What does HackerNews think of vaultwarden?

You should use Vaultwarden if you need self-hosting it https://github.com/dani-garcia/vaultwarden.

For anyone that's interested in self-hosting Bitwarden on your server, I would highly recommend checking out the Rust implementation, Vaultwarden. It takes less resources to run, doesn't paywall certain features (I.E MFA logins), and (in my experience) has been a lot easier to work with compared to the official client.

https://github.com/dani-garcia/vaultwarden

Here, I also want to mention vaultwarden which is an open-source Rust implementation of the server: https://github.com/dani-garcia/vaultwarden

So, please define best, because it depends on what you're looking for. A list of the options I know and would personally recommend:

Bitwarden (optionally with self-hosted Vaultwarden) - Best UX for the FOSS options, syncs all your devices, overall just pretty good.

   Website: https://bitwarden.com/
   Vaultwarden: https://github.com/dani-garcia/vaultwarden

KeepassXC (optionally synced with syncthing or your cloud provider of choice) - Portable, no need to host a server to keep the database, offline-first. Database format is standardized, and other password managers support the database format.

   Desktop: https://keepassxc.org/
   Android: https://www.keepassdx.com/
   iOS: https://strongboxsafe.com/
   Syncthing: https://syncthing.net/

pass, if you're always on the terminal. (optionally synced with syncthing or any cloud provider). Or you can go with gopass, which uses the same database format, has better support for multiple users/stores, and enables git versioning by default. There are GUI and mobile clients available that are compatible with this database format.

   pass: https://www.passwordstore.org/
   gopass: https://www.gopass.pw/

These are the main ones I would recommend you take a look at for the most common use-cases. I can't recommend anything that doesn't provide FOSS clients or that can't be self-hosted, so some decent options UX-wise were excluded. You really have to see what you want out of the password manager to choose one. Keep in mind that for both pass and keepass there are multiple clients that are compatible with the database format, that affords you with more portability, options, and the possibility of having native clients.

I rely on docker-compose, Traefik, and a few simple shell scripts for most of my setup. Each service I have in its own directory with their own data/ and config/` drectories. Overall, self-hosting has been far less work than I expected. Generally speaking, things don't break and are quite easy to get up and running. I will put * beside strongly recommended services.

- changedetection This monitors webpages for changes and sends you notifications on multiple streams when they change. This is the service I have found the most awkward and least useful! (https://github.com/dgtlmoon/changedetection.io)

* ghost for blogging (https://ghost.org/)

- gotify for notifications to my phone (https://gotify.net/)

- grafana for streaming logs and metrics from these services (https://grafana.com/)

- heimdall for a vanity dashboard (https://heimdall.site/)

- homeassistant for all home automation needs (https://www.home-assistant.io/)

- matrix synapse for communication (https://matrix.org/)

* mealie for recipes and meal planning (https://mealie.io/)

- photoprism for photo storage (https://photoprism.app/)

- plausible for privacy respecting analytics (https://plausible.io/)

* portainer to do light admin on these containers (https://www.portainer.io/)

* send to replace wetransfer (https://gitlab.com/timvisee/send)

- splunk for logs/visualizations (https://www.splunk.com/)

* traefik to handle all the routing to the containers. When it doesn't work, it's very awkward to fix, but it almost always works just as you expect it to (https://traefik.io/)

* vaultwarden as a password manager (https://github.com/dani-garcia/vaultwarden)

* vikunja an incredible todo list service. I cannot recommend this highly enough! (https://vikunja.io/)

* wallabag a straightforward article saver/reader (https://www.wallabag.it/)

I have also hosted Mastodon in the past, and while it was easy to host, it would eat storage space too quickly for my small setup. It also doesn't lend itself well to being a single-user instance in my experience as it makes finding organic content difficult.

I've been using and paying for Bitwarden for almost two years now. However recently I purchased a Raspberry Pi, so now I've completely shifted to self-hosting Bitwarden (using Vaultwarden[0]) on it. On top of it, I've attached a custom subdomain to the server through Cloudflare Tunnel, so even behind non-static IP address it works well (with SSL).

No privacy or security issues now since I own all my data, no subscription fees, and no complaints till now with the self-hosted setup. Definitely would recommend!

[0] https://github.com/dani-garcia/vaultwarden

Throughout the years I've tried most of the more popular ones on the market, some times forced via work and other times because I was curious.

- KeePassXC: tried this when I was looking for a self-hosted, open-source alternative to LastPass years ago. Was surprised at how well it worked, but syncing was too much of a hassle so I gave up fairly quickly.

- 1Password: my favorite of the bunch so far, great UI and UX, works seamlessly across all my devices with all the stuff I want and need: credit card info, logins, 2FA, automatic hidden email generation via Fastmail, easy sharing and family accounts work really well, CLI for use in scripts and now builtin SSH-key management. Not a huge fan of the subscription model, but probably the service I am most happy to pay for.

- LastPass: was forced to use this at my previous job, absolutely hated it. The UI and UX feels ten years behind 1Pass and Bitwarden, it's slow and not nearly as featureful as the alternatives. I switched from them when they were bought out by LogMeIn, but it doesn't look like the product has meaningfully changed since then.

- BitWarden: played around with this for a while, but didn't switch from 1Pass mostly because I am not willing to host something like this myself and it costs the same as 1Pass with less features and polish.

Personally, I would recommend 1Pass for a "it just works" and Bitwarden hosted yourself if you want the same but on your own premises via https://github.com/dani-garcia/vaultwarden.

This is a long but satisfying road if you're a tinkerer. Start by prioritising. In my case, I was worried about Google locking me out so I started there, other things such as VPN could wait because I wasn't locked in on my VPN service.

In your case that might be migrating your photos off iCloud. I found the awesome-selfhosted[1] list to be excellent for trying out different products that match the size of the VPS you've got or maybe you just want to put that onto your local Synology NAS if you don't need your whole photo roll on the go.

Self hosted BitWarden is also another good starting point with the very lightweight vaultwarden[2] just make sure you always know where your vault is stored on your server and make backups.

While it's a long road it doesn't need to consume your life daily but it still requires you to keep up with all the things any sysadmin needs to handle like monthly patching, monitoring the logs for sustained abuse and break in attempts.

Subreddits /r/selfhosted and /r/homelab are also great places to have a browse.

[1] https://github.com/awesome-selfhosted/awesome-selfhosted#pho...

[2] https://github.com/dani-garcia/vaultwarden

I've been using Bitwarden's clients (browser extension, mobile apps, desktop apps) with a self-hosted vaultwarden [1] server. It's marginally free if you are already self-hosting other stuff. I'm hosting it on a raspberry pi 4b at home and exposing it to public Internet through Cloudflare zero trust (also free). Had no problems so far.

[1] https://github.com/dani-garcia/vaultwarden, note that it's different from Bitwarden's official server (https://bitwarden.com/help/install-on-premise-linux/), uses less CPU/memory, and enables premium features like TOTP for free.

I use Bitwarden. I don't trust that service with my data. I host an instance of the community-developed backend: https://github.com/dani-garcia/vaultwarden on my own server so that I don't need to, and use the FOSS clients to access it.

I feel more comfortable with that than syncing a KeePass file over dropbox or google drive, mostly because I got myself into a nasty situation that way with a corrupted KeePass database a while back.