[SCHiM]

Security is not an absolute measure. It's a cost/benefit tradeoff. 1Password may have customers that make it economical for an adversary to spend $$$$ to breach it despite "better" security, whereas your "less" secure home setup may not be worth the effort.

[8organicbits]

I wouldn't worry about a targeted attack if I was "nobody" and I was self hosting. Likely bitwarden? I'd worry about an attacker scanning and exploiting every instance they can find. Scanning is cheap and provides value in aggregate.

I'd recommend only exposing bitwarden on an intranet, or controlling access with a strict firewall, but the setup guide makes no such suggestion. https://bitwarden.com/help/install-on-premise-linux/

[usrbinbash]

I thank you for your advice and no, it's not bitwarden. I have losely described my setup elsewhere in this thread.