pfsense HA Proxy Video kzread.info/dash/bejne/nKStt89uY9rLXbw.html Bitwarden install documentation bitwarden.com/help/install-on-premise-linux/ Bitwarden backup documentation bitwarden.com/help/backup-on-premise/

I've been looking into this for hours today, trying out guides for running Vaultwarden on my NAS using Docker, and ending up just testing Bitwarden on their own servers. This is so well timed - thanks!

@LAWRENCESYSTEMS

Жыл бұрын

Glad I could help!

@skorpion1298

Жыл бұрын

I use Vaultwarden with Portainer and nginx proxy. Everything running on a small PC and it was easy to Setup. If you need help I may help you out.

@lucky-13

Жыл бұрын

One thing to note and I like better is using cloudflare tunnels (in docker) vs opening ports up in a reverse proxy on my NAS.

@brandonchappell1535

7 ай бұрын

@@LAWRENCESYSTEMS any plans of doing a Vaultwarden install video on Scale like this one? You lost me at shell lol

@boonemeat2652

3 ай бұрын

I've watched so many videos for self hosted servers, but never found anything that walks through the ways or Best ways to access these outside of my home.

After seeing your last couple videos on Bitwarden, I’ve switched over to it and am self hosting with the family plan. So far I couldn’t be happier.

Really loving these new video how-to's. Very useful for people learning and getting into these things. This is one I will follow for sure.

Oh YEAH! Was hoping for a video from TOM with exactly this topic! Thanks kind sir!

You answered all the questions I've been racking up on BitWarden

I am going to work on this for my home and family. This would be a good project to put on my resume.

thanks! this video is going to come in handy tomorrow because i will be setting up my home lab tomorrow :)

Moved from Lastpass to Bitwarden with thier recent issues. I'm very happy with my transition.

Awesome! Exactly what I was looking for!

liked! thanks tom. currently using keepass with syncthing, but gonna switch to self hosted bitwarden eventually.

This is one of the best things I've ever done. Even my wife loves it. Running it in a VM on my Hyper-V. Works perfect. But I wish I could upload my cards as .jpg

Very timely with the Last Pass disaster in the news. Not that Bitwarden is as careless as Last Pass, but it's always worth considering self-hosting options.

I didn’t realize there was a debate with Vaultwarden. I’m self hosting Vaultwarden on my Synology (which was much easier to setup then what was in this video). I setup 2FA, used admin page to block new signups, firewall setup etc. I feel pretty good about the security for personal use, but I’ll have to do some research on what Tom mentioned at 13:00.

@kjeldschouten-lebbing6260

Жыл бұрын

There is literally no research to be done. Vaultwarden does not have a company attached to pay for commercial auditors to audit their code. The API is the same, however, so the API audits apply to both.

My fault for not reading FAQs but I remember sitting down and doing trial & error just to setup Bitwarden on Docker, setting up a reverse proxy config, etc. to discover that self-hosting Bitwarden does not unlock the paid features. So, I ended up installing Keeweb onto my existing Nextcloud instance. Been using ever since.

What's the advantage of installing Bitwarden on bare metal than, as example, Docker? I've switched from Proxmox back to ESXi and this would be a perfect LXC container case, but yeah :)

Great video!! Thanks. Can you provide more information on the configuration if we would like to access it internally with a DNS name? And also more information about the certificate, proxy and other components required that you are using? I would like to setup and make it available only internally. I suppose that it would work even on the road and that devices would sync when coming back.

Bitwarden was so easy to setup I was left wondering if I had missed something. LOL But it works great. Open source, free, and can be self-hosted. Just fantastic!

@designer.346

Жыл бұрын

That’s how I feel right now😂

Funny that I literally did this yesterday then see your video today.

I switched to Self-Hosted Bitwarden over a year ago, and with everything happening with LastPass, I'm glad I did. It just works. Setup with Let's Encrypt, and behind the firewall (VPN). Simple, and secure.

@waretechnologies6845

Жыл бұрын

Same here.

I'd be damn!! I was just talking about this at work and bam here you are making a video!? You are even more powerful than Amazon,Alphabet or Meta 😂

Thank you!!

