this post was submitted on 17 Jul 2023
108 points (97.4% liked)

Selfhosted

39435 readers
9 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi y'all! Sorry for asking so much on this sub! Y'all have been so helpful!

This time, I'm thinking of transitioning from 1Password to a self-hosted option.

Of course I know about Bitwarden, and I'm looking into it now, but are there any other recommendations y'all have? Have y'all heard of and used Passbolt? It seems nice, but it looks like it only does passwords and not other categories like 1Password does.

A few things of note: I'd like it to have different categories, a la 1Password. (Logins, SSN, ID, member card #, etc) Maybe multi-user so I can have an account for my wife. Password generator of course, and I'm not sure if y'all are familiar too much with 1password, but it allows you to customize the fields in each entry. So it starts with the basics (username, password, url), but it allows you to add sections and entries too! I could add a "security" and add my 2FA code on there, my backup codes, etc.

Honestly, that last one is a biggie, so I think I might be talking myself out of moving over now, but I'm sure that AgileBits or whatever the company is called will abandon, if it hasn't already, 1Password 7 with local vaults, in favor of 1Password 8 that only uses 1password subscription accounts.

Sorry for the rant and wall of text. Thank y'all in advance.

Update on July 21, 2023

I decided to self-host Vaultwarden as it was designed to be a lightweight (on resources) version of Bitwarden. For Android, I'm using the "Keyguard" app to access my instance, and the official Bitwarden browser extension on my wife's MacBook. 1password fucked me over, and I had to manually copy every password 1 by 1, luckily I only had ~500 entries.

I'm still doing some research into the best app for android (the official Bitwarden is ugly, and Keyguard is pretty, but I'm still looking around.)

Thank each and every one of you for taking time to answer my question!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 54 points 1 year ago* (last edited 1 year ago) (2 children)

https://keepassxc.org as Password manager and 2FA and https://syncthing.net to sync the database between your devices without a central server.

  • You can have several databases (one for wife, one for you)
  • You can store your 2FA there
  • You can make nested groups of your passwords
  • You can store certificates and other attachments as files or custom fields like backup codes, etc.

Don't use Keepass or KeepassX but the KeepassXC version is the community version most polished and with most functionality.

There are many 3rd party clients which can read/write the keepassx database file like:

Instead of Syncthing you can also use some other file sync if you have it set up already like iCloud, Nextcloud, Dropbox, but Syncthing I find is the easiest set up and forget.

[–] [email protected] 11 points 1 year ago (1 children)

I do this exact same setup but one thing to add to your answer and be aware of is that syncthing is not a backup solution. If you delete the files on one computer, those files will be deleted on the other synced devices. And accidents can happen.

So, as always, take backups.

[–] [email protected] 3 points 1 year ago (2 children)

Yeah, it always stresses me out when I see people saying that synchthing is a backup solution... (not that OP did here)

[–] [email protected] 3 points 1 year ago

You can configure Syncthing to keep deleted/changed files for some time. So you could connect a Raspberry Pi to store everything read-only.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Well, it's a great alternative for people who can't afford a local server. I just set it to one-way sync from phone to PC for backup, while for KeePass I just enable file versioning and use 2 databases to be safe from accidentally overwriting it.

[–] [email protected] 6 points 1 year ago (1 children)

I use keepassxc and save the DB in WebDAV. Can't imagine it getting easier. Can access it from any device.

[–] [email protected] 1 points 1 year ago (1 children)

Doing pretty much the same thing but using the android app from AuthPass with backup to my Nextcloud. (It uses kdbx to store the passwords)

[–] [email protected] 1 points 1 year ago

I sync webdav via Davx5 to my android. It integrates seamlessly