VaultWarden is an API backend for Bitwarden clients (Browser, Mobile, Windows, MacOS). It also ships with the debranded Web UI of Bitwarden.

The most simple setup of VaultWarden uses sqlite with WAL to store the encrypted password data it syncs. This does not work with network filesystems such as SMB. The VaultWarden server supports MariaDB and PostgreSQL as well without the limitations of using sqlite.

//vmhost/dokumente/vw     /home/simar/vw-data      cifs  credentials=/root/.cifs,vers=3.0,uid=1000,gid=1000,context=system_u:object_r:container_file_t:s0,noexec,nosuid  0 0

[Unit]
Description=Vaultwarden container
After=network-online.target
 
[Container]
AutoUpdate=registry
Image=ghcr.io/dani-garcia/vaultwarden:latest
Exec=/start.sh
Environment=ENABLE_DB_WAL=false
Environment=DATABASE_URL=mysql://audi:ZzvIFRB%%2AkxdSd6ro@192.168.1.232/audi
Environment=ADMIN_TOKEN=$argon2id$v=19$m=65540,t=3,p=4$KzZrZ0d1Z1hSYkxZSUlwdVR[...]0$tSKJQFFSiplu001VJt[...]
Environment=DOMAIN=https://audi.machine-deck.jeffries-tube.at
Environment=SIGNUPS_ALLOWED=false
Volume=/home/$USER/vw-data/:/data/:z
PublishPort=60080:80
 
[Install]
WantedBy=default.target

Docu is available in a wiki on GitHub. The ADMIN_TOKEN is a hashed password. Create it using:

sudo dnf install argon2
# Using the Bitwarden defaults
echo -n "MySecretPassword" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4