Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
This is going to sound weird, but I think I tried it a few days ago on my server. I never installed it at the time because of all of their setup steps to enable OICD login. I've been on the hunt for a OICD/SSO compatible one since Vaultwarden isn't yet capable of such a thing. I just installed Authentik and it sparked the search. LOL - I've used Vaultwarden for a few years now and have yet to find anything quite as capable as it for managing my well over 500 logins I've accumulated over the years.
Your post got me to install it and I believe it will work, I'm testing it and can report later if you want. :)
Testing so far - I got it to do the SSO with a little work. There's a TON of file editing which needs to be done, so as long as you follow their docs, it should work okay. I was able to export my Bitwarden plain JSON file (I use Vaultwarden), and it was flawless. The server dumped all of the logins into a folder so you have to expand that to get to the main logins which if you had them in folders already, are there as "Sub Folders" if you will. You can move the folders one-by-one but not en-masse which may be a show stopper for some. Especially if you have many to move like I do.
PROS:
Enterprise version is free which supports SAML/OPEN ID and others whereas their personal doesn't. SSO login was SEAMLESS as in you clicked the login button, and immediately logged into the server. No separate username/password to enter.
It has a pretty nice GUI out of the box
CONS
TOTP is NOT included in the logins, this means that in order to get to the TOTP code, you have to search for it using the browser plugin, then copy it from your web portal and then copy it over to the tab you were on. On my Firefox session, it FROZE IT UP For longer than the TOTP code expiration so I had to copy a new one and was able to pass the login through.
You have to be logged into the web panel before the browser extension will work. You can close the tab though and it will retain your session. Compared to below, it's a night/day difference where there -it logs in to the server without ever touching the web vault which I rarely ever use.
vs.
**Vaultwarden/Bitwarden **
Maybe I'm spoiled, but I've completely grown accustomed to the pasting of the TOTP code during my login session after I fill in the credentials. This by far is hard to break the cycle. Some may argue that it's not secure to store your TOTP in the same password manager and they are probably right, but for me, it's enough. :)
Vaultwarden is working on SSO it seems so this may be something to consider if you are working into the SSO world like I have been. https://github.com/dani-garcia/vaultwarden/pull/1955
Edit to fix formatting and add another con about the plugin this time.
Thank you for your report 👍