Currently im just running calibre and nextcloud docker containers over the web, with a ddns from noip and a cloudflare domain. But i also want to setup a vaultwarden container too, so now i need to really consider the security of my server. What are the main things to watch out for? Calibre and nextcloud are just using subdomains, is it okay to have a subdomain to connect to vaultwarden? Am i better off just trusting bitwarden and sticking with them?
You don’t get any network isolation with this approach vs a service running in its own dedicated virtual network. Just for this reason, I think Wireguard as a VPN access to other local services is insecure.
Just because your using a VPN doesn’t mean you can’t isolate hosts to a separate network. I keep my services in a different VLAN and I can route/firewall traffic between that network and anywhere else as I please.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
You don’t get any network isolation with this approach vs a service running in its own dedicated virtual network. Just for this reason, I think Wireguard as a VPN access to other local services is insecure.
Just because your using a VPN doesn’t mean you can’t isolate hosts to a separate network. I keep my services in a different VLAN and I can route/firewall traffic between that network and anywhere else as I please.