full image - Repost: Self host or stay with SaaS (from Reddit.com, Self host or stay with SaaS)
Mining:
Exchanges:
Donations:
Hey there,Right now, I honestly don’t know what to do.I started my small homelab with a Raspberry Pi running Pi-hole. Later, I upgraded to a mini PC running Proxmox, hosting an AdGuard + Unbound DNS stack, plus Docker with a few containers (Dockge, Nginx, Uptime Kuma, and some other services).I began using Vaultwarden via a WireGuard VPN on my laptop and phone. But I’d like to use it without a VPN connection and make it available to my family members as well.I’m based in Germany and use Telekom fibre as my ISP. I registered my domain with Cloudflare because they offer a wide range of security features and proxying.And that’s exactly where the problem starts…I installed OPNsense in a VM and Vaultwarden (VW) on a second VM, placing the VW VM in a DMZ.I did the usual hardening (no connections from VW to the main network vise-versa, only exposing port 443 to Cloudflare IPv4 addresses, etc.) and used only proxied Cloudflare DNS so my home IP isn’t exposed in the first place.I felt pretty secure.Then Cloudflare hit me with massive ping spikes (>1000 ms) and severe packet loss (up to 90%). This isn’t unusual, since Cloudflare and Telekom have major peering issues—but right now it’s unbearable. Not being able to reliably access my service has a huge impact on day-to-day use. So I shut it down and started rethinking the whole setup.At the moment, I’m considering renting a small VPS (4 cores, 4 GB RAM, 120 GB NVMe) for €3/month from IONOS. My plan would be to use Pangolin and keep the rest as it is: OPNsense, and behind it the VW VM in the DMZ. I’d need to adjust my firewall and NAT settings at home, configure the IONOS firewall, and establish the Pangolin connection. Cloudflare would only be used as for the domain records and not as a proxied DNS service. Most likely integrate Authentik too. That should solve the peering issues.Now my main “problem”:Either I self-host Vaultwarden and spend €36/year plus the cost of running my homelab, or I keep using 1Password Family for around €60–70/year and keep the security worries and stable connection to the pros. What aspects am I missing? What are your reasons to self-host versus paying for a managed service?Thank you
Social Media Icons