Hello from a fellow content creator in Michigan, USA. Just wanted to drop a line to let you know I enjoyed this video. Short and to the point. I appreciate your efforts and look forward to future videos.

@Techdox

6 ай бұрын

Thank you, that means a lot :) hope you are well

Wow! I had been banging my head against the wall with cloudflare, letsencrypt and bitwarden for a few days, ,making progress and learning but not getting it to work. Then I used this tutorial and bam, in 15 minutes I had everything up and running. Thank you so much!

@Techdox

6 ай бұрын

Glad I could help :)

Thank you, this helped me a lot!

This is interesting. I can log in to vaultwarden on the machine I installed Cloudflared tunnel on, but not my other one. I can also log into the self-hosted app on my phone, selecting the option the same way you did.

Hi and thanks for this content. I have a few comments about the content of this video: I would use another Port than 80, I would create locale certificates in order to be able to login localy without any dependencies (reverse proxy, internet connection), then I would show activating MFA because Vaultwarden is reachable for everyone! Then, in addition to the actual CF tunnel, at least one application rule should be created (even if in the Vaultwarden example it is just a GEO restriction). In addition, some security settings should also be made within Vaultwarden for secure operation on the Internet (disallow signup, disallow invitations, disallow show password hint, activate yubikey...). Deploying an application is one thing, but safely deploying it is much more demanding.

@Techdox

Ай бұрын

Yeah, in the referenced video Cloudflare Zero Trust, I walk through the application policies and how to lock down and secure them around the 1:10 mark :)

@MrTrilock

2 күн бұрын

I'd like to know more about the whole how do I disallow new signups. . I was testing this and if someone had my cloud flare name they could sign up on vautlwarden

@Techdox

2 күн бұрын

@@MrTrilock From their offical docs - After you have completed signed up new members to your Vaultwarden server, it is highly recommended that you disable new user signups inside your Admin Dashboard -> General Settings -> Allow new signups -> uncheck the box. Tell the user to create an account on your Vaultwarden server.

@MrTrilock

2 күн бұрын

@@Techdox thank you yet again for your very prompt replies.. all these projects and my ADHD goes crazy. Just set up traefik , now to get authentik to work with it and finish vault warden security sides and try my hand at wordpress

Dude, offering 1on1 for YT members is so fucking smart

thanks for the videos they are very helpful for a noobie like me to all this. is there any way to get this set up completely free or will you always end up having to pay for a domain? eventually i think I would like to get this set up completely locally, so maybe I will just get a domain anyway.

@Techdox

5 ай бұрын

If you wanted you could have this setup for free locally without a domain name and then connect to it using a vpn?

Great video, i just did this and it works great! But my worry is if someone knows the web address they can get to the vaultwarden log in page. I tried setting up some security on cloud flare where it would require a pin but doing so makes the bitwarden app not work for obvious reasons. How do you add security that will work with the bitwarden app?

@Techdox

Ай бұрын

What I did was white list my home IP in Cloudflare so the app worked, then when I’m away I could connect via VPN which then allowed me to connect to my service. You could also look at Cloudflare WARP as well

@David9726100

Ай бұрын

@@Techdox so basically only your IP is the only one allowed to use it? Where in cloud flare would i enter the IP to be white listed?

@Techdox

Ай бұрын

Check this documentation out - developers.cloudflare.com/cloudflare-one/policies/gateway/network-policies/ Let me know if you still need a hand

Thanks for the tutorial! I managed to finally get access to my Vault Warden instance throught the web. I am using a third party hosting for my domain, and managed to route it by changing the nameserver. Only issue I know have, is that it is still a HTTP connection, and can't seem to manage to get HTTPS to work. I would be ever grateful if you could help me figure out what to do! Thanks in advance, Sam

@Techdox

4 ай бұрын

Hey, have you looked at Cloudflare tunnels? It’s a great way to expose services using https and making it secure. I have a few videos about it

Is there any need to renew https certificates using cloudflare tunnels? Or do they handle that automatically on their end?

@Techdox

3 ай бұрын

All handled for you :)

After getting this setup as per the vid, what would you expect to happen if you access via web IP? Is the https issue corrected? If not, how?

@Techdox

3 ай бұрын

Access it via the domain name which will be via https

@ms7165

3 ай бұрын

What if I want to connect via IP rather than domain?

@Techdox

3 ай бұрын

@@ms7165 then you will need to create signed certificates for that IP address. Like you just want to access it locally but via https?

@ms7165

3 ай бұрын

Ok. Now ill just need to figure out how to do that. Thanks

@Techdox

3 ай бұрын

@@ms7165 I’ll need to make a video to cover it at some point, until then check out deliciousbrains.com/ssl-certificate-authority-for-local-https-development/

hello thanks for the video, i configured vaultwarden with your help, i have a question, how to disable signup at the login page, can you just add it to the end of the video, it would be a great help, stopping other users to login

@Techdox

4 ай бұрын

Feel free to join the Discord to explain this more, but you could add the Cloudflare SSO auth in-front of vaultwarden so people will see that and not your vaultwarden page

Thanks!

@Techdox

3 ай бұрын

Appreciate the support! ❤

Have you figured out a way to have the additional authentication to work with the iOS bitwarden app with this setup?

@Techdox

3 ай бұрын

As in if you have the Cloudflare sso in front of your app? I have white listed my public IP address in Cloudflare zero trust which means my phone app can hit bitwarden and then I use my VPN while away from home

@kiranjadhav4125

3 ай бұрын

@@Techdox you got my question right. How do you whitelist your phone’s public IP address in Cloudflare? Also wouldn’t it change at some time by your phone carrier?

@Techdox

3 ай бұрын

@@kiranjadhav4125 when I’m at home it’s my public IP for my home network and then when I’m away I use my VPN so I continue to use my public IP of my home network. This IP is static. Check this out - developers.cloudflare.com/cloudflare-one/policies/access/

Hi I managed to set up Vaultwarden with Cloudflare tunnel.. I am able to access via Web on my PC/Linux/android/iPhone.. However I cannot log in onto the apps or browser extentions.. Any way you could help? I am unable to find an answer 😭

@Techdox

4 ай бұрын

Is your Cloudflare tunnel behind a security policy? For example you can access vault warden via the web but need to login via SSO or do you just hit the vaultwarden UI when accessing the address?

@bavmoody

4 ай бұрын

@@Techdox I hit the VW Web UI straight

Does not seem very secure?

@Techdox

2 ай бұрын

Selfhosting comes with the security risks and it’s up to you how you want to secure it the most. Vaultwarden itself is a solid service and then putting it behind something like a vpn or Cloudflare makes it pretty robust