspberryPI with 1GB or less, please enable swapping or build it on a more powerful machine and copy the directory from there. This much memory is only needed for building it, running vaultwarden with vault needs only about 10MB of RAM.
If you prefer to compile it manually, follow these steps:
- Clone the git repository at dani-garcia/bw_web_builds:
# clone the repository
git clone https://github.com/dani-garcia/bw_web_builds.git bw_web_builds
cd bw_web_builds
# Use docker as the build environment (safest way and uses the correct build versions)
# This will build the web-vault, and extract the files to a docker_build directory.
make docker-extract
# Using the host provided npm and node instead.
make full
- Clone the git repository at bitwarden/clients and checkout the latest release tag (e.g. v2022.6.0):
# clone the repository
git clone https://github.com/bitwarden/clients.git web-vault
cd web-vault
# switch to the latest tag
git -c advice.detachedHead=false checkout web-v2022.6.0
# Or use the commit hash for that version
git -c advice.detachedHead=false checkout bb5f9311a776b94a33bcf0a7bff44cd87a2fcc92
- Download the patch file from dani-garcia/bw_web_builds and copy it to the
web-vault
folder. To choose the version to use, assuming the web vault is versionvXXXX.Y.Z
:- If there is a patch with version
vXXXX.Y.Z
, use that one - Otherwise, pick the one with the largest version that is still smaller than
vXXXX.Y.Z
- If there is a patch with version
- Apply the patch
# In the 'web-vault' directory
git apply vXXXX.Y.Z.patch
- Then, build the Vault:
npm ci
# Read the note below (we do use this for our docker builds).
# npm audit fix
# Change to the web-vault directory
cd apps/web
# Build the web-vault
npm run dist:oss:selfhost
Note: You might be asked to run npm audit fix
to fix vulnerability. This will automatically try to upgrade packages to newer version, which might not be compatible and break web-vault functionality``` Use it at your own risk, if you know what you are doing. We do use this on our own releases btw!
Finally copy the contents of the build
folder into the destination folder:
- If you run with
cargo run --release
, it'svaultwarden/web-vault
. - If you run the compiled binary directly, it's next to the binary, in
vaultwarden/target/release/web-vault
.
The available configuration options are documented in the default .env.template
file, and they can be modified by uncommenting the desired options in that file or by setting their respective environment variables. See the Configuration section of this wiki for the main configuration options available.
If you want to use this file you need to copy it, and name it .env
and adjust the settings in that specific file.
Note: the environment variables override the values set in the .env
file.
Install diesel-cli with cargo:
cargo install diesel_cli --no-default-features --features sqlite-bundled
Make sure that the correct path to the database is in the .env
file.
If you want to modify the schemas, create a new migration with:
diesel migration generate <name>
Modify the *.sql files, making sure that any changes are reverted in the down.sql file.
Apply the migrations and save the generated schemas as follows:
diesel migration redo
# This step should be done automatically when using diesel-cli > 1.3.0
# diesel print-schema > src/db/sqlite/schema.rs
Refer to using the MariaDB (MySQL) Backend if you want to migrate from SQLite.
Refer to using the PostgreSQL backend if you want to migrate from SQLite.
- Which container image to use
- Starting a container
- Updating the vaultwarden image
- Using Docker Compose
- Using Podman
- Building your own docker image
- Building binary
- Pre-built binaries
- Third-party packages
- Deployment examples
- Proxy examples
- Logrotate example
- Overview
- Disable registration of new users
- Disable invitations
- Enabling admin page
- Disable the admin token
- Enabling WebSocket notifications
- Enabling Mobile Client push notification
- Enabling U2F and FIDO2 WebAuthn authentication
- Enabling YubiKey OTP authentication
- Changing persistent data location
- Changing the API request size limit
- Changing the number of workers
- SMTP configuration
- Translating the email templates
- Password hint display
- Disabling or overriding the Vault interface hosting
- Logging
- Creating a systemd service
- Syncing users from LDAP
- Using an alternate base dir (subdir/subpath)
- Other configuration