Would love to see you making a video with a reverse Proxy

Lol, your video prompted me to lookup bitwarden and then to see "vaultwarden" in the Archlinux software repository. None of these tools do I use in a corporate environment. So for a number of years have been using Keepass, but honestly it's a pain in the butt keeping things smoothly going between just my wife and I through synchronization. We do have a number of attachements, does the $0 cost mean you can't have *any* attachments for personal use? Or, just you don't get to have any encrypted ones? And, if I self-host, does none of that apply at all? I can have my cake and eat it too?

Thanks for the nice walkthrough... Interested in your thoughts on the new Bitwarden Unified which has just been released into Beta

@LAWRENCESYSTEMS

Жыл бұрын

Looks nice, I did consider waiting to make this video until that version is our of beta, but I have a feeling people don't want to wait. Also, this version has a long history of working well.

@m0nji1234

Жыл бұрын

Saw the news of Bitwarden unified yesterday and thought, i will wait until tom will make a video about it, then i saw your video about bitwarden today and was kind of surprised that’s related to the „old“ method.

@dasGieltjE

Жыл бұрын

Been testing it for some time now, there are some blocking issues at the moment, but nothing that cannot be fixed. When it's released this should be a mayor improvement when run without mssql.

For cloud setup would you recommend a vm running bitwarden with only ip access from a reverse proxy. and then that reverse proxy only allows ip access from the vpn ip?

Yes, we are busy and a lot of things we need installed we will likely contract with you.

Interesting but a bit too complicated for little old me 😀I have a Synology NAS but it's too small to handle Docker. Can anyone suggest a suitable size NAS that would be adequate for this, or a small home server that could be used as a NAS and to run other services? Thanks!

How big is your installation in terms of passwords stored, shared collections and number of users? What are the scale up/out options?

@LAWRENCESYSTEMS

Жыл бұрын

A fresh install is about 152M and our production system with 8 users and a few thousand passwords is about 1G, but the backups are about 31M.

You should do a video on Docker-Mailserver (direct Docker name)

i was hoping to see vaultwarden here ;]

I was wondering if you have a guide to install BitWarden on TrueNAS Scale?

Great! Can you complete with the firewall rulles to secure the vm? You are awesome!!!!!

@LAWRENCESYSTEMS

Жыл бұрын

The only port needed if 443

Hello! thnx for your video! helpfull! but how can i startup bitwarten automacaly on boot start?

Great video Tom! I'm left wondering though. Is there no way to configure email verification with gmail?

@LAWRENCESYSTEMS

9 ай бұрын

Google is retiring (or may have retired already) the feature that would allow that.

Thanks

Where do you store your backup passwords as your cannot store them in bitwarden, chicken and egg situation

What is the difference between Lastpass' and Bitwardens servers (NOT self host) in terms of security? Is there actually a difference other than LastPass already having been attacked heavily? With all the things my personal hardware does, I am more comfortable relying on huge datacenters to host my services tbh.

Any good option for this one truenas scale? Or just use a VM?

@LAWRENCESYSTEMS

Жыл бұрын

I have not tested this on scale

How many containers does this deploy? Is it worth putting on a 2 core 4 gb VM or on my container host (much larger)

@bgroks1

Жыл бұрын

Really depends on the amount of users. If it’s just you, 2core, 2gb is working fine for me. 2GB ram minimum or MSSQL won’t work properly.

@heavy1metal

Жыл бұрын

This version runs 11 containers in the end. You can start with 1 core 2gb and just simply see how it runs... Beautiful thing about VMs, it's easy to add RAM and CPUs..

hello Tom, I get a 522 error . is there any step that we may need to do in PFSENSE to fix this issue

Im getting an error on the installing step after steps 1-7 its saying that on line49 docker: command not found, is there anything I can try to fix this?

Hi Tom, I might be a bit late to the subjecta nd I hope you can help, but is there a way to install bitwarden natively without using docker or any other container environment?

@LAWRENCESYSTEMS

10 ай бұрын

I don't have a tutorial but you could grab all the source and build it manually.

I set mine up with cloudflare zero trust. Super easy to set up and it handles all ssl certificates. You can even have multifactor authentication to even access the site for extra security

@metal-beard

Жыл бұрын

how do you put multifactor auth on it?

