Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
I switched from keepass to vaultwarden (self hosted bitwarden) and am glad I tried it out as am finding it so much better on all my devices. I definitely recommend giving it a try if you're just looking to tinker with things
I swore by Keepass for years... recently switched to Bitwarden last month and so glad I did.
Vaultwarden? Sounds interesting! Does it support the .kbdx format or will I have to re-make my whole database?
Here is a list of all the supported apps and formats: https://bitwarden.com/help/import-faqs/#q-what-file-formats-does-bitwarden-support-for-import
I see KeePass 2 and KeePassX being listed, and assume that the KPXC app will have some sort of option for an unencrypted export of all data. That can then easily be imported into the Bitwarden vault.
I imported my keepass database into vaultwarden with no issues
a quick search on the net did not answer my question...
therefore:
do you use it also outside your lan? (with port forwarding, ssl cert etc.)
if no, are you able to use the passwords nonetheless on your phone even when youre not in our lan?
The clients cache the vault locally whenever they are connected to the server (at least I think they do. The mobile apps for sure, the desktop app probably too, the browser extension im not sure). Adding entries without server connection simply won't work though, so if you can you should somehow make the server accessible from outside your LAN.
There are only a few services I host that are publicly accesible, and I put those on a 12 dollar per year virmach vps. One of those is vaultwarden. Some others are gotify, wallabag, hauk, and remotely. I don't think it's a problem to run vaultwarden on your lan only because it will sync changes when you connect and resolve any conflicts. I have it accessible from the internet to encourage friends and family to use a password manager with as few hurdles as possible. I've found it to be easy to administrate and secure. In fact, I just moved it from my cancelled dedipath vps to my virmach vps yesterday with zero issues and about 5 minutes of downtime.
yeah, I thought about that option however I would like to have my hardware of the server accessible. until I am not upgrading power consumption wise it does not make sense for me to buy a vps.
(neglecting the point about data owning etc)
Yes, I have it under a subdomain I own on cloudflare. Then it's behind nginx proxy manager on my server which takes care of the ssl too. I have fail2ban too so consider it enough security for if the user passwords are long enough. You can set minimum lengths if letting others use it, or in my case I helped family set it up and made them have strong passwords.
Like others have said, the apps cache everything locally. I have used it without issues with no mobile Internet (e.g. for my cc pin numbers I store on there when i was out in the country with crap reception). I guess you're more likely to create accounts at home anyway but if you have to when out, it would sync whenever you have it back on the lan.
thanks. this was the information I was hoping for. I am stuck with a mobile internet router where I am not able (or at least Im not smart enough) to forward a port. therefore my RPi would sit behind the firewall in my LAN.
nevertheless vaultwarden would be an upgrade from my current keepass/syncthing system. (also because the UI and autofill works better)