[HN Gopher] Bitwarden is now in Arch Linux community repository
___________________________________________________________________
Bitwarden is now in Arch Linux community repository
Author : libertylocked
Score : 68 points
Date : 2021-09-04 17:25 UTC (5 hours ago)
(HTM) web link (archlinux.org)
(TXT) w3m dump (archlinux.org)
| schwede wrote:
| Is this the client or the self hosted server? The page doesn't
| make that clear.
| nonameiguess wrote:
| It's the desktop client. Arch's eminently readable build files
| make this more obvious: https://github.com/archlinux/svntogit-
| community/blob/package...
| confilictswith wrote:
| It's the desktop client. The unofficial vaultwarden server
| package is also available in the community repository.
| chx wrote:
| The first dependency listed is electron11... that's desktop.
| nyanpasu64 wrote:
| How "open source" is Bitwarden? From what I can tell
| (https://bitwarden.com/pricing/), the client is open-source, but
| the service feature-gates a large number of features behind
| premium accounts. Is this feature-gating accomplished by the
| server or the client? Is Bitwarden truly community-owned free
| open-source software, or solely a complement to their commercial
| services and open-source to make for better marketing?
| julianh95 wrote:
| I believe that you can apply the license to your self hosted
| server for the features. Here is their GitHub page:
| https://github.com/bitwarden
|
| Edit Found the on-prem license docs:
| https://bitwarden.com/help/article/licensing-on-premise/
|
| Edit You could also just fork it and enable the features if you
| wanted to spend the time doing so.
| [deleted]
| onkoe wrote:
| There is an open-source server called Vaultwarden, but it is
| unofficial. The only truly open source part of Bitwarden is the
| client. :(
| AnIdiotOnTheNet wrote:
| We switched to vaultwarden from a much older Java+Flash based
| credential manager where I work, and I gotta say it's pretty
| good. It's a little weird the way accounts work from our
| perspective, but it makes sense given where it came from. And
| it's a distributed as a docker container, so it's pretty easy
| to deploy. Had to write a script to translate the old
| manager's export format into something vaultwarden could
| import, but it does have a lot of other managers' formats
| built in.
| oehtXRwMkIs wrote:
| For those confused like me never having heard of Vaultwarden,
| it is what bitwarden_rs was renamed to.
| julianh95 wrote:
| Is this not the server you are looking for? :-)
| https://github.com/bitwarden/server
| imposterr wrote:
| It is. The parent and GP comments are wrong. Bitwarden is
| fully open source and can be deployed in a local
| environment.
| pricechild wrote:
| Open Source, but not Free Software. Check out the custom
| licenced code within https://github.com/bitwarden/server/
| tree/master/bitwarden_li...
| imposterr wrote:
| Sure, but the initial assertion was that only the client
| was open source which is clearly false, so I was refuting
| that. I did not speak the the FOSS nature of the
| software.
| toyg wrote:
| Yup, technically it looks like you can only use that "for
| the sole purposes of internal development and internal
| testing, and only in a non-production environment".
|
| Basically, they clearly don't police individual users
| self-hosting, but they maintain the right to knock on the
| door of companies.
|
| Redistribution is also not allowed.
| Flimm wrote:
| That licence is neither open source, nor free/libre
| software. Almost all licenses that are open source are
| also free/libre, and vice versa. Exceptions are very
| rare, because of how similar the definitions of open
| source software and free/libre software are in practise.
|
| (By the way, the only widely accepted definition of open
| source software is the one published by the OSI, and the
| only widely accepted definition of free/libre software is
| the one published by the FSF, so those are the
| definitions we use.)
| geofft wrote:
| It's not "Open Source" except by the literal definition
| that the source is open to read (but by that definition,
| the software is free to access, too). It's just freeware
| / sample code.
|
| The license for this code https://github.com/bitwarden/se
| rver/blob/master/LICENSE_BITW... says,
|
| > _2.4 Third Party Software. The Commercial Modules may
| contain or be provided with third party open source
| libraries, components, utilities and other open source
| software (collectively, "Open Source Software")._
|
| which implies that the Commercial Modules, themselves,
| are not Open Source Software.
|
| (Also it clearly doesn't follow the Open Source
| Definition or any other standard definition of Open
| Source.)
| pricechild wrote:
| I hadn't realised half the "official" server was under a non-
| commercial _custom_ licence.
| https://github.com/bitwarden/server
|
| Last I looked, it wasn't fun to self-host anyway. Vaultwarden
| ftw!
| nyanpasu64 wrote:
| I looked through the official server. 96 out of 1680 files
| were located in the bitwarden_license directory, so I'd say
| a lot less than "half" the official server. Nonetheless
| their web offering is still non-free, and from hearing
| about the difficulties self-hosting, it's probably a bad
| idea.
|
| However I don't know whether I'm better off using Bitwarden
| free, paid, self-hosting and managing backups myself, or
| just sticking with Firefox Sync (which has a _truly awful_
| barely-working Android app).
| istingray wrote:
| I'm new to Linux. Is there a good overview of different password
| managers out there? Switching off Apple Keychain so looking for
| some basics.
|
| Apple made it easy so I didn't think about the concept much so
| not sure what I need. Is a password manager just for all my
| browser logins?
| brightly-salty wrote:
| Bitwarden offers a browser extension you can use, I use it
| daily. You create a master password which only you know and
| then you can auto fill and generate new password just like
| Apple Keychain.
| istingray wrote:
| Wow that sounds great, and it can be self hosted too?
|
| I've been curious about 1Password but it seems closed source
| and you can't self host so why bother. I'm leaving Apple for
| that reason.
| brightly-salty wrote:
| I think you can self host with the browser extension, yeah.
| Personally I just use the standard hosting because I don't
| have a good way to self-host but it shouldn't be tied to
| any particular host.
| smiletolerantly wrote:
| Very nice! Though I'll probably still be lazy and copy everything
| out of the Firefox Addon...
| [deleted]
| encryptluks2 wrote:
| I'm personally so happy with Password Store I cannot find a
| reason for the hype behind this.
| trevcanhuman wrote:
| Yeah, me too! I can even use it on iOS for that matter. It's
| honestly good enough.
|
| I actually tried setting up a bit warden server on a (not so
| old) computer but had just so much trouble with the docker
| image, couldn't really find docs on how to set up without it,
| just ridiculous in my opinion. A few months later, I tried
| using pass full time and so far it's been great!
| encryptluks2 wrote:
| Good to hear. There is a great app for it on Android, and I
| remember there being at least one for IOS.
|
| On the desktop for browser integration there are at least a
| couple well-maintained extensions. There is also gopass for
| sharing passwords with a team or multiple people.
| zwayhowder wrote:
| I use Password Store a dozen times a day, but for sharing
| passwords with my family Bitwarden is great. Cross platform,
| easy enough for anyone to use regardless of the IT profficiency
| and open source enough that I trust it more than Lastpass etc.
| libertylocked wrote:
| I had been maintaining (and patching) this package since 2018 on
| AUR and it's amazing to see it being promoted to community.
| Electron is definitely not the easiest to work with, but it's
| been fun turning a fat electron app into a sub-10MB package.
| philjackson wrote:
| How did you reduce it?
| encryptluks2 wrote:
| I don't maintain this package, but with the ones I maintain
| you use the system Electron.
| naltun wrote:
| Nicely done. Thanks for your work! The Arch community is where
| it's at because of package maintainers. Btw I use arch.
___________________________________________________________________
(page generated 2021-09-04 23:01 UTC)