@zundlefire5268

Жыл бұрын

@@metal-beard In zero trust, under Access and Applications. I have it only allow certain emails to receive a one time code

Has anything changed recently with the Bitwarden install files? I'm following your steps exactly with the latest version but it doesn't work, I cannot create my acccount, shows an error on the webpage. In the logs i'm getting an error relating to the mssql db login. Using Debian 12. Also it looks like some spaces have been added for the mssql login string for TrustServerCertificate=True and MultipleActiveResultSets=False but removing the spaces didn't resolve my problem.

Just wondering, what shell and theme are you using there?

@LAWRENCESYSTEMS

Жыл бұрын

github.com/lawrencesystems/dotfiles

Paying for Dashlane at the moment. If I self host this, will this then be completely free for multiple users, or do I still need to pay something for the client's apps or other services?

@LAWRENCESYSTEMS

Жыл бұрын

bitwarden.com/pricing/

any alternatives to using docker? all docs I have found says to use docker but I do not want to

@LAWRENCESYSTEMS

Жыл бұрын

They have all the source available but I don't have a guide on it. The use Docker to make service delivery simple.

This video put me in the mindset that converting from LastPass to BitWarden is too much trouble last year. Is this actually a lot simpler? Am I fine using their servers rather than my self-hosted setup or should I 100% go self-hosted?

@LAWRENCESYSTEMS

7 ай бұрын

For just one person, using self hosted does not make a lot of sense so just use their servers.

@Saturn2888

7 ай бұрын

@@LAWRENCESYSTEMS thanks! It'd be for me, my kids, wife, and other relatives, but it's easier to just do the online account. Is it secure?

@LAWRENCESYSTEMS

7 ай бұрын

@@Saturn2888Yes, they do a good job with security

If people do self host where do they store backup of the password file? Cloud? Ummmmm??

What's everyones opinion on deploying Bitwarden selfhosted using the "Unified (Beta)" option?

@LAWRENCESYSTEMS

Жыл бұрын

I have not tested it yet, I was going to wait until it's out of beta.

@heavy1metal

Жыл бұрын

It changes the docker setup but the webapp is the same. Adds support for more external DB servers other than M$ SQL, which is a big plus.

@dasGieltjE

Жыл бұрын

Been testing it for some time now, there are some blocking issues at the moment, but nothing that cannot be fixed. When it's released this should be a mayor improvement when run without mssql.

@feo786

Жыл бұрын

@@dasGieltjE what's the issue with MSSQL?

@dasGieltjE

Жыл бұрын

@@feo786 insanely memory inefficient, also running a MariaDB instance that already serves dozens of other systems and is offsite replicated and backed up.

How would I connect an enterprise license to the self hosted server? I didn't quite understand.

@LAWRENCESYSTEMS

4 ай бұрын

You have an account on Bitwardens site where you buy the licence which has an export option to create a file that you import via the self hosted web interface.

Used to run bitwarden-rs on the Synology with Docker behind HA-proxy on pfsense. Recently made a change to vaultwarden on a Proxmox VM getting access via Cloudlfare Tunnels. No more port forwards with HA-proxy. Easy certificate handling amongst other things. Am I cheap? yes. Do I trust the vaultwarden image? yes. Do I trust Cloudflare? yes. Are they 3rd parties? yes. Isn't just about everything a 3rd party? yes. Where can you really draw the line on "trust"? Just because it had a code review? GMAB

@heavy1metal

Жыл бұрын

Trust should be based on the value of the data. If a compromise could mean the end of your own business as well as the businesses you manage, leading to litigation and other consequences then a verified source with an external audit is well worth the extra money / effort when possible.

@metal-beard

Жыл бұрын

how do you limit people from going to your CF Tunnel address?

@fourmobro6214

Жыл бұрын

@@metal-beard The CF tunnel, by itself, is security by obscurity. As it is a CNAME record, one would need to know the FQDN of the self-hosted service to get there as it is not accessible by the ISP provided public IP address. CF also does not publish the CNAME records to the public. Even if you knew the CF target of the CNAME record, you cannot access the resource from the target name. CF also blocks bad actors from creating a new CNAME record of your resource to prevent spoofing.

Is it advisable to use bitwarden/vaultwarden for a large organization with around 1000 employees?

@LAWRENCESYSTEMS

Жыл бұрын

Bitwarden yes, but Vaultwarden I don't use.

