Hey guys,

Currently im just running calibre and nextcloud docker containers over the web, with a ddns from noip and a cloudflare domain. But i also want to setup a vaultwarden container too, so now i need to really consider the security of my server. What are the main things to watch out for? Calibre and nextcloud are just using subdomains, is it okay to have a subdomain to connect to vaultwarden? Am i better off just trusting bitwarden and sticking with them?

Thanks!

    • balance_sheet@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Sorry, but I sincerely hope you just don’t selfhost Vaultwarden.

      Its just a shitty laptop with a slow ass HDD, and who knows how much life its got

      I think your main problem is going to be a reliability than security when this is the case. What is your plan for backup? You will be locked out, possibly permanently if you lose Vaultwarden data. Judging by your comments, you really, really don’t want to selfhost password manager of any sort.

      • 🅱🅴🅿🅿🅸@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Sorry, but I sincerely hope you just don’t selfhost Vaultwarden.

        Are you saying this because i dont know much about firewalls and VPNs right now? Or because i dont have a good backup solution? Or something else?

        Currently my backup solution might not be the nicest, but im taking regular backups on the same laptop, copying those onto an external HD, and syncing that onto my main PC, hopefully whoch should be enough

        • balance_sheet@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Are you saying this because i dont know much about firewalls and VPNs right now? Or because i dont have a good backup solution? Or something else?

          Yes.

          Backup sounds to be enough but I still advice you not to. You can familiarize yourself with security in general before you do something as critical as a password manager.