Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
SWAG is great for overwhelmed Nginx beginners. It comes preconfigured with reasonable defaults and also provides configs for a bunch of popular services: https://github.com/linuxserver/reverse-proxy-confs. Both Bitwarden and Vaultwarden are on there.
Note that this setup assumes that you will run your service (Bitwarden/Vaultwarden) in a Docker container. You can make SWAG work with something that's running directly on the host, but I'd recommend not starting with that until you've fooled around with this container setup a bit and gained a better understanding of how Nginx and reverse proxies in general work.
SWAG works perfectly, so much easier. It also handles the Let's Encrypt certificates automatically - no more having expired domains.
If a service config isn't available, you can confidently copy another and make a few modifications and have it up and running in no time
Nginx Proxy Manager does also manage certificates, it makes it even easier to create separate certificates for different subdomains, which is nice for my sanity.
I don't like that anybody checking out one certificate of any service and get all the subdomains I'm running too, and wildcard certificates are bad practice.
I was running the LS.io Letsencrypt container as it was named before, and SWAG for years, without any problems, it does its job, but then i've tried NPM and it made my life easier, i love the ability to change access rules or proxy settings with some simple clicks too, without having to edit countless config files for simple changes everywhere, that's what ultimately made me stay there.