bank-vaults
vaultwarden
Our great sponsors
bank-vaults | vaultwarden | |
---|---|---|
10 | 489 | |
0 | 32,770 | |
- | - | |
0.0 | 8.9 | |
8 months ago | 10 days ago | |
Go | Rust | |
Apache License 2.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bank-vaults
-
Self-hosted Secrets Manager (or something alike)
there's https://github.com/banzaicloud/bank-vaults wich is a wrapper for hashivault, so not exactly what you're looking for but worth looking into.
-
Secrets Management on Kubernetes: How do you handle it?
https://github.com/banzaicloud/bank-vaults. Mind you after Cisco bought Banzai work on this project seems to have stopped. It works very well for us though.
-
Secrets Management with Hashicorp Vault - which integration point to use? Sidecar Injector? ESO?
We are using Banzai Bank Vaults Webhook and we’re very happy with it.
-
Project: Running a local cluster with TLS, ArgoCD GitOps, Vault and a PostgreSQL operator
If you ever want to see vault at that kind of level check out bank-vaults. Overkill for many, but it sounds like a decent fit for what you've already got in place and might reduce the boilerplate.
-
Run a pod in a namespace without having access to it's secrets?
Use vault-env (we use https://github.com/banzaicloud/bank-vaults) to inject the secret as an ENV var to the pod at runtime, based on Vault's Kubernetes auth
-
Secrets storage best practices
We use bank vault to inject secrets as environment variables. This does not require changes to the app. A sidecar is automatically added to the pod to retrieve the secrets and inject them in the app runtime. Here’s the link https://github.com/banzaicloud/bank-vaults
- How to manage passwords in Helm
- Homelab: Cluster Architecture
-
Kubernetes authentication from multiple, external clusters
I can follow up with examples if you'd like. You might like BanzaiCloud's Bank Vaults. We personally only use the Configurer component which just provides useful mechanisms to dynamically, or once off, configure Vault via data structures we supplied via ConfigMap.
-
Secrets Managers for Kubernetes (Vault (Hashi), Conjur (CyberArk), Platform Specific, etc)
Encrypted secrets can't be more than a temporary solution. That's why I'm not a fan of SOPS/Sealed Secrets/etc. I think the future for both security and usability is dynamic injection. Vault is the dopeness but I'm not a fan of the upstream Vault Injector -- shared volumes are a step backwards. It's all about the BanzaiCloud Vault Webhook -- secrets **only ever available to the running process**, rotation means: update the value in vault and bounce the pod, done. This is the way.
vaultwarden
-
Bitwarden
To people who want to self-host this, look at Vaultwarden which is a fully compatible alternate server with even more features:
https://github.com/dani-garcia/vaultwarden
Been running it for a year with 0 issues.
- Vaultwarden issue on sysnology
-
What program(s) do you use to remember passwords, including crypto?
For passwords and 2FA I use Bitwarden in combination with a self-hosted Vaultwarden service (for imcreased security and use of pro features for free).
- Comment gérez-vous vos mots de passe ?
-
List of your reverse proxied services
Vaultwarden as Password-Safe
-
Open Source: An Antidote to Closed Source Vulnerability
I have a lot of software that I host myself on my home server, partly to save money but also because I want to control my own data. For example, I host VaultWarden which is the open source server for BitWarden. This gives me all the premium features for free with the added bonus of keeping my passwords out of the cloud.
- Vaultwarden 1.30.0 released with passkey support
- Vaultwarden: Unofficial Bitwarden Compatible Server
-
Bitwarden: Free, open-source password manager
Self hosting is incredibly easy with vaultwarden (https://github.com/dani-garcia/vaultwarden)
-
Your privacy is optional
I have now switched to using the BitWarden app with the self-hosted VaultWarden server. I have set it up, so my passwords are only accessible when connected to my home network either physically or with a VPN (I am using tailscale for this).
What are some alternatives?
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
postgres-operator - Postgres operator creates and manages PostgreSQL clusters running in Kubernetes
Passbolt - Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
vault-csi-provider - HashiCorp Vault Provider for Secret Store CSI Driver
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
secrets-store-csi-driver-provider-azure - Azure Key Vault provider for Secret Store CSI driver allows you to get secret contents stored in Azure Key Vault instance and use the Secret Store CSI driver interface to mount them into Kubernetes pods.
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
postgres-operator - Production PostgreSQL for Kubernetes, from high availability Postgres clusters to full-scale database-as-a-service.
authelia - The Single Sign-On Multi-Factor portal for web apps
helm-charts - A curated set of Helm charts brought to you by codecentric
Nextcloud - ☁️ Nextcloud server, a safe home for all your data