Hey guys,
Currently im just running calibre and nextcloud docker containers over the web, with a ddns from noip and a cloudflare domain. But i also want to setup a vaultwarden container too, so now i need to really consider the security of my server. What are the main things to watch out for? Calibre and nextcloud are just using subdomains, is it okay to have a subdomain to connect to vaultwarden? Am i better off just trusting bitwarden and sticking with them?
Thanks!
IMO if you are asking such question - stick to Bitwarden cloud.
Passwords, at least to me, is something I don’t want to lose. I don’t trust myself I could provide a proper uptime & security, so I just use cloud version.
I recently switched to cloud from vaultwarden. I was comfortable enough with the security, but when I started to actually plan disaster recovery, it was something I literally could not afford to get wrong.
So bitwarden is the one service I don’t, and have no plans to, self host.
Bitwarden’s official self hosting stack (not a single container) ships with nightly encrypted database dumps. And their backup page mentions just needing to backup the ‘bwdata’ folder which has worked great for me.
https://bitwarden.com/help/install-on-premise-linux/
That’s great. For me, at least, getting a server restored from backup on something like aws without access to passwords was going to require more preparation than I was willing to deal with.
Definitely worth exploring if you’re prepared to handle that though.
Yeah that was something i was worried about too, not like my server is an proper rig. Its just a shitty laptop with a slow ass HDD, and who knows how much life its got