this post was submitted on 17 Jul 2023
59 points (100.0% liked)

Selfhosted

39919 readers
289 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
59
Home Server Security (sh.itjust.works)
submitted 1 year ago by [email protected] to c/[email protected]
26 comments fedilink hide all child comments
 

Hey guys,

Currently im just running calibre and nextcloud docker containers over the web, with a ddns from noip and a cloudflare domain. But i also want to setup a vaultwarden container too, so now i need to really consider the security of my server. What are the main things to watch out for? Calibre and nextcloud are just using subdomains, is it okay to have a subdomain to connect to vaultwarden? Am i better off just trusting bitwarden and sticking with them?

Thanks!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 1 year ago (2 children)

IMO if you are asking such question - stick to Bitwarden cloud.

Passwords, at least to me, is something I don't want to lose. I don't trust myself I could provide a proper uptime & security, so I just use cloud version.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

I recently switched to cloud from vaultwarden. I was comfortable enough with the security, but when I started to actually plan disaster recovery, it was something I literally could not afford to get wrong.

So bitwarden is the one service I don't, and have no plans to, self host.

[–] [email protected] 3 points 1 year ago (1 children)

Bitwarden's official self hosting stack (not a single container) ships with nightly encrypted database dumps. And their backup page mentions just needing to backup the 'bwdata' folder which has worked great for me.

https://bitwarden.com/help/install-on-premise-linux/

[–] [email protected] 1 points 1 year ago

That's great. For me, at least, getting a server restored from backup on something like aws without access to passwords was going to require more preparation than I was willing to deal with.

Definitely worth exploring if you're prepared to handle that though.

[–] [email protected] 3 points 1 year ago

Yeah that was something i was worried about too, not like my server is an proper rig. Its just a shitty laptop with a slow ass HDD, and who knows how much life its got