Hi Tom, any working comments about Windows/Active Directory integration? I am failing miserably at it, thanks

@LAWRENCESYSTEMS

Жыл бұрын

Not a feature we use or plan to use

@pabss3193

Жыл бұрын

@@LAWRENCESYSTEMS but still a nice challenge, riiiiiiiight? lol Thx tho, will keep chipping at it and document it the moment I get it working, but just in case... I mean... ;)

Hi Tom my browser blocks access to my self hosted bitwarden ? Please help 🥺

Hi, thanx for the video, what i dont understand here, if you setup bitwarden locally and use vpn to be more secure, you cant use the bitwarden outside of your home network?! otherwise you need to build bridge outside each time you want to use bitwarden..?! do you still recommending it this way or am i getting something wrong? do you think it is a bad idea to expose e.g. cloudflare tunnel?

@LAWRENCESYSTEMS

4 ай бұрын

I prefer to keep my Bitwarden instance behind a VPN but you can expose it directly or via a reverse proxy such as Cloudflare tunnel.

@ismailuwair187

4 ай бұрын

@@LAWRENCESYSTEMS will you be able to use it from outside your network? you will need to use the same vpn(network)?!

@LAWRENCESYSTEMS

4 ай бұрын

@@ismailuwair187I use a VPN to use it outside my network.

What was the point of making the bitwarden user and then not executing the shell script within that users directory? At least that's what Bitwardens own documentation says to do. I know it doesn't make a difference to you, but for people watching and copying you directly, they will miss the step to switch to the bitwarden user and run the shell scripts in that service accounts directory. Ultimately, not the end of the world but for consistency and management it does matter.

@LAWRENCESYSTEMS

Жыл бұрын

Fair point

@tiagomez400

7 ай бұрын

@@LAWRENCESYSTEMS you see you just did what you want not what made sense for a how to video lmaooooo garbage

Have you ever looked into passbolt as a self-hosted solution?

@LAWRENCESYSTEMS

Жыл бұрын

I have not and I have only seen sponsored reviews of it so not really sure how good it is.

@TheOGShelbyLee

Жыл бұрын

@@LAWRENCESYSTEMS it'd be interesting to get your perspective!

@LAWRENCESYSTEMS

Жыл бұрын

@@TheOGShelbyLee Due to the work involved in testing a password manager I don't know if I will be reviewing it anytime soon. Most of my reviews are products we use all the time.

From a newbie, can this process be done within a Docker container?

@LAWRENCESYSTEMS

8 ай бұрын

These instructions are for using docker.

I just spent the weekend setting up Vaultwarden, CloudFlare, Lets Entrypt and Nignix Proxy on my Unraid box. But you mentioned self signed cert, but then you had an error with the browser plug in due to SSL error. How did you get past the error? I have wireguard on my pfsense router working and with only a few apps on my phone allowed. So I could use self signed cert. How did you get past it or did you?

@mistakek

Жыл бұрын

He said it himself. Reverse proxy, specifically HA proxy on pfsense.

@DavidBrownSC

Жыл бұрын

@@mistakek sorry i must have missed that. I guess I am getting old and can't hear nor see :)

@cloud2050

Жыл бұрын

@David Brown If you are using Cloudflare and Nginx you can use Cloudflare cert to protect your environment instead. I use this in my setup. You can find many videos on KZread on this. Check the Ibracorp videos.

I cannot get this working with the iPhone IOS, SSL Error........... and a browser addon ....... won't connect as not secure type thing. Works fine from website, any fix?

@LAWRENCESYSTEMS

9 ай бұрын

You need a reverse proxy

Hi, how can I create the tunnel without having the port? I checked in the portainer and no ports are being generated! Thanks 🍻

@LAWRENCESYSTEMS

Жыл бұрын

The Cloudflare tunnels connect to the other services running on your network or in docker.

one thing is I don't understand what is the advantage of self-hosted Bitwarden vs having Bitwarden host it on your behalf on Microsoft Azure Cloud. Sidenote I use Bitwarden.

@danijelpavlovic9871

Жыл бұрын

As a nobody you are not going to be a very good target for hacking groups that are focused on hacking companies for big $$$. If you aren't pants on head retarded in terms of your home server security you should be safer than having it in the cloud. Remember that if you don't hold the vault then you don't own the vault.

