I’ve been struggling for years on two things: synchronize passwords and blog posts I have read across devices. The problem kills me so much since my devices, an Android mobile, an Ubuntu laptop and an iPad, are less supported by big App companies. Aside, I want to gain control for all my data, so there should better exist a self-hosted solution. The problem are partially solved recently by deploying Vaultwarden and NextCloud on VPS. This blog post dictates the setup process and problems I met, in case anyone searching for this topic.
The two services are both luckily dockerized. To install there’s nothing more complicated than a command:
mkdir vaultwarden && cd vaultwarden
mkdir nc && cd nc
External mounted volumes here are for persisting service data inside containers. The folders should be back-up periodically, in case for potential data loss.
Several options exist to enable HTTPS for the sites. I pick the one that hides both services behind an nginx, which deals with SSL connection from clients and bypasses the content to the containers. This setup would require an nginx config like:
With configs ready, we use
certbot to issue certificates for them.
sudo snap install core; sudo snap refresh core
Note that the issuer server is banned by GFW, and you might need a proxy to get it passed.
certbot also edits nginx config files automatically to enable the certificates, so all you need to do is to reload the nginx service.
NextCloud needs re-configuration to support the nginx proxying. Edit file
~/nc/data/config/config.php and add the following lines
$CONFIG = array(
The snippet is necessary, since otherwise the clients will stuck on “Grant Access”. See this thread for a full discussion.
Bookmarks synchronization is powered by the NextCloud app “Bookmarks”. Download it from here and extract under
~/nc/data/apps/ to install. After which, enable the app in NextCloud settings from web interface.
Since most of my daily work is accomplished in web browsers on laptop, I choose Chrome extensions as clients. Luckily, both services provide chrome extensions, with Bitwarden for Vaultwarden and floccus for NextCloud Bookmarks.
I use the apps “Bitwarden” (com.x8bit.bitwarden) and “Bookmarks” (de.emasty.bookmarks) for Android, both of which can be downloaded from Google Play Store.
For Bitwarden, turn on “Auto Filling services” in its settings to enable password auto-filling. If you are using MIUI, enable the application priviledge 「后台弹出界面」 to allow pop-up on clicking the drop-down box.
Since my VPS is hosted on Tencent Cloud, Tencent COS would be a good choice for data backup storage. The platform would not charge your network fees if VPS and COS bucket are within the same region. All you need to pay is merely the storage cost.
A back-up service can be simply set up with CRON service and a bash script:
Place the script at
/etc/cron.hourly/backup-services to enable it. You would also need to create a file named
cosconfig following the doc for bucket configuration. Afterwards the backup service should be invoked per hour.
Initially I’ve encountered a strange problem that CRON would not run the script. The crux is I have named it
backup-services.sh, but CRON does not accept a file name with dot
.inside. Check this answer for details.
Password auto-filling is not available in non-Chrome browsers on Android like UC browser or MIUI’s default browser. Currently I have to copy them manually from Bitwarden app.