Hi Jim, I just came across this nice video but I have a suggestion when you talk about your previous videos please share a link to those videos. In this case, you mentioned Headscale, SSL certs, Docker config, etc... I am sure I can find these videos in your channel but again it would be convenient if the link is provided. Thanks for sharing your knowledge, keep up the good work. 👍👍
@@Jims-Garage Yea, I agree. Was going to jump in and set this up, but haven't followed your other videos - perhaps providing a playlist of prerequisite videos would help newbies. Thanks for great vidoes
Great video as always Jim, I really enjoy the way you explain things... clear and concise! You probably have a bunch of videos planned and ready to go but do you have a Github video in the works/planned? Or perhaps a Gitlab, self hosted option? I'm really new to the home lab scene but like the idea of learning Git at the same time and how to use it effectively, version control etc etc.
Thanks, Justin. Appreciate your time to feed back and suggest topics. It is on the to-do list, but likely later on, I will show how I use it to deploy my infrastructure.
I've been wanting to set up something like this for a long time, thanks for making it so clear and concise. I thought that this would be able to cover some of the functionality that I had with Authy before they stopped supporting the desktop app. Is there a MFA code generator in Vaultwarden?
Great video, really like the simple way you explain things, even in their whole depth. As English isn't my native tongue, I still can understand everything well enough. I am at the beginning of my home lab journey, and I am pretty sure to have Vaulwarten running in the future. Is it possible to use it for the entire family, if you grant them access via VPN? It should or? Thanks in advance.
Thanks for your comment. It is possible to access from a VPN, and use a nice name like vaultwarden.yourdomain.com - You can also setup multiple users for all family members. I hope this helps.
Hello! Thank you for this tutorial. How can I set up automatic and encrypted backups of the Vaultwarden database to another server? Isn't it risky to store passwords on a single server in case of an interruption? Thanks.
Cool, useful video; thanks. Seems odd to me that when entering the url for the self hosted address there was apparently no validation on entry. That is first I entered the FQDN without '' which was accepted but errored until I prefixed the FQDN with '' Yes they had an example but ya know.... ASSumptions
Thnaks for the video. I am just wondering which version do you host, is the implementation with sqllite, MySQL? If sqllite how many users? Did you ever run into trouble?
I run with the configuration shown. I've had it up for a few years now, only a single user but I've never had an issue. Regularly back up and also manually export my data.
Hello Jim, thanks a lot for your tutorial, very clear ! But I have a small problem, I can see Websocket errors in the console when I'm logged in my vault, have you this problem too ? Is there any config to add to make traefik handle WS ? Thanks in advance !!
The vault is encrypted on your device before it's sent to Bitwarden's server. The decryption key remains on your devices. I wouldn't worry about their server getting breached. You're more likely to be a victim of social engineering. I have TOTP enabled for new device logins.
if i click on the pihole input will it prompt me to enter the saved password just like google or i should click on the extension icon to fill in the password ?
One should know, you are less safe hosting this if you don't understand what you doing with Linux and security around your server, you are better off with a paid service if that is the case. Remember no site is safe :)
True in a sense. However, you don't need to have this open to the internet in order to use it. Your phone will cache credentials for instance, and if you do need to connect you can use a VPN.
Sure, don't port forward your proxy (albeit you probably want to). Otherwise follow my "Your Traefik Isn't Secure" video. Add additional entrypoints, or spin up an internal only Traefik.
@@Gremlin256 It's not accessible on the internet (i.e., someone cannot go vaultwarden.yourdomain.com and reach the login page). Use a VPN to access it when off your network.
Thank you Jim!
Welcome!
Hi Jim, I just came across this nice video but I have a suggestion when you talk about your previous videos please share a link to those videos. In this case, you mentioned Headscale, SSL certs, Docker config, etc... I am sure I can find these videos in your channel but again it would be convenient if the link is provided.
Thanks for sharing your knowledge, keep up the good work. 👍👍
Thanks for the suggestion, I'll bear it in mind. You should be able to search my channel by the topic and click on the thumbnail that I flashed up.