@heavy1metal

Жыл бұрын

Reducing the risk of having your vault stolen in the event of an attack vs self-hosting it would have to be a targeted attack. (This is exactly what happened with LastPass)

@Brad-jb2bd

Жыл бұрын

@@heavy1metalcounterpoint user might not be as good as bitwarden at locking down their environment. An improperly secured environment is what got last pass.

Do you have any info on installing a self hosted password manager without involving Docker?

@LAWRENCESYSTEMS

Жыл бұрын

No

@MR-vj8dn

Жыл бұрын

@@LAWRENCESYSTEMS Thanks for your quick response 😊 I asked because I’m in a mission of removing and avoiding Docker on our servers with the most sensitive / security related data.

Is there big advantages to self-hosting this versus Bitwarden managed?

@LAWRENCESYSTEMS

Жыл бұрын

Upside you are in control of your data, downside you are fully responsible for managing & securing your data.

@mychaelhouck2404

Жыл бұрын

@@LAWRENCESYSTEMS thats kinda what I thought.

What keyboard are you using in the video?

@technicalthug

24 күн бұрын

Anyone know what keyboard is being used?

I already have Bitwarden deployed on it’s own VM, working well. What are your thoughts on colocating it on a docker host with other services?

@LAWRENCESYSTEMS

Жыл бұрын

I prefer not too

Non-Docker Install... Hi Tom thx for another great setup-video! Is there any chance to get bitwarden running self-hosted without docker? I'm aware, that there's different dependencies db, nginx, etc. but shouldn't it be possible to set it up manually w/o docker?

@LAWRENCESYSTEMS

Жыл бұрын

Not that I know of

I keep running into an issue where the install script cannot find Docker. (internal error, please report: running "docker.compose" failed: cannot find installed snap "docker" at revision 1458: missing file /snap/docker/1458/meta/snap.yaml) I think it's because I installed Docker natively in Ubuntu and not through Snap. I would uninstall Docker and reinstall it through Snap, but I have my Plex server running on it, and I don't want to rebuild the libraries. Any solution for this?

@LAWRENCESYSTEMS

Жыл бұрын

I have not done any testing using it with snaps.

@chrisdenny

Жыл бұрын

@@LAWRENCESYSTEMS I haven't either. I wonder it isn't picking up my Docker instance.

is there a way not to setup smtp and declare my user/pwd on admin side? im the only one who gonna use this and if i want someone to use it like my wife i will setup an account manually is that possible?

@LAWRENCESYSTEMS

Жыл бұрын

nope

Any advice on redundancy for 2 instances?

@LAWRENCESYSTEMS

Жыл бұрын

It's not designed to work that way.

@heavy1metal

Жыл бұрын

Not needed - just backup the database. The client caches a copy of the vault file which eliminates the need for 24/7 uptime. So you'll have plenty of time to spin up a new instance and attach the database in the event of failure.

@MartinHiggs84

Жыл бұрын

Thanks both

One nitpick: I personally don't like how you suggested that vaultwarden "didn't write the code", they did write their own server backend. From Scratch.

@LAWRENCESYSTEMS

Жыл бұрын

Yes, but they didn't write the front end

@kjeldschouten-lebbing6260

Жыл бұрын

@@LAWRENCESYSTEMS That's fair, but the way it was placed made it sound too much like "they just stole the code and rebranded"...

@Brad-jb2bd

Жыл бұрын

@@kjeldschouten-lebbing6260you don’t know how well their code was written. It’s not gone under audits like bitwarden so it’s fair to seer clear of it in a production environment or if your are very security conscious.

How do you make the android app work with a self signed certificate without a fqdn but instead an ip address...

@LAWRENCESYSTEMS

Жыл бұрын

you don't

Can this be done in the unraid docker apps?

@LAWRENCESYSTEMS

Жыл бұрын

I don't use Unraid but probably.

im confused on the domain stuff, do i have to buy a domain/website name? i want to host on a raspberry pi. can i just use the ip address of the pi?

@LAWRENCESYSTEMS

11 ай бұрын

You have to have a working email which requires a domain.

