Post: Migrating from LastPass to self-hosted Bitwarden on Azure
Closed this issue · 3 comments
Adding notes here, in case it ends up being what I go to. Worst case, it might still help someone somewhere.
NOTE: This is for someone interested in hosting on Azure for those who are interested. There are many reasons why folks might not be, but that's ok; this post isn't for you. (NOTE: should reference Azure security incident with CosmosDB and with Azure Container Instances, which would give may a person pause, and rightly so.)
BitWarden Has a unified install and deploy via Docker. This makes me want to take it for a spin, since LastPass has essentially forever lost my trust. So, let's try it out.
My goals:
- Run reasonably well for about as much as I pay for LastPass now, or a little bit more if the experience and trust I have is better
- Self-host -- security through a bit more obscurity, since my newfound belief is that all big targets will eventually be compromised and the bad guys only have to win once.
- Store the BitWarden configuration securely. In my case, this means using Azure KeyVault for the container config itself, and probably something like Azure Container App secrets that reference the key vault secrets (is that possible? I hope so! It should be! Let's find out.)
- And actually, screw it, let's do this via Terraform, because if it works I can help others get up and running faster, and worst-case I can dump out to the portal anytime I need to.
- Set up the back-end and initialize it
- Create a workspace for prod and switch back to "default" (which I'm using for non-prod) after.
Closing this as I ended up going with 1Password instead and I have no desire to do this just for the sake of it at this point.