@@Jims-Garage Yea, I agree. Was going to jump in and set this up, but haven't followed your other videos - perhaps providing a playlist of prerequisite videos would help newbies. Thanks for great vidoes
Great video as always Jim, I really enjoy the way you explain things... clear and concise! You probably have a bunch of videos planned and ready to go but do you have a Github video in the works/planned? Or perhaps a Gitlab, self hosted option? I'm really new to the home lab scene but like the idea of learning Git at the same time and how to use it effectively, version control etc etc.
Thanks, Justin. Appreciate your time to feed back and suggest topics. It is on the to-do list, but likely later on, I will show how I use it to deploy my infrastructure.
@@Jims-Garage thats exactly what I'm looking for... will keep an eye out, thanks for the response 👍
I've been wanting to set up something like this for a long time, thanks for making it so clear and concise. I thought that this would be able to cover some of the functionality that I had with Authy before they stopped supporting the desktop app. Is there a MFA code generator in Vaultwarden?
@@Breeegz not sure if there's a generator but you can add codes to vaultwarden that gives you normal 2FA (e.g. 6 digits)
Great video, really like the simple way you explain things, even in their whole depth. As English isn't my native tongue, I still can understand everything well enough. I am at the beginning of my home lab journey, and I am pretty sure to have Vaulwarten running in the future. Is it possible to use it for the entire family, if you grant them access via VPN? It should or? Thanks in advance.
Thanks for your comment. It is possible to access from a VPN, and use a nice name like vaultwarden.yourdomain.com - You can also setup multiple users for all family members. I hope this helps.
@@Jims-Garage thanks for your quick response. It does help me. Thank you and have a nice day.
Hello! Thank you for this tutorial. How can I set up automatic and encrypted backups of the Vaultwarden database to another server? Isn't it risky to store passwords on a single server in case of an interruption? Thanks.
@@sdram7395 use something like restic, I have a video on it.
Cool, useful video; thanks.
Seems odd to me that when entering the url for the self hosted address there was apparently no validation on entry. That is first I entered the FQDN without '' which was accepted but errored until I prefixed the FQDN with '' Yes they had an example but ya know.... ASSumptions
Thnaks for the video. I am just wondering which version do you host, is the implementation with sqllite, MySQL? If sqllite how many users? Did you ever run into trouble?
I run with the configuration shown. I've had it up for a few years now, only a single user but I've never had an issue. Regularly back up and also manually export my data.
Hello Jim, thanks a lot for your tutorial, very clear ! But I have a small problem, I can see Websocket errors in the console when I'm logged in my vault, have you this problem too ? Is there any config to add to make traefik handle WS ?
Thanks in advance !!
The vault is encrypted on your device before it's sent to Bitwarden's server. The decryption key remains on your devices. I wouldn't worry about their server getting breached. You're more likely to be a victim of social engineering.
I have TOTP enabled for new device logins.
if i click on the pihole input will it prompt me to enter the saved password just like google or i should click on the extension icon to fill in the password ?
@@snopz both works
Awesome thanks
Welcome 😊
One should know, you are less safe hosting this if you don't understand what you doing with Linux and security around your server, you are better off with a paid service if that is the case. Remember no site is safe :)
True in a sense. However, you don't need to have this open to the internet in order to use it. Your phone will cache credentials for instance, and if you do need to connect you can use a VPN.
How to programmatically fetch the stored passwords in vaultwarden
You should be able to follow the official documentation for API authentication bitwarden.com/help/personal-api-key/
Is there any chance after deploying it to take it off the internet so it can be accessed only locally?
Sure, don't port forward your proxy (albeit you probably want to). Otherwise follow my "Your Traefik Isn't Secure" video. Add additional entrypoints, or spin up an internal only Traefik.
Would this be able to setup in Proxmox?
Yes, that's how I use it 😀
@@Jims-Garage @16:30 what do you mean by externally exposed please :) Thank you
@@Gremlin256 It's not accessible on the internet (i.e., someone cannot go vaultwarden.yourdomain.com and reach the login page). Use a VPN to access it when off your network.
@@Jims-Garagehow?
@@armanis1234 what do you mean? I use this in a docker VM hosted on Proxmox.