@bossman18899

5 ай бұрын

@@LAWRENCESYSTEMS finally got time to mess around with it. a self hosted bitwarden can be done with a gmail email address you just have to get a app password setup. self signed cert and gmail email i got it all up and running. to make things a little easier a free domain with duckdns works as well. i set one up with duckdns LAN only and with a cloudflare domain LAN only with a gmail email and its working good. so buying a domain and having a smtp email server or whatever is not a need. if your using it for a company or large scale sure probably worth it but a 1-5 person setup for home super easy to do it for free with no smtp or domain stuff.

if I set this up on a old laptop connected to power running 24/7, whats the risk of the server going down? Is this a good idea or should I invest in a real server for this project.

@LAWRENCESYSTEMS

11 ай бұрын

It's all about your risk tolerance. Most laptops only have one drive so there is not much redundancy.

@dyd

11 ай бұрын

@@LAWRENCESYSTEMS How often would you expect to preform maintenance on your server. Would a drive failing be a regular occurrence?

@LAWRENCESYSTEMS

11 ай бұрын

It's not a frequent occurrence, just statistically most likely one that should be planned for

who's here from lastpass? don't forget to change your passwords!

Nice tutorial but i can't get it to work properly. When i register a new user it gives me an error "an unhandled server error has occurred" Anyone knows what i'm doing wrong?

@Crazy--Clown

Жыл бұрын

China

For $10 a year I'll stick to premium. I trust the people that made it to be more knowledgeable in security than I am.

@andrewbunch8973

Жыл бұрын

Given what just happened with last pass do you still think this.

@cmdrbozo

Жыл бұрын

If you do the following, you're still good even if the cloud-based crypt is hacked. Don't store the entire passwords. Use the auto-generated strong passwords for storage in the crypt, BUT and some secret characters e.g., to the end of all passwords but don't store these in Bitwarden. So once the password is auto-filled add your secret characters them login. For a stored password like "stored-password" the actual password might be "stored-passwordBOB"

@martinlutherkingjr.5582

Жыл бұрын

Great idea, give all your password data to some stranger on the internet.

@eek8605

Жыл бұрын

@@andrewbunch8973 as a software engineer, having the transparency of open source, i do trust it, because with LastPass they hide everything :( Plus our cyber security team had a huge look at their code before migrating from lastpass. Because one thing that needs to be clear if someone finds the hash for your vault passwords, depending on the hashing algorithm it will take a attacker more than his life to find a matching hash....thats why i trust them :0

@designer.346

Жыл бұрын

@@martinlutherkingjr.5582so delete your KZread account then, and instagram, delete everything cause you’re giving your passwords to a stranger, Bitwarden is the best program ever made to me since I always use a different password on every site so I keep forgetting them

Their docker setup really feels over engineered, what was it? 13 containers?

@LAWRENCESYSTEMS

Жыл бұрын

They break out everything in separate containers so only the containers that need to be updated are updated. They have their new version in beta that consolidates the containers so that will be an option soon.

@tehsimo

Жыл бұрын

@@LAWRENCESYSTEMS I hadn't heard about a consolidated setup, looking forward to that then!

@JohnKlingler

Жыл бұрын

All of that for a handful of users certainly is a bit cumbersome. I can only assume that this is a bit of a facsimile of their production environment where they host a gazillion users. Separating things out like this let's them scale the various bits of the infra more granularly than if everything ran in one native process. For self-hosting, it's definitely overkill. But if the containers are all deployed as separate auto-scaling deployments in kubernetes or something like that, it's probably very cost effective, manageable, and more easily monitored when your usage spikes are in the hundreds of thousands of requests per second.

@richardbillington3185

Жыл бұрын

13 microservices :--) The way of the future, monolithic apps or microsevices AKA containers.. The way of the future, embrace

@tehsimo

Жыл бұрын

@@richardbillington3185 I run all my apps in containers, but 13 is pushing it toooo far

Cloudflare, Cloudflare, Cloudflare, - I love Cloudflare for their FREE ssl wildcard cert along with there domain hosting. And then there is the CloudflareD tunnels and proxying. When used with Authentik I believe that is a great way to self host everything. I am a long time paid subscriber to Bitwarden ($10.00 a year). I have used the self hosting solution but feel safer using their servers. Love your videos and Thank you. :-)

@metal-beard

Жыл бұрын

Can we use Authentik with CFd tunnels?

