• GoJimi@lemm.ee
    link
    fedilink
    English
    arrow-up
    17
    ·
    4 months ago

    Exactly! Self hosted FTW. Chances of a data breach… Typically pretty minor if you are smart.

    • Pennomi@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      ·
      4 months ago

      Chances of losing the data is higher with selfhosting too. Unless you’re doing some sort of multizone replication, or course.

      • nialv7@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        4 months ago

        I use syncthing so there’s a copy of my password database on each of my devices.

      • GoJimi@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 months ago

        Yeah. Daily and weekly cloud backups solve that for myself for sure.

      • Lem453@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        Borg backup to borgbase is not very expensive and borg will encrypt the data plus the vault is also encrypted

      • The Pantser@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        I am hosting on Home Assistant which itself gets a backup to my Google drive and my personal machine. So there are two backups, as long as HA doesn’t create a corrupted backup 3 weeks in a row I am good.

      • Russ@bitforged.space
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 months ago

        As long as you’re still signed into BW from any of your devices, you can always export the vault from there.

        (But yes, actual backups are always a plus)

    • Lem453@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      Keep vaultwarden behind wireguard for local only access then also use https certs and good master password. Very secure like this

        • Lem453@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          Security in layers.

          All your services should be using https. Vaultwarden in particular won’t even run without https unless you bypass a bunch of security measures.

          This is how to setup local only and external https, I highly recommend this as a baseline setup for every homelab. It allows you to choose how much security you want on a per app basis and makes adding new apps trivially easy.

          https://youtu.be/liV3c9m_OX8?si=TSWXoN_8SJDpAHaW