Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


To host or to not host Bit/Vaultwarden?
New on LowEndTalk? Please Register and read our Community Rules.

To host or to not host Bit/Vaultwarden?

My 1Password plan is coming to an end, and seeing as I don't use half the features of it, I'm considering if there's much point in renewing it.

I like the idea of self-hosting Bitwarden, but I can't host it locally since my Pi is full, and it's impossible to buy them currently. I'd also need easy external access for others.

I'm considering self-hosting vaultwarden on a VPS instead, though even with all the security precautions I could possibly take I'm still wondering it's a good idea to host this with access to the outside world. Thoughts?

(I know it's only $40/yr for family plans, but I've got so many idling VPS I might as well use one)

«1

Comments

  • I'm in the same situation. Picking up Bitwarden Premium next month for $10/yr as I'm too lazy to self-host it. Not looked into it, but the Free plan might be good enough for me.

  • jarjar Member, Patron Provider

    It's fine, but think ahead. Are you going to be bored managing that in two years? Because once you have other people using it, bringing down or failing to maintain this app would qualify as a dick move. The family plan of 1Pass is out of sight, out of mind, just don't forget that value is there.

    Thanked by 2Vextro TimRoo
  • @jar Vaultwarden with mxroute mail hosting plan? What do you think about it?

  • @jar said:
    It's fine, but think ahead. Are you going to be bored managing that in two years? Because once you have other people using it, bringing down or failing to maintain this app would qualify as a dick move. The family plan of 1Pass is out of sight, out of mind, just don't forget that value is there.

    I've got no real worries about maintaining it, I've been doing that for years with other self-hosted things, just mainly the security side of it with it being accessible to the world.

  • SelykgSelykg Member
    edited November 2022

    @Vextro said:

    @jar said:
    It's fine, but think ahead. Are you going to be bored managing that in two years? Because once you have other people using it, bringing down or failing to maintain this app would qualify as a dick move. The family plan of 1Pass is out of sight, out of mind, just don't forget that value is there.

    I've got no real worries about maintaining it, I've been doing that for years with other self-hosted things, just mainly the security side of it with it being accessible to the world.

    Shove it behind Tailscale.

    Thanked by 2bdl ariq01
  • jarjar Member, Patron Provider

    @Hotmarer said:
    @jar Vaultwarden with mxroute mail hosting plan? What do you think about it?

    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

  • use keepass and use a strong password and cypher and you can sync it through gdrive or onedrive

  • ArkasArkas Moderator

    @jar said: Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    That is amazing! Is it part of mxroute (I mean subscription wise)?

    Thanked by 1jar
  • jarjar Member, Patron Provider

    @Arkas said:

    @jar said: Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    That is amazing! Is it part of mxroute (I mean subscription wise)?

    Just a freebie. Part of MXroute's budget is just giving to the community by hosting things they can use.

  • @jar said:
    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    wth, I've been a long time follower of Mxroute but never knew about this! Do you have any other easter egg such as this? :D

    Thanked by 2jar the_doctor
  • jarjar Member, Patron Provider

    @pullangcubo said:

    @jar said:
    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    wth, I've been a long time follower of Mxroute but never knew about this! Do you have any other easter egg such as this? :D

    I do. Mastodon at freesocial.co, pastebin at paste.mxrouteapps.com.

  • @jar said:

    @Hotmarer said:
    @jar Vaultwarden with mxroute mail hosting plan? What do you think about it?

    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    I learned something today. Thankyou.

    Thanked by 1jar
  • For the low cost, it makes little sense to self host. Murphy's Law, it'll work perfectly until you go on vacation.

    This is the kind of thing you want 24/7/365 and can't handle even a bit of downtime for regular hardware and update maintenance. Just not worth it.

    It's one of the most slam dunk decisions to make (for single and low quantity users).

    Thanked by 2Logano dev077
  • I use the free plan, thought about self hosting them but ultimately decide against it. The free plan suit my need and works very well.

  • Yeah I trust Bitwarden more than myself for this. Can't remember if I paid them $10 this year or not, but the free version is completely fine for normal use.

  • Bitwarden's free plan is good enough. I paid $10 to support the company but don't really use the features. The breach report and emergency access are nice to have.

  • @jar said:

    @Arkas said:

    @jar said: Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    That is amazing! Is it part of mxroute (I mean subscription wise)?

    Just a freebie. Part of MXroute's budget is just giving to the community by hosting things they can use.

    I have an account at mxroute, but don't see anything about apps, how do you access that feature?

  • aquaaqua Member, Patron Provider

    Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.

    I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.

  • @aqua said:
    Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.

    I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.

    What I've found is the vps providers I use could have access, they often set your vps SSH root password when you order, so you have to make sure you change it! I change it right away.

  • aquaaqua Member, Patron Provider

    @melp57 said:

    @aqua said:
    Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.

    I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.

    What I've found is the vps providers I use could have access, they often set your vps SSH root password when you order, so you have to make sure you change it! I change it right away.

    Yep, I strongly encourage users to change their password immediately. I do not want to be held liable for any sort of unauthorized console access.

    Thanked by 1melp57
  • @Vextro said:
    My 1Password plan is coming to an end, and seeing as I don't use half the features of it, I'm considering if there's much point in renewing it.

    I like the idea of self-hosting Bitwarden, but I can't host it locally since my Pi is full, and it's impossible to buy them currently. I'd also need easy external access for others.

