[arsome]

Just set up backups, enable apt unattended upgrades for major security patches and forget the rest.

If you want to really get paranoid, pass it all through wireguard or ssh tunnels, but for bitwarden at least it's all client side encrypted anyways, you could probably run it on a very out of date system without issue.

[zzyzxd]

Sure. But do you constantly verify backups, check hard drive health and file corruptions, practice disaster recovery?

And these are just for the integrity of your _encrypted_ data. There are a lot more to do to fully secure your home infra in general. How do you secure your wireguard client key on the go? Do you monitor access logs? What about Guest Wi-Fi access, vlan separation...

I don't know if worrying about all these considered being paranoid. End of day it's about risk management, and personally, the benefits of selfhosting does not justify the effort I will need to put into maintaining it.

[hda111]

It’s not everything encrypted. The server sees what domains you have passwords for. So there is a lot of metadata visible on the server. You have to trust the server also if you use the web client because the web client is loaded from the server. It could leak all your data if the server is compromised and you log in via web.

[dastx]

> The server sees what domains you have passwords for.

The server does not see the domains you have passwords for. The following data are saved in plaintext:

- A list of "equivalent domains" (this starts out with a default list, but individuals can change this). This totally can be used to deduce which websites you have an account for, but that's not really enough information, as most websites will not have an entry here.

- Some metadata such as your email, master password hint

- Most of the boolean values (mfa enabled, email verified, premium)

- Custom field types (types only, field name, and value are both encrypted)

- Revision date

- Bunch of UUIDs

Here is what a single password entry looks like when retrieved from the /sync endpoint, which happens before decryption: https://pastebin.com/FLr19qiN

> You have to trust the server also if you use the web client because the web client is loaded from the server.

This is true! However, the android app, cli, and other clients do not get loaded from the server, thus, in theory, you can inspect the source of them, possibly compile it yourself, and use that. In those scenarios you do not have to trust the server.