[support] Vaultwarden (formerly Bitwarden_rs)

[Moll]

19 hours ago, Archonw said:

Try to disable "cache assets".

Thanks for your reply!

This worked! Yesterday..

Today I tried to edit an entry but couldn't save it. I get the same error message again.

I then logged out of the the app and couldn't login again.

 

Edited April 7 by Moll

[winglam]

Hi all, I encountered issue logging in any devices (Mac OS, Windows, IOS etc), but web login is fine. I don't see any error through vaultwaden log. I have tried removing the app & reinstall, creating a new account along with new email & password, log in & out (I won't be able login again once I log out). I have things backup, but the problem is that I won't be able to use any form of vaultwarden client; all clients don't talk to the vaultwarden app anymore (entering the password don't trigger the log at all).

 

As far as I noticed the rsa_key.pem has been changed when I change the network type from a bridge to a custom network. I don't know if this is a cause of it.

nothing wrong with the cloudflared tunnel & firewall. I use cloudflared tunnel, and I can log in anywhere through any browsers. also nothing wrong on the OS side, Installing vaultwarden on a fresh copy of OS doesn't solve the problem either.

 

 

Edited April 13 by winglam

[rama3124]

Hey braintrust, I've got vaultwarden currently exposed to the internet through a cloudflare tunnel pointing to traefik reverse proxy but am looking to make it only available on my internal network (and on tailscale VPN) for increased security. I know that vaultwarden needs HTTPS to function but can't work out a way to make my subdomain (vaultwarden.mydomain.com) point to traefik so that it can generate a wildcard SSL certificate for vaultwarden. I tried to follow this guide linked below but when I set up the DNS record on cloudflare to point to my internal server address, it just leads to the unraid login page rather than vaultwarden and I don't have the ability to add a port number on the DNS record. How can I make the DNS record point to the traefik port of my unraid server?

 

https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let's-Encrypt-certs

 

[tmor2]

FYI: The user, who posted on April 18, 2024 (see just two posts above), seems to have identical problem that I am having.

 

1. I am unable to access vaultwarden (VW) via MacOS desktop Bitwarden app, and iOS Bitwarden app.
   1. MacOS desktop app error: "Failed to fetch"
   2. iOS app error: "An error has occurred. Exception message: An SSL error has occurred and a secure connection to the server cannot be made"
2. I do not have any problems accessing VW either via browser (intra- or internet) or via browser add-ons.

Moreover, accessing (1) was never an issue with retired bitwarden docker (before it was renamed to vaultwarden).

 

Background store:

• I installed bitwarden (BW) ~6 years ago. Everything worked well. Access by any means (browser, browser add-on, MAcOS desktop app, iOS app)
• When bitwarden docker was retired and replaced with VW docker....all I did was reuse the same BW docker, and changed repository to "vaultwarden/server"
• Today, I installed the new VW docker on UNRAID... set it up the way I set up BW. Access via intra/internet using browser