Selfhosted

40898 readers

1029 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

How to host vaultwarden internally (feddit.org)

submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/selfhosted

23 comments fedilink hide all child comments

I want to host a Vaultwarden (or Bitwarden if necessary) instance, but it keeps asking for a domain and a SSL certificate. I dont own a domain and dont want to enable port forwarding on my router to expose it to the outside.

Is it possible to host a instance only internally and access it via the IP or a domain set on my local DNS? How about SSL is it possible and/or necessary?

you are viewing a single comment's thread
view the rest of the comments

[–] icedterminal 4 points 1 week ago (1 children)

TLS.

While technically you can use TLS with a self signed certificate, it creates additional problems with a public facing service. Only recommended for internal services.

[–] [email protected] 1 points 1 week ago (1 children)

Other than having accept a self signed certificate, what's the problem to using the ip address? Mine hasn't changed in years.

[–] icedterminal 3 points 1 week ago (1 children)

Some self hosted services refuse to work if you use a self signed certificate with your public facing IP. They only allow self signed certificates when using one of the handful of private addresses.

Some apps on mobile devices for the service you use won't work unless a trusted certificate is used. A self signed certificate behind the scenes creates an error that isn't handled and you can't connect.

You lose the ability to have a proxy in front to handle abuse so your server is spared the headache. You need a domain to do this.

[–] [email protected] 1 points 1 week ago (1 children)

That's an ecosystem defect that you need a dns name paid subscription to use "institutionally sanctified" certificates.

My stuff should be made to still work in the apocalypse when San Francisco and Silicon Valley are underwater radioactive craters.

[–] icedterminal 1 points 1 week ago (1 children)

It's an industry security standard. Not a defect. If you don't agree with it, fork the software and modify it to suit your needs.

[–] [email protected] 1 points 1 week ago

You mean fork every https browser and server? With hookers and blackjack too?