I’ve had a “home lab server” for a while now, it’s nothing special but I think I can do more with it, I just don’t know what to do with it… I currently use it just for a pihole and (sometimes) a Minecraft server or a web server… I used to also have a nexcloud and a searxng instance (which I will probably bring back)… Any ideas for other things I can run on it?
I switched from keepass to vaultwarden (self hosted bitwarden) and am glad I tried it out as am finding it so much better on all my devices. I definitely recommend giving it a try if you’re just looking to tinker with things
a quick search on the net did not answer my question…
therefore:
do you use it also outside your lan? (with port forwarding, ssl cert etc.)
if no, are you able to use the passwords nonetheless on your phone even when youre not in our lan?
The clients cache the vault locally whenever they are connected to the server (at least I think they do. The mobile apps for sure, the desktop app probably too, the browser extension im not sure). Adding entries without server connection simply won’t work though, so if you can you should somehow make the server accessible from outside your LAN.
There are only a few services I host that are publicly accesible, and I put those on a 12 dollar per year virmach vps. One of those is vaultwarden. Some others are gotify, wallabag, hauk, and remotely. I don’t think it’s a problem to run vaultwarden on your lan only because it will sync changes when you connect and resolve any conflicts. I have it accessible from the internet to encourage friends and family to use a password manager with as few hurdles as possible. I’ve found it to be easy to administrate and secure. In fact, I just moved it from my cancelled dedipath vps to my virmach vps yesterday with zero issues and about 5 minutes of downtime.
yeah, I thought about that option however I would like to have my hardware of the server accessible. until I am not upgrading power consumption wise it does not make sense for me to buy a vps.
(neglecting the point about data owning etc)
Yes, I have it under a subdomain I own on cloudflare. Then it’s behind nginx proxy manager on my server which takes care of the ssl too. I have fail2ban too so consider it enough security for if the user passwords are long enough. You can set minimum lengths if letting others use it, or in my case I helped family set it up and made them have strong passwords.
Like others have said, the apps cache everything locally. I have used it without issues with no mobile Internet (e.g. for my cc pin numbers I store on there when i was out in the country with crap reception). I guess you’re more likely to create accounts at home anyway but if you have to when out, it would sync whenever you have it back on the lan.
thanks. this was the information I was hoping for. I am stuck with a mobile internet router where I am not able (or at least Im not smart enough) to forward a port. therefore my RPi would sit behind the firewall in my LAN.
nevertheless vaultwarden would be an upgrade from my current keepass/syncthing system. (also because the UI and autofill works better)
Vaultwarden? Sounds interesting! Does it support the .kbdx format or will I have to re-make my whole database?
Here is a list of all the supported apps and formats: https://bitwarden.com/help/import-faqs/#q-what-file-formats-does-bitwarden-support-for-import
I see KeePass 2 and KeePassX being listed, and assume that the KPXC app will have some sort of option for an unencrypted export of all data. That can then easily be imported into the Bitwarden vault.
I imported my keepass database into vaultwarden with no issues
I swore by Keepass for years… recently switched to Bitwarden last month and so glad I did.