@ChrisDePasqualeNJ

Жыл бұрын

@@metal-beard I am currently using it with NPM on my PI. Love it

I'm using Vaultwarden 😀

Does it run in ARM?

@LAWRENCESYSTEMS

Жыл бұрын

This version does not, but their beta does bitwarden.com/help/install-and-deploy-unified-beta/

@mcury85

Жыл бұрын

@@LAWRENCESYSTEMS thanks Lawrence

Using vaultwarden (not bitwarden!) on an internal docker through cloudflare tunnel with cloudflare certificates!

If I am not wrong. Vaultwarden is a fork of Bitwarden. They had to change the name because of legal issues on using the same name. But I could be wrong.

@hawks5196

Жыл бұрын

Yeah they rebuilt it in rust and doesn’t have the same limitations the normal Bitwarden app does. But, you can use the default Bitwarden apps with the vaultwarden server just the same.

@M.4y

Жыл бұрын

It's not a fork. But yes, the backend is written in Rust. Frontend is 99% from Bitwarden themselves. However encryption happens on client side. So the server never gets/should not get unencrypted confidential data. But I agree with Tom 13:00

I love you that you can self-host bitwarden. But Bitwarden is one of the few services out there that I DON't want to self-host and pay someone else :)

i need an smtp server?

@LAWRENCESYSTEMS

Жыл бұрын

You need access to a working one.

Why is Bitwarden better than putting a KeePass vault file on Cloud Storage? KISS principle seems to apply here, KeePass has served me well for years and I have full control of everything.

@LAWRENCESYSTEMS

Жыл бұрын

I am working on a video to cover this very common question, but the short answer is scalability with larger teams. For single users, KeePass is fine.

I'm surprised they're relying on MSSQL though...

I may have missed it, but is this running on a standalone server or is it running on a VM?

@heavy1metal

Жыл бұрын

Neither, it's a container which is agnostic of whether or not it's a VM / bare-metal solution. How you host it, is up to you.

You skipped over the installation of Docker at the beginning. Without Docker installed, the install script for Bitwarden won't run.

@tiagomez400

7 ай бұрын

hes a horrible instructionist, he skips right over the key parts, doesnt actually show how to just shows us just how he did it without showing key steps lmaoo pure garbage

Can non standard ports be used? Or we need to expose 443? Port scanners might find it fast and take interest in my home ip then

@seeingblind2

Жыл бұрын

Security through obscurity is not advisable. Have a firewall in front OR you could always setup cloudflare in front of your web server.

@Ultrajamz

Жыл бұрын

@@seeingblind2 wouldn’t a firewall close the port and force using vpn to sync?

@M.4y

Жыл бұрын

@@Ultrajamz well you can do a lot with a firewall. You can also ban certain IP-Ranges/allow some public IPs you own.

@Ultrajamz

Жыл бұрын

@@M.4y any good user friendly firewalls that allow easy geo-based ip range blocks? So like only USA ips can even possibly connect or only certain carriers or US states?

any suggestions for homelab people that dont have a company smtp email.

@LAWRENCESYSTEMS

Жыл бұрын

www.duocircle.com/email/outbound-smtp

Why not just use KeePass?

@LAWRENCESYSTEMS

Жыл бұрын

kzread.info/dash/bejne/ZmqVy9Ondau1hrg.html

@martinlutherkingjr.5582

Жыл бұрын

@@LAWRENCESYSTEMS Haha wow thanks

I love video's like this but I hate my ISP for videos like this... blocking port 80 and 443 gah.

@fourmobro6214

Жыл бұрын

Try a cloudflare tunnel and see if you can get around that.

@majorpayne4795

Жыл бұрын

@@fourmobro6214 i have never tried that.. I'll look into it.

For self hosting. Vaultwarden > Bitwarden

@LAWRENCESYSTEMS

Жыл бұрын

I prefer to use the back end made by the dev team that made the front end.

Get their paid plan..worth it 😇

Docker only right? Why is that?

I would go with Vaultwarden (based on Bitwarden) instead, why more lightweight! Hope it helps

@Brad-jb2bd

Жыл бұрын

And vaultwarden is not audited. You are risking all of your passwords using that docker container. It would be better for you to use Bitwarden unified.