I was looking into bitwarden and seems like ToS;DR, a crowdsourced fairness advocacy site, gave a low rating (can’t link due to out of link quota) to their Terms of Service of Bitwarden.
In their revise, it is shocking to see their ability to terminate service at anytime without prior notice or reason and their sharing policy with 3rd-party. Does that automatically questioned the reliability of the service and should no longer be recommanded? (Or, instead, only recommand the self-hosting solution).
It shouldnt be shocking. Since Bitwarden is in the US and if the US government tells it to shutdown an account for whatever reason, they have to comply as part of doing business in the US.
As a law abiding business in the US, the company will have to give your personal info to their payment processors.
As a paid cloud service with a low friction of adoption, Bitwarden is still one of the best.
You can self host via VaultWarden in your home to avoid the above issues but that requires a certain amount of technical know how to do it correctly and securely. If you cant self host it right or dont have the equiptment to self host it right. It is better to pay up.
Alternatively you can of course use KeePassXC and maybe sync the password database with something like syncthing.
1 Like
but that requires a certain amount of technical know how to do it correctly and securely
not really to be honest, all it needs is a spare device and the ability to search for guides/tutorials. The whole process is automated via docker anyways, and keeping it lan only and just vpn’ing into it should be fine to keep it secure.
if anyone’s looking for a guide:
- install mkcert,
apt install mkcertfor debian/ubuntu based mkcert enter-private-ip-here(ip is listed in theip addresscommand, usually starts with 192.)- look at the 2 files it generated, ones a cert one a key, move them both to /etc/ssl/certs
docker run -d --name vaultwarden --restart unless-stopped -v /bw-data/:/data/ -v /etc/ssl/certs/:/ssl/ -e ROCKET_TLS='{certs="/ssl/NAME-OF-CERT-FILE",key="/ssl/NAME-OF-THE-KEY"}' -p 8080:80 vaultwarden/server:latest- vaultwarden’s accessible via https://enter-private-ip-here:8080
- and then wg-easy for a wireguard vpn, docker command’s on the github. portforward 51280 on your router and ur services, excluding wireguard, will be kept within ur lan rather than being public.
really as long as you know basic linux commands which u learn after just installing a distro and messing around for a few minutes ur good, dont need to be an expert in the field to selfhost docker services lmao.
In terms of backups that is something u wanna do every once in a while when hosting ur own instance, just export from the client every so often. However worst case if you forgot to do so each logged in client should let you export even if the server dies/internet goes anyways.
1 Like
AKA it requires technical know how, as @HauntSanctuary said. 99.9% of people do not know linux commands.
1 Like