jeff/portioner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add Vaultwarden config and set PUID to 1044

Browse Source
This commit is contained in:
Jeff Cheng
2026-02-22 15:38:13 -05:00
parent f379885c9c
commit 880cc24bde
5 changed files with 235 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
vaultwarden/RESEARCH.md Normal file
View File

@@ -0,0 +1,43 @@
# Self-Hosted Password Manager Research: Vaultwarden vs Alternatives
## Conclusion & Recommendation
**Vaultwarden** (formerly bitwarden_rs) is the highly recommended choice for a self-hosted password manager for personal or family use, running on a Synology NAS.
It provides the premium experience and cross-platform compatibility of Bitwarden without the massive resource overhead of the official enterprise server.
## Detailed Comparison
### 1. Vaultwarden
* **Architecture**: A lightweight, community-driven server implementation of the Bitwarden API written in Rust.
* **Resource Usage**: Extremely low CPU/RAM usage. Perfect for a Synology NAS environment. Often requires just a single Docker container.
* **Device Support**: 100% compatible with all official Bitwarden clients:
* Web Vault
* iOS App
* Android App
* Browser Extensions (Chrome, Firefox, Safari, Edge, etc.)
* Desktop Apps (Windows, macOS, Linux)
* **Features**: Includes premium Bitwarden features for free, such as:
* TOTP (Time-based One-Time Passwords) authenticator
* File attachments
* Organization/Family sharing
* YubiKey / WebAuthn support
### 2. Official Bitwarden Server
* **Architecture**: Commercially supported, enterprise-grade architecture using .NET Core and Microsoft SQL Server.
* **Resource Usage**: Very heavy. A standard deployment spins up over 10 containers (mssql, web, api, identity, admin, sso, etc.) and consumes gigabytes of RAM. Not ideal for a standard NAS unless it has dedicated enterprise resources.
* **Features**: Full enterprise features, directory sync, SSO integrations, commercial support.
* **Pros/Cons**: While it is the "official" server, it is complete overkill for individual or small family usage, making Vaultwarden the pragmatic choice.
### 3. Passbolt
* **Architecture**: Designed primarily for teams, agencies, and enterprise collaboration with a strong focus on compliance (GDPR, ISO 27001).
* **Security Model**: Uses GnuPG (OpenPGP) for encryption, which is excellent for shared passwords but can be more complex for end-users to manage keys.
* **Device Support**: Offers Web, iOS, Android, and Browser Extensions. However, the mobile experience is often cited as less "seamless" compared to Bitwarden for simple personal use.
* **Ease of Setup**: Complex. It practically requires an SMTP server configuration just to invite your first user and complete the installation process.
* **Pros/Cons**: Excellent for businesses needing granular, role-based password sharing, but overly complex and somewhat rigid for an individual home-lab user.
## Next Steps for Repository
If you choose to proceed with Vaultwarden, the implementation should follow the repository standards:
1. Create a dedicated `svc-vaultwarden` user on the NAS.
2. Create a `SETUP.md` document for it.
3. Implement an Intelligent Dry-Run script (`create_vaultwarden_folders.sh`).
4. Deploy it via a `docker-compose.portainer.yml` stack grouped with a reverse proxy or cloudflared tunnel for secure remote access.