GitHub-Bitwarden
/
help
mirror of https://github.com/bitwarden/help.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The help website/knowledgebase (bitwarden.com/help).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1034 Commits
5 Branches
0 Tags
184 MiB
 
 
 
 
Tree: b51a351dcb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b51a351dcb'
${ noResults }
help/_articles/hosting/environment-variables.md

4.6 KiB
Raw Blame History

layout title categories featured popular tags order
article Configure Environment Variables [hosting] false false [hosting docker install deploy] 5

Some features of Bitwarden are not configured by the bitwarden.sh installer. Configure these settings by editing the environment file, located at ./bwdata/env/global.override.env. global.override.env comes pre-baked with configurable variables (see Included Variables), however there are additional variables which can be manually added (see Optional Variables).

Whenever you make changes to global.override.env, perform a ./bitwarden.sh rebuild to apply your changes.

{% callout info %} This article will not define every environment variable, instead focusing on those used or configured by most installations. {% endcallout %}

Included Variables

The following variables are among those that already exist in global.override.env:

Variable Description
globalSettings__sqlServer__connectionString= Use this field to connect to an exernal MSSQL database.
globalSettings__oidcIdentityClientKey= A randomly generated OpenID Connect client key. For more information, see OpenID Documentation{:target="_blank"}.
globalSettings__duo__aKey= A randomly generated Duo akey. For more information, see Duo's Documentation{:target="_blank"}.
globalSettings__yubico__clientId= Client ID for YubiCloud Validation Service or Self-hosted Yubico Validation Server.

If YubiCloud, get your Client ID and Secret Key here{:target="_blank"}.

If self-hosted, see Optional Variable globalSettings__yubico__validationUrls.
globalSettings__yubico__key= Secret Key for YubiCloud Validation Service or Self-hosted Yubico Validation Server.

If YubiCloud, get your Client ID and Secret Key here{:target="_blank"}.

If self-hosted, see Optional Variable globalSettings__yubico__validationUrls.
globalSettings__mail__replyToEmail= Email address used for invitations, typically no_reply@smpt__host.
globalSettings__mail__smtp__host= Your SMTP Server hostname (recommended) or IP address.
globalSettings__mail__smtp__port= The SMTP port used by the SMTP Server.
globalSettings__mail__smtp__ssl= (Boolean) Whether your SMTP Server uses an encryption protocol:
true = SSL
false = TLS
globalSettings__mail__smtp__username= A valid username for the smtp__host.
globalSettings__mail__smtp__password= A valid password for the smtp__host.
globalSettings__disableUserRegistration= Specify true to disable new users signing up for an account on this instance via the Registration page.
globalSettings__hibpApiKey= Your HaveIBeenPwned (HIBP) API Key, available here.
adminSettings__admins= Email addresses which may access the [System Administrator Portal]({% link _articles/hosting/admin-portal.md%}).

Optional Variables

The following variables do not already exist in global.override.env, and can be manually added:

Variable Description
globalSettings__logDirectory= Specifies the directory to save log files to. By default, globalSettings__logDirectory=bwdata/logs.
globalSettings__logRollBySizeLimit= Specify the size limit in bytes to use for rolling log files (e.g. globalSettings__logRollBySizeLimit=1073741824).
globalSettings__syslog__destination= Specify a Syslog server or endpoint to send log files to (e.g. globalSettings__syslog__destination=udp://example.com:514).
globalSettings__mail__smtp__trustServer= Specify true to explicitly trust the certificate presented by the SMTP Server (not recommended for production).
globalSettings__mail__smtp__sslOverride= Specify true to use SSL (not TLS) on port 25.
globalSettings__mail__smtp__startTls= Specify true to force STARTTLS (Opportunistic TLS).
globalSettings__organizationInviteExpirationHours= Specify the number of hours after which an Organization Invite will expire (120 by default).
globalSettings__yubico__validationUrls__0= Primary URL for self-hosted Yubico Validation Server. For example: =https://your.url.com/wsapi/2.0/verify.

Add additional Validation Server URLs by creating incremented environment variables, for example globalSettings__yubico__validationUrls__1=, globalSettings__yubico__validationUrls__2=.