New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
To host or to not host Bit/Vaultwarden?
My 1Password plan is coming to an end, and seeing as I don't use half the features of it, I'm considering if there's much point in renewing it.
I like the idea of self-hosting Bitwarden, but I can't host it locally since my Pi is full, and it's impossible to buy them currently. I'd also need easy external access for others.
I'm considering self-hosting vaultwarden on a VPS instead, though even with all the security precautions I could possibly take I'm still wondering it's a good idea to host this with access to the outside world. Thoughts?
(I know it's only $40/yr for family plans, but I've got so many idling VPS I might as well use one)
Comments
I'm in the same situation. Picking up Bitwarden Premium next month for $10/yr as I'm too lazy to self-host it. Not looked into it, but the Free plan might be good enough for me.
It's fine, but think ahead. Are you going to be bored managing that in two years? Because once you have other people using it, bringing down or failing to maintain this app would qualify as a dick move. The family plan of 1Pass is out of sight, out of mind, just don't forget that value is there.
@jar Vaultwarden with mxroute mail hosting plan? What do you think about it?
I've got no real worries about maintaining it, I've been doing that for years with other self-hosted things, just mainly the security side of it with it being accessible to the world.
Shove it behind Tailscale.
Have a lot of users on our instance, fully managed and have at it: https://pass.mxrouteapps.com/
use keepass and use a strong password and cypher and you can sync it through gdrive or onedrive
That is amazing! Is it part of mxroute (I mean subscription wise)?
Just a freebie. Part of MXroute's budget is just giving to the community by hosting things they can use.
wth, I've been a long time follower of Mxroute but never knew about this! Do you have any other easter egg such as this?
I do. Mastodon at freesocial.co, pastebin at paste.mxrouteapps.com.
I learned something today. Thankyou.
For the low cost, it makes little sense to self host. Murphy's Law, it'll work perfectly until you go on vacation.
This is the kind of thing you want 24/7/365 and can't handle even a bit of downtime for regular hardware and update maintenance. Just not worth it.
It's one of the most slam dunk decisions to make (for single and low quantity users).
I use the free plan, thought about self hosting them but ultimately decide against it. The free plan suit my need and works very well.
Yeah I trust Bitwarden more than myself for this. Can't remember if I paid them $10 this year or not, but the free version is completely fine for normal use.
Bitwarden's free plan is good enough. I paid $10 to support the company but don't really use the features. The breach report and emergency access are nice to have.
I have an account at mxroute, but don't see anything about apps, how do you access that feature?
Bitwarden doesn't need too many resources. What would've been ideal was to grab a cheap yearly VPS during BF and self-host it. Use SSH-Key and so on.
I prefer self-hosting it as I don't like other people having any sort of access (regardless of what they say) to my data. I'm not saying all hosts do it, but you may never know.
What I've found is the vps providers I use could have access, they often set your vps SSH root password when you order, so you have to make sure you change it! I change it right away.
Yep, I strongly encourage users to change their password immediately. I do not want to be held liable for any sort of unauthorized console access.
I did it, but it was way more grief than paying Bitwarden directly for it.
You really need to be on top of your backup strategy in case anything goes wrong.
I only realize it when I submitted a ticket for a issue with my vps, they responded with, it's fixed, then I asked myself, how were they able to login to my server 😃😃. It hit me and I felt like a dummy, they created the pw! I went and changed right away. Most ppl don't even think about it.
Now I've had some really great providers that will tell you right away to change your pw.
Don't self-host it. The last thing you'll ever need is, you're on a vacation, your tinder hookup ditched you, so now you trying to login into your pr0nhub account but the password is on your selfhosted vaultwarden. You realize that the host has planned for a maintenance for 30mins and thus your VPS would go down/inaccessible. You check after an hour and still your VPS is down. Host's status page say that one of their disgrunted employee fucked up the migration on purpose and now they are rebuilding the server from backups - which could take hours maybe? So now you are all alone in the hotel room, sipping wine in robe, thinking what if your tinder hookup hadn't ditched you at the last moment, how would things go by now.
OR
You'll now think about this day, when you created the thread, asking for opinions on selfhosting Vaultwarden and concluded to self host it.
< /fun>
If I'm going to host something critical like this, I would need at least 1 active + 1 failover + 3/2/1 backups. I won't be f*k up if one provider just go busted.
OP if you are going the self-hosted route, consider having at least one automatic backup to an off-site location, or you will end up in a very really funny situation exactly as describe by @BlaZe
I host a Vaultwarden myself. It runs on a netcup Root Server, that's OS is Debian installed with debootstrap from their rescue system. I keep up-to-date backup exported from Bitwarden client. It is the most usefull multiplatform solution that I ever been used. I use the Windows and iOS platforms. The only negative point for me is that I can't tap on password save when I register or login to a new page or APP, I must create new entry by hand.
Idk about most people but when you get an email with a cleartext password, the very first thing that comes to mind is to change it. Because their entire staff and maybe even more people on the internet probably knew it by that time.
Gonna hide your searx instance?
Damn things barely work anymore with Google blocking them
How about KeePassX + pCloud? access from anywhere, via pCloud, synchronization
If the fix was logging into your server, you probably didn't need to contact support and should have fixed it yourself.