What We're Creating

In this lesson I'm going to show you how to properly create the necessary install files we'll need for installing and running Bitwarden and Caddy in a few steps.

This might seem a little out of place, but we'll need some of the configurations from this step to make setting up the next items smoother, so we'll do it now.

This step is very important, this is going to be the file that tells Bitwarden and our Reverse Proxy how to install themselves and function. So pay attention!

Creating The Necessary Directories

First, from your command line interface, we need to make a directory to store our Docker containers later. Do it with this command:

mkdir ~/containers

This will create a directory (folder) named 'Containers' in the main directory of your server. Let's move into that directory with the following command:

cd containers

First, we'll create a directory to store a file that tells our Reverse Proxy later how to operate.

mkdir ./caddy

Creating The Caddyfile

Now we'll create a file inside that directory to store our configuration settings.

nano ./caddy/Caddyfile

When you open this file up, it will be blank. That's because we just created it!
Paste the following lines in, replacing your@email.com with your email address, and yourdomain.com with your domain.

  email your@email.com

yourdomain.com {
  reverse_proxy bitwarden:8080

Just as an example, here's what mine looks like.


Save and exit this file with 'CTRL+X', 'y', and 'Enter'.

Creating The docker-compose.yml File

Now we're going to create the big daddy file. This is the file that will tell Bitwarden how to install and configure itself and work with everything we've set up and will set up.

To get started, make sure you're inside the 'containers' directory (if you haven't moved anywhere yet since the last step, you're in the right place) and create a new file with the following command.

nano ./docker-compose.yml

This will open up another Nano text editor with a new blank file. Copy the code below into your text editor and follow these steps:

  1. On the 10th line subnet: you can replace the two middle numbers with any numbers you like, as long as they are between 1 and 254. This is setting the subnet you wish to use for your server.
    If you know what you're doing, you can use any private subnet you like.
    If you're new to this, you can go ahead and use the subnet I have here.
    If you want to use your own numbers, let me show you some examples.You'll see on Line 10 my code reads

    - subnet: ""

    You can change it to look like this if you want.

    - subnet: "10.any#.any#.0/29"

    Where 'any#' is any number between 1 and 254.

    For example, it could be

    - subnet: ""


    - subnet: ""

    It doesn't matter. Make sure the first number is less than the second and remember what your subnet is.
    Leave the first number as 10 and the last number as 0/29

  2. On the 11th line gateway: make sure it is identical to your subnet, with the only difference being the final number must be 1
    For example, if your subnet is

    - subnet: ""

    then your gateway must be

    - subnet: ""
  3. Replace all instances of quail with the username of your Limited User Account. If you forgot, you can use the command whoami from your Command Line Interface.
  4. Replace all instances of quailavocadotoast.com with your domain.
  5. On line 32, MARIADB_DATABASE replace insertdatabasename with any database name you like. Yes, make it up. But remember it and write it down; you'll need it later.
  6. On line 33 MARIADB_USER replace insertausername with any user name for your database you like. Yes, make it up. Remember it and write it down.
  7. On line 34, MARIADB_PASSWORD replace insertapassword with any password for your database you like. Yes, make it up. Remember it and write it down.
  8. At the bottom of services you'll see a line under extra_hosts. Make sure to replace my domain with your own and make sure the gateway that follows the colon is the same one you set above.

Here is my code; remember to make the above changes. I've highlighted all the areas you need to pay attention to.

For more information, you can also visit Bitwarden's Github Example of docker-compose.yml

version: "3.8"

    name: bitwarden
    driver: bridge
        - subnet: ""
          gateway: ""

      - db
      - /home/quail/containers/bitwarden/settings.env
    image: bitwarden/self-host:beta
    container_name: bitwarden
    restart: unless-stopped
      - bitwarden:/etc/bitwarden
      - /etc/tls/certs/pf.crt:/usr/local/share/ca-certificates/quailavocadotoast.com.crt
      - bitwarden
      - "quailavocadotoast.com:"

      MARIADB_DATABASE: "insertadatabasename"
      MARIADB_USER: "insertausername"
      MARIADB_PASSWORD: "insertapassword"
    image: mariadb:10
    container_name: db
    restart: unless-stopped
      - db_data:/var/lib/mysql
      - bitwarden

    image: caddy:latest
    restart: unless-stopped
    container_name: caddy
      - 80:80
      - 443:443
      - /home/quail/containers/caddy/Caddyfile:/etc/caddy/Caddyfile
      - /home/quail/containers/caddy/share:/root/.local/share/caddy
      - /home/quail/containers/caddy/caddy_data:/data
      - /home/quail/containers/caddy/caddy_config:/config
      - bitwarden

    external: true

Make sure you made all the above changes, and save and exit this file.
With your

  1. subnet
  2. gateway
  3. dbname
  4. username
  5. dbpassword

written down, let's move on to setting up our server for email via SMTP.