Hello, I’ve been looking at many guides but I’m having trouble understanding how to selfhost VaultWarden locally. Could someone help me understand how I could achieve this considering,

  • I don’t have a domain
    • It would be nice to do something like vaultwarden.local or vaultwarden.homelab.local instead of typing in the homelab’s pc static ip and the port vaultwarden is on
  • I don’t want to expose anything outside of my local network
    • Security reasons
    • I am now well versed in networking so I don’t want to risk leaving an entry point for unwanted users or hackers

I also learned that I would need to sign certificates to be able to access it on some browsers and the additional security. I learned that Traefik offers self-signed certificates, but every video I have seen starts talking about needing a domain and cloudflare tunneling and I get lost.

It would be nice if I could get help or advice from the r/selfhosted community because I am new to all of this but want to learn and host more applications and services locally. Thank you.

  • infinitay_OPB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    That doesn’t mean you need to expose anything to the internet

    Really? How do you do this? Do you just not forward any of the ports on your router? If that’s the case then I’ll go ahead and purchase a domain and get started.

    • usrdefB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Another option which I’ve used in the past is that you can set your domain up with Cloudflare and then either utilize a Tunnel, or restrict the domain to your own IP address and it will block all external traffic. I’ve utilized it for several projects and it has always worked flawlessly. Haven’t tried the Traefik / HAproxy method.

      But Certbot / LetsEncrypt is extremely easy to use.