353
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 15 Oct 2023
353 points (97.6% liked)
Asklemmy
43822 readers
844 users here now
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
Building and running my own server for self hosting multiple tools for my home.
Bitwarden Password manager, now sharing logins/passwords for stuff my fiance and I both use is easy, and every single website we use has its own unique randomly generated password so when one site gets breached, our logins aren't compromised anywhere else
Plex, it's like your own self hosted Netflix. My file copies of any movies/TV shows go on here and it parses em all, keeps it all grouped together, streams in 4k.
Shinobi, for my security cameras. Self hosted free CRTV application, works with any open spec cameras. Has movement detection and tonnes of other open source options for plug-ins.
Deluge, handy UI for downloading torrents onto my server. Conviently added presets to it that let me download to the very folders Plex scans... cough cough.
Kavita, self hosted server for books/pdfs. Some e-readers can even connect to it. A couple popular manga reading apps also work with it. Can also just use its own browser web interface as an e-reader, it has multiple options for styles (infinite scroll, page swiping, left/right click, and even supports right to left mode for manga!)
Nextcloud, pictures/document storage. Sort of like a selfhosted filesshare/file backup. Has a mobile app that can automatically backup every picture/video you take on your phone!
Gogs, open source super lightweight git repo. Has only the bare minimum of features, basic web hook, authorization, permissions, simple web ui to edit. It does the job I need it to and that's good enough.
OpenVPN, self hosted VPN so I can securely access all the above stuff without exposing it to the internet.
Also I host my own websites on it, publicly exposed. Blog, a writing project, nothing terribly fancy.
Eventually I plan to add some more stuff to it. Migrate my smart home dependencies over to Z wave and install Home Assistant, so I don't have to rely on sending my info to google/amazon/etc to do basic smart home stuff.
I personally would never recommend someone to self host a password manager. There’s a lot of things that can go wrong, and any number of them could cause you to lose your passwords or at least access to them when you need them. There’s a lot of value in paying $10/yr for Bitwarden, to have a clear mind, and know that your information is safe, and accessible.
The value in self hosting is your passwords aren't exposed to the internet at all, and can only be accessed over VPN from outside the house.
If you care about security and you know how to run a network properly, then it's definitely worth doing.
In terms of things that can "go wrong", the first rule of homelab is "Back your stuff up", and the second rule of homelab is "Back it up again"
Seriously, when you have a single small file which is that important, it's really not hard to make sure it's backed up in several places.
The issue he/she is taking about is reliability of personal infrastructure. Its never run a password manager without HA, and since I'm not going to run servers in HA, I suppose I'm sticking to pen and paper for the important ones
Im not sure I would classify "back up your access key" as HA but you do you
I've used Keepass along with dropbox/onedrive/nextcloud (changed over the years) for a decade now and never had a problem. I keep a backup copy of my database on a flash drive in case I somehow lose all my devices. Takes like 5 minutes to set up.
I would not self host a password manager, simply because I don't want running something like that on a 24/7 online server.
Still, if I needed to run a password manager on a server, I would rather self host it than use a hosted service from someone else.
In my opinion, running such a service commercially is a much harder problem than self hosting it and has a much bigger attack surface.
This is IMHO what many people do not understand about hosting as a service vs. self hosting: The full time DevOps/Admins etc. people who work at the hosting service are hopefully better than me at hosting stuff. At the same time the problem they have to solve is so much harder than self hosting, that even if they are 10x as good as me, running my own little service with a firewall, rate limiting and monitoring should at least not be less secure.
In my opinion the risk of something killing my server and wiping my passwords out is much much scarier than the prospect of a semi competent company hosting them getting hacked. Like several orders of magnitude scarier.
Fair enough!
As I said, I would not host it myself.
My solution is much simpler and more redundant: A KeepassXC file backed up to different physical locations and 2 different cloud providers.
If I ever forget my password, I am totally screwed. :-P ... but OTOH an event which would lead to the deletion of all of my backups at the same time would be extinction - level. ;-)