Sharing passwords with teammates is no longer a problem for self-hosters
Remember those yellow post-its on monitors? Most of the time, they “hide” the secret password for your user account. Sharing secrets was easy. Passing the note to your teammate solved the problem of shared accounts.
Later, the first digital solutions came around the corner. Do you remember solutions like PGP to encrypt the password and send it by mail to the teammates?
In 2003, the first version of KeePass, an encrypted secrets' database, saw the light of day. It was a nice piece of evolution in the history of storing secrets.
Later, the first software-as-a-solution companies launched their services. You may remember LastPass or 1Password. It was easy to store all your secrets on their cloud-based infrastructure and share credentials with your teammates. But didn’t you ever have concerns about trust in privacy or encryption? To be fair. I used 1Password on my Apple hardware for years. It’s a nice little piece of software for my daily work.
Bitwarden for storing and sharing secrets in a self-hosted way
In 2016, Bitwarden Inc. introduced Bitwarden, the first service as open source software, like those of 1Password and LastPass. Bitwarden has everything for self-hosters. An open source server component, a huge set of clients for various desktop and mobile operating systems, and add-ons for the most popular browsers.
You are able to save your personal credentials and configure bitwarden with so-called organizations. Invite your teammates or clients to your added organization and share secrets with them. Permission settings allow you to split credentials into different collections to accommodate different users in your organization. Say: Teammates from the social media team have access to secrets from Twitter, Facebook, Instagram and your beloved Mailchimp, while your devops colleagues have access to servers, services and hosting provider dashboards.
Vaultwarden on Cloudron
Vaultwarden is the alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. And the best: It runs on Cloudron.
For security reasons, vaultwarden does not use Cloudron’s LDAP user management. So each user in your organization must remember the credentials for an additional user account. Maybe it’s a good time to use the rest of your old post-its.
Just kidding :)
Update 06.07.2021
We found a video on the Linode YouTube channel about the installation process of Bitwarden on Cloudron and would like to share it with you. Thank you, Gardiner, for the video :)
Links
Vaultwarden
https://github.com/dani-garcia/vaultwarden
https://forum.cloudron.io/category/64/vaultwarden
https://www.cloudron.io/store/com.github.bitwardenrs.html
Bitwarden Clients
https://bitwarden.com/download/
Cloudron
https://www.cloudron.io/get.html
https://forum.cloudron.io/category/4/support