[tiangolo]

Everything with Docker: https://www.docker.com/

Rancher (to control Docker stacks, set up HTTPS with Let's encrypt, etc): http://rancher.com/

GitLab (git repositories): https://about.gitlab.com/

Rocket.Chat (internal chat): https://rocket.chat/

Sentry (production code error handling): https://sentry.io/welcome/

Metabase (DB analytics and graphs): http://www.metabase.com/ Mailu (email server): https://github.com/Mailu/Mailu

Mailtrain (email marketing, using Mailgun or SparkPost): https://mailtrain.org/

KeeWeb (password storage and handling, kind of "self hosted", offline app): https://keeweb.info/

[maddyboo]

Is KeeWeb new? I went through an extensive search for a new password manager a few months ago when I transitioned from macOS to Arch Linux and yet I've never heard of it. I ended up settling on Enpass which is decent but not perfect. KeeWeb looks nice though, how do you like it?

[tiangolo]

About KeeWeb vs KeePass:

KeeWeb is a drop in replacement for KeePass, it uses the same format, so you can use the same Android clients to open the same file. IMHO It's a lot better than KeePass, especially if you are in Linux.

KeeWeb is written in JS with desktop apps using Electron. I moved away from KeePass to KeeWeb because, although KeePass was first, it is old now, it was written for Windows and then ported using Mono to Linux.

As it uses Mono for Linux, that generates some issues. For example, I couldn't copy a password from the interface and paste it in a Terminal (I'm not sure if it was because I use Tmux all the time). It handles the clipboard in weird ways. I had to paste it somewhere else, like the browser and then copy it from the browser to paste it in the Terminal. With KeeWeb it works normally.

Recently they added support for a plug-in that creates a local server compatible with the one created by plug-ins in KeePass. It can then be used by Chrome extensions like: https://chrome.google.com/webstore/detail/chromeipass/ompiai...

That last part is what made me finally decide to go for KeeWeb instead of KeePass. It gives you "LastPass" like functionality in the browser while you keep being the one that handles your encrypted DB. And then you can store that file in Dropbox, so that you have access to it everywhere.

[jlgaddis]

FWIW, I use KeePassX [0] on Arch Linux. I also use LastPass (because $work has an Enterprise account) but I prefer using lastpass-cli [1] instead of the browser extensions.

[0]: https://www.archlinux.org/packages/community/x86_64/keepassx...

[1]: https://www.archlinux.org/packages/community/x86_64/lastpass...

[ShareDVI]

KeePassX stoppet updating, switch to KeepassXC: https://keepassxc.org

[jlgaddis]

That's fine, it does everything I need it to already.

[JamesLeonis]

+1 for Keepass. I use it across Windows, OSX, Linux, and my Android phone.

[maddyboo]

KeePassX has been on my radar. I think I gravitated towards Enpass because the UI is more similar to 1Password.

I originally used lastpass years ago and I tried it again recently and hate it. I didn't try the cli, though. That would certainly be a better option than dealing with their horrible web app.

[zweicoder]

I'm thinking of self-hosting a password manager like KeeWeb but I'm afraid of my own self-hosted solution not being as reliable (downtimes / loss of data). Do you have any precautions against catastrophic failures?

[zackelan]

The self-hosted solution I use for this (switched from LastPass) is pass[0] plus syncthing[1]. Passwords are just GPG-encrypted files, so they replicate seamlessly - much better than the "single monolithic database" approach of things like Keepass which is prone to sync conflicts.

Syncthing mirrors everything between my desktop, laptop, and phone (and there's an Android app[2] that works with OpenKeychain[3] so passwords are accessible from my phone). I haven't done this yet, but it'd be trivial to also run syncthing on a cheap VM somewhere, and replicate the passwords to it (but obviously not my GPG private key) for disaster recovery.

0: https://www.passwordstore.org/

1: https://syncthing.net/

2: https://github.com/zeapo/Android-Password-Store

3: https://www.openkeychain.org/

[PascalW]

This is exactly the setup I'm using too. Works well, though the whole setup is a little less polished than 1Password which I was using before.

On the desktop I'm using Browsers [1] and QTPass [2].

[1] https://github.com/dannyvankooten/browserpass

[2] https://qtpass.org/

[JamesLeonis]

I use Keepass with Dropbox. Keepass keeps the DB file secure with encryption and many rotations, so I'm not afraid of a brute-force on the file itself. It takes 500ms on my beefy desktop to unlock the DB, and almost 3 seconds on my macbook.

Most services are tied to my email, so I have both 2factor auth AND recovery codes that I have stored in a safe place. Additionally I have the Keepass password written down in a safe (separate) place just in case. This is my backup in case I lose access to my Keepass db.

As one last bit, I have Keepass to auto-lock after a bit of inactivity, so I'm constantly retyping that password. This helps me memorize it.

In many ways this keeps me safer. I stay logged out of most websites by default. It can also protect me against terrible password policies. For example, I once had a bank that limited passwords to 8 characters. I had Keepass remind me to generate and rotate that password every quarter just in case. When Heartbleed dropped, I marked all my passwords in red and only changed them back when I updated that website password.

[johnx123-up]

Late, but thanks for the list. Mine is:

- GitLab as an alternative for GitHub https://about.gitlab.com/

- Restyaboard as an alternative for Trello http://restya.com/board