From 13c9a69179cc0c14dfe6c2d0e518ac905f900f10 Mon Sep 17 00:00:00 2001 From: baldnerd Date: Sun, 13 Jul 2025 14:26:11 +0000 Subject: [PATCH] Further clarifications I wanted to include a bit of rationale as to why I went with Vaultwarden instead of the official Bitwarden Open Source server, along with a note about app combability (this is a full server, providing API and application support; it's not just browser-based). To that end, I also added some clarification for novice users that the server must be externally accessible if they want to connect to it via an app from the outside world. --- README.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/README.md b/README.md index 3880a0f..b60f876 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,38 @@ A hardened, self-hosted password manager appliance based on Vaultwarden. Designe --- +## 🤔 Why Vaultwarden Instead of Bitwarden? + +Vaultwarden is a lightweight, open-source implementation of the Bitwarden server API. It offers: + +- ✅ Full compatibility with Bitwarden official clients (web, mobile, desktop, browser extensions) +- ✅ Extremely low system resource usage - perfect for self-hosted appliances +- ✅ Easy customization and backup +- ✅ No proprietary licensing restrictions + +Bitwarden's official server requires more complex infrastructure and higher resource consumption. Vaultwarden offers nearly identical functionality in a compact, open-source form. + +--- + +## 🌐 Using Clients and Accessing Your Vault + +This server is compatible with the official **Bitwarden clients**, including: + +- 📱 **Mobile apps** (iOS, Android) +- 🖥️ **Desktop apps** (Windows, macOS, Linux) +- 🌐 **Browser extensions** (Chrome, Firefox, Edge, etc.) +- 💻 **Web vault** (via this appliance's built-in web UI) + +To use mobile or remote clients **outside your local network**, your appliance **must be publicly accessible** (e.g., via a domain name with port 443 open and a valid SSL certificate). + +For example: +- ✅ `https://vault.yourdomain.com` – accessible anywhere +- ❌ `https://192.168.1.100` – works only on your LAN + +Make sure your router/firewall allows inbound HTTPS traffic and that your DNS is configured correctly if using Let's Encrypt. + +--- + ## ⚠️ **Disclaimer** This installer is intended **only** for use on a **dedicated appliance or virtual machine** running a clean installation of **Debian 12**. It will make system-wide changes, including user/group creation, file permission changes, service overrides, firewall configuration, and package installations.