I thought that Vaultwarden install was going to be a little simpler but after having consulted a few guides here and there its maybe less straightforward than I thought.
My use-case is to use it on may internal LAN only with not access from outside whatsoever. In theory, http should be fine, but as this tool will contain quite a bit of sensitive data, I can see why it may be a good idea to go https. Are most of you internal users only setting up https?
My network is behind a pfSense setup that uses unbound to resolve all DNS. Locally, all my DNS requests are being forwarded on the subnet I will have Vaultwarden installed.
- First question is whether for internal network use only, I need to go https.
- Second question is whether I need to follow this guide?
I don’t have any proxy.
Time to learn how to use one :) ! I always use https for all my services in my LAN with a local certificate authority !
I can access all my services with a LAN domaine like the following:
https://*.home.labThe reverse proxy allows to listen on 80 and 443 and forward your traffic to your specific service (https://vaultwarden.home.lab/) and back without the need to fiddle arround with ports and IPs. Thus avoiding port collision if 2 services are listening on the same port !
May I suggest Traefik if you go the docker route? Nginx is also a good solution but way more complex to setup.