Currently, The Bitwarden desktop-client only supports configuring via user-only configuration: Configure Clients Centrally | Bitwarden Help Center
We’re using the desktop-client on our over 100+ Notebooks running Arch Linux, where all configs are managed via an ansible-like configuration tool.
Since the notebooks are all designed to be a multi-user setup, we’ve stored all global configurations in /etc/<appname>.
However, the Bitwarden desktop only supports configuration in /home/<user>/.config/Bitwarden/data.json
This limits us to use the notebooks only as single-user device, since we wouldn’t dare to change files inside the user-home.
I propose the following change to the desktop-client:
Add a global config in /etc/Bitwarden/data.json, which would re-use the “global” part of the current user-config:
{
"global.vaultTimeout": -1,
"global.vaultTimeoutAction": "lock",
"global": {
"theme": "system",
"window": {
"width": 950,
"height": 600,
"isMaximized": false,
"displayBounds": {
"x": 0,
"y": 0,
"width": 1704,
"height": 1065
},
"x": 377,
"y": 245,
"zoomFactor": 1
},
"environmentUrls": {
"base": null,
"api": null,
"identity": null,
"icons": null,
"notifications": null,
"events": null,
"webVault": null,
"keyConnector": null
},
"openAtLogin": false,
"region": "US",
"installedVersion": "2024.1.0"
}
}
The desktop app should work it’s way through the different configuration-files in the following order:
/etc/Bitwarden/data.json/home/<user>/.config/Bitwarden/data.json
This would allow us and other clients/companies to create a dedicated global Bitwarden configuration, which can be roll-out on all the devices in the same path, without having to determine, how many users are using the device and looping through all of them to change the config, which they might have changed.