Configure Environment Variables
Some features of Bitwarden are not configured by the bitwarden.sh installer. Configure these settings by editing the environment file, located at ./bwdata/env/global.override.env. This .env file comes pre-baked with configurable variables (see Included variables), however there are additional variables which can be manually added (see Optional variables).
Whenever you make changes to global.override.env, perform a ./bitwarden.sh rebuild to apply your changes.
備考
This article will not define every environment variable, instead focusing on those used or configured by most installations.
The following variables are among those that already exist in global.override.env:
Variable | Description |
|---|---|
globalSettings__sqlServer__connectionString= | Use this field to connect to an exernal MSSQL database. |
globalSettings__oidcIdentityClientKey= | A randomly generated OpenID Connect client key. For more information, see OpenID Documentation. |
globalSettings__duo__aKey= | A randomly generated Duo akey. For more information, see Duo's Documentation. |
globalSettings__yubico__clientId= | Client ID for YubiCloud Validation Service or self-hosted Yubico Validation Server. |
globalSettings__yubico__key= | Secret Key for YubiCloud Validation Service or self-hosted Yubico Validation Server. |
globalSettings__mail__replyToEmail= | Email address used for invitations, typically |
globalSettings__mail__smtp__host= | Your SMTP server hostname (recommended) or IP address. |
globalSettings__mail__smtp__port= | The SMTP port used by the SMTP server. |
globalSettings__mail__smtp__ssl= | (Boolean) Whether your SMTP server uses an encryption protocol: |
globalSettings__mail__smtp__username= | A valid username for the |
globalSettings__mail__smtp__password= | A valid password for the |
globalSettings__disableUserRegistration= | Specify |
globalSettings__hibpApiKey= | Your HaveIBeenPwned (HIBP) API Key, available here. This key allows users to run the Data Breach report and to check their master password for presence in breaches when they create an account. |
adminSettings__admins= | Email addresses which may access the System Administrator Portal. |
The following variables do not already exist in global.override.env, and can be manually added:
Variable | Description |
|---|---|
globalSettings__logDirectory= | Specifies the directory to save log files to. By default, |
globalSettings__logRollBySizeLimit= | Specify the size limit in bytes to use for rolling log files (for example, |
globalSettings__syslog__destination= | Specify a syslog server or endpoint to send log files to (for example, |
globalSettings__mail__smtp__trustServer= | Specify |
globalSettings__mail__smtp__sslOverride= | Specify |
globalSettings__mail__smtp__startTls= | Specify |
globalSettings__organizationInviteExpirationHours= | Specify the number of hours after which an organization invite will expire ( |
globalSettings__yubico__validationUrls__0= | Primary URL for self-hosted Yubico Validation Server. For example:
|
globalSettings__enableCloudCommunication= | Set to |
adminSettings__deleteTrashDaysAgo= | Specify the number of days after which to permanently delete items from the trash. By default, |
globalSettings__sso__enforceSsoPolicyForAllUsers= | Specify |