Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
KeePass isn't going anywhere. They're also dragging their feet on passkey support, so you might go with KeepassXC.
@slate
Wasn't there some commotion a few weeks about KeepassXC and vibe coding?
@RonnyZittledong
Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass
Link gives 404
I edited the comment. It ended with a period before, I assume your client thought it was a part of the link. Does it work now?
https://chipass.org/
404
I edited the comment, see my reply to @wiccan2@thelemmy.club.
Yep works now.
Their AI policy looks very reasonable, and they certainly aren't vibe coding. Everything is rigorously reviewed and tested by a handful of experienced, competent humans.
They also don't effectively allow collaboration though, which is my cheif reason for using a cloud hosted password manager.
What is "collaboration" in this context?
Parallel creating, reading, updating, deleting password entries by multiple users.
Whoa, thanks. I had no idea this was a thing...
Sharing passwords between groups of people so everyone always has the up to date version. Not breaking the world if two people try to modify the same entry as some file syncing solutions do.
Hmm, interesting, though isn't that a fault of the organization not having an account-linking system so that each person could have their own credentials but can still access the unified content? This workaround seems... flimsy, unless I'm not picturing a legit scenario in which no other method is as good, or something.
It's the fault of my family organization or every company we use that my parent's bank, Google, phone, laptop, etc don't allow more than one set of credentials to access the same thing?
It's not just that we need to be able to share credentials the once a blue moon I need to help them by logging into their account?
You know why most cloud based services charge money? For stuff like this, because it’s not free to implement and maintain.
Easy and fault-proof password sharing and syncing needs software and hardware to do. You either set it up and maintain it yourself, or pay for a product that does it - like Bitwarden.
But your argument falls apart against something like Syncthing's discovery networks combined with send-/receive-only folder types, which use no cloud yet allow the automatic, passive propagation of file updates to different users' devices... right? No cloud, no self-hosting, yet automatic syncing across multiple devices...
Sure they do. Multiple people can have a file open at the same time. I use it for exactly this every day at work.
With KeePassXC, that is. I don't know if other flavors have different support. I use XC primarily for the browser extension.
And you can both modify the same things without causing horrible conflict issues? And you can share only parts of your vault with someone rather than having entirely different vaults you have to switch between? I'm assuming you mean putting the file somewhere like Google Drive, and you can access it offline even if you can't edit it offline? For feature parity with Bitwarden, obviously ideally one could edit any time and it would resolve problems when it came back online if there were any but Bitwarden doesn't allow this.
Yes, no conflicts. I don't know if you can only share part of vault; I just created a separate one for a separate team.
I wouldn't put it in Google Drive or anything like that. The separate sync logic will definitely cause conflicts.
I'm not worried about having access if I'm offline, because if I'm offline I'm not going to be able to log into anything anyway.
I guess a laptop, server, IoT device, or WiFi connection when your main device doesn't have internet is out of scope for you?
Like fixing my laptop and not wanting to type the new password into my phone instead of copy/paste, sync when online?
And how are you sharing a file, to multiple people anywhere in the world realtime ish, without a cloud service you or someone else hosts? Doesn't that necessitate some syncronization logic?
It's hosted on a local network share, so we don't need Internet access.
If can't copy paste, I just type it out.
We use a VPN to the office.
As... they... should, forever.
Two articles behind a paywall, one that won’t load, and another article that says the big problem with passkeys is…people are unfamiliar with them.
If anyone tells you that Passkeys are bad, they’re a liar. Way more safe than passwords, full stop.
Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.
There is no full stop there... A password that is sufficiently long will never be cracked no matter the hashing algorithm in use. Passwords are easily transferrable and can be communicated to a third party in the event of an emergency. They also provide tunable security, where you can trade off security for convenience if you want.
Some (not all, I know) passkeys are tied to a device. Stolen device means stolen passkey, and it's potentially very difficult to recover from that. Passkeys are also locked to a certain standard, passwords have no such restrictions.
Tbh I don't understand the move for passkeys replacing passwords. They should become the second factor when a user wants additional security. They're perfect for that niche.
Are you calling me a liar? That's pretty weird; it's not like I'm telling you to stick to passwords while I move to passkeys. With that said, though, get Bypass Paywalls Clean (Mozilla-only, as far as I know) and you'll never see another paywall again. I forgot about having that.
The problem is that this is where it's eventually going to lead to.
At the very least you're misguided or don't know what you're talking about. Passkeys are not vendor locked in and of themselves.
You can make the same argument against password managers because most iPhone users that use them, use Apple's one.
They will almost certainly lead to vendor lock in. Why do you think they won't? Apple's password manager is definitely an example of vendor lock in. Many others have a simple to use export feature to CSV or something that others can understand
Edit: it could be that you don't know what the WebAuthn/FIDO2 specification says or we understand it differently? Do you know how the attestation mechanism works? That ties the key to a device of software authenticator (the software authenticator is likely going to tie it to the device somehow, possibly even via a TEE).
Not really, Vaultwarden/bitwa4den offer passkey support. When I log into a service a popup shows on my extension, I click it and I'm in. It's not gonna lead to device locking if you don't want to...