    I'm considering self-hosting vaultwarden on a VPS instead, though even with all the security precautions I could possibly take I'm still wondering it's a good idea to host this with access to the outside world. Thoughts?

    (I know it's only $40/yr for family plans, but I've got so many idling VPS I might as well use one)

    I did it, but it was way more grief than paying Bitwarden directly for it.

    You really need to be on top of your backup strategy in case anything goes wrong.

    Thanked by 1Logano
  • @aqua said:

    @melp57 said:

    @aqua said:
    Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.

    I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.

    What I've found is the vps providers I use could have access, they often set your vps SSH root password when you order, so you have to make sure you change it! I change it right away.

    Yep, I strongly encourage users to change their password immediately. I do not want to be held liable for any sort of unauthorized console access.

    I only realize it when I submitted a ticket for a issue with my vps, they responded with, it's fixed, then I asked myself, how were they able to login to my server 😃😃. It hit me and I felt like a dummy, they created the pw! I went and changed right away. Most ppl don't even think about it.
    Now I've had some really great providers that will tell you right away to change your pw.

  • BlaZeBlaZe Member, Host Rep

    Don't self-host it. The last thing you'll ever need is, you're on a vacation, your tinder hookup ditched you, so now you trying to login into your pr0nhub account but the password is on your selfhosted vaultwarden. You realize that the host has planned for a maintenance for 30mins and thus your VPS would go down/inaccessible. You check after an hour and still your VPS is down. Host's status page say that one of their disgrunted employee fucked up the migration on purpose and now they are rebuilding the server from backups - which could take hours maybe? So now you are all alone in the hotel room, sipping wine in robe, thinking what if your tinder hookup hadn't ditched you at the last moment, how would things go by now.

    OR

    You'll now think about this day, when you created the thread, asking for opinions on selfhosting Vaultwarden and concluded to self host it.

    < /fun>

  • mathenymatheny Member
    edited November 2022

    @BlaZe said:
    Don't self-host it. The last thing you'll ever need is, you're on a vacation, your tinder hookup ditched you, so now you trying to login into your pr0nhub account but the password is on your selfhosted vaultwarden. You realize that the host has planned for a maintenance for 30mins and thus your VPS would go down/inaccessible. You check after an hour and still your VPS is down. Host's status page say that one of their disgrunted employee fucked up the migration on purpose and now they are rebuilding the server from backups - which could take hours maybe? So now you are all alone in the hotel room, sipping wine in robe, thinking what if your tinder hookup hadn't ditched you at the last moment, how would things go by now.

    OR

    You'll now think about this day, when you created the thread, asking for opinions on selfhosting Vaultwarden and concluded to self host it.

    < /fun>

    If I'm going to host something critical like this, I would need at least 1 active + 1 failover + 3/2/1 backups. I won't be f*k up if one provider just go busted.

    OP if you are going the self-hosted route, consider having at least one automatic backup to an off-site location, or you will end up in a very really funny situation exactly as describe by @BlaZe :D

    Thanked by 1BlaZe
  • I host a Vaultwarden myself. It runs on a netcup Root Server, that's OS is Debian installed with debootstrap from their rescue system. I keep up-to-date backup exported from Bitwarden client. It is the most usefull multiplatform solution that I ever been used. I use the Windows and iOS platforms. The only negative point for me is that I can't tap on password save when I register or login to a new page or APP, I must create new entry by hand.

  • jmaxwelljmaxwell Member
    edited November 2022

    @melp57 said:
    Most ppl don't even think about it.

    Idk about most people but when you get an email with a cleartext password, the very first thing that comes to mind is to change it. Because their entire staff and maybe even more people on the internet probably knew it by that time.

  • @jar said:

    @pullangcubo said:

    @jar said:
    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    wth, I've been a long time follower of Mxroute but never knew about this! Do you have any other easter egg such as this? :D

    I do. Mastodon at freesocial.co, pastebin at paste.mxrouteapps.com.

    Gonna hide your searx instance?

    Thanked by 1jar
  • jarjar Member, Patron Provider

    @FatGrizzly said:

    @jar said:

    @pullangcubo said:

    @jar said:
    Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/ :smile:

    wth, I've been a long time follower of Mxroute but never knew about this! Do you have any other easter egg such as this? :D

    I do. Mastodon at freesocial.co, pastebin at paste.mxrouteapps.com.

    Gonna hide your searx instance?

    Damn things barely work anymore with Google blocking them :disappointed:

  • How about KeePassX + pCloud? access from anywhere, via pCloud, synchronization

  • @melp57 said:

    @aqua said:

    @melp57 said:

    @aqua said:
    Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.

    I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.

    What I've found is the vps providers I use could have access, they often set your vps SSH root password when you order, so you have to make sure you change it! I change it right away.

    Yep, I strongly encourage users to change their password immediately. I do not want to be held liable for any sort of unauthorized console access.

    I only realize it when I submitted a ticket for a issue with my vps, they responded with, it's fixed, then I asked myself, how were they able to login to my server 😃😃. It hit me and I felt like a dummy, they created the pw! I went and changed right away. Most ppl don't even think about it.
    Now I've had some really great providers that will tell you right away to change your pw.

    If the fix was logging into your server, you probably didn't need to contact support and should have fixed it yourself.

Sign In or Register to comment.