Help hosting Vaultwarden local only (alien.top)

submitted 1 year ago by infinitay_@alien.top to c/main@selfhosted.forum

19 comments fedilink hide all child comments

Hello, I've been looking at many guides but I'm having trouble understanding how to selfhost VaultWarden locally. Could someone help me understand how I could achieve this considering,

I don't have a domain
- It would be nice to do something like vaultwarden.local or vaultwarden.homelab.local instead of typing in the homelab's pc static ip and the port vaultwarden is on
I don't want to expose anything outside of my local network
- Security reasons
- I am now well versed in networking so I don't want to risk leaving an entry point for unwanted users or hackers

I also learned that I would need to sign certificates to be able to access it on some browsers and the additional security. I learned that Traefik offers self-signed certificates, but every video I have seen starts talking about needing a domain and cloudflare tunneling and I get lost.

It would be nice if I could get help or advice from the r/selfhosted community because I am new to all of this but want to learn and host more applications and services locally. Thank you.

you are viewing a single comment's thread
view the rest of the comments

[-] SagaciousZed@alien.top 1 points 1 year ago

I see many people advocating for a publicly trusted cert, but if you want to get some practice using privately signed certs it is also an option. Many companies have private CAs so you might as well get in some practice.

Technically, you don't need a domain or a cloud flare tunnel. You do however need to make sure the certificate you generate and the name you use to connect to you. You will need to add the local authority as a trusted root if you do not obtain publicly trusted certificates.

Reverse proxies like Caddy can also act as their own CA. It also makes it easy to configure the name. As long as you add it as a trust root to your clients, any certificate generated by Caddy will be trusted by the client.

This way, you don't need an external domain name.

this post was submitted on 28 Oct 2023

2 points (100.0% liked)

Self-Hosted Main

504 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

communick@selfhosted.forum