[CaptainJustin]

Here's a wild idea!

- Bitwarden

- Self-host

- Don't listen on public Internet IPs or regular LAN IPs

- Listen on Tailscale IP.

- Put TLS in front of it the Tailscale way.

- Run Tailscale on all your devices and access Bitwarden from your private network.

[locutous]

Tailscale requires a 3rd party network login. If Google freezes your account you get locked out of your private network also.

Tailscale is a 3rd party platform that can also disappear, locking you out of your password manager.

Maybe use nebula instead. This reduces your 3rd party dependencies.

[bravetraveler]

+1 for Nebula, I use this exact setup. Vaultwarden behind Nebula

99% of my usage is still local, but being able to get to this on the outside does occasionally come in handy

[necessary]

These are important notes, but I think the key part is that if you’re self-hosted, you presumably have access to the machine without Tailscale aswell, though it may be less convenient. So these aren’t as big of a deal as if, for example, you lost your Google account and you couldn’t access your LastPass login.

[28304283409234]

Wireguard configured by pivpn is what I use.

[edsimpson]

How do you keep Tailscale from destroying your battery on iOS? I am trying to do this but it always kills my battery and it’s a pain to only enable and manually sync Bitwarden.

[cassianoleal]

This is my experience with Tailscale wrt battery as well. It also sometimes doesn't disconnect either via the app or Settings and I'm forced to restart the phone hoping it doesn't reconnect on boot.

[stanislavb]

I'm quite happy with Bitwarden, too. I used to use 1password in the past. The UX similar with 1Password being a bit better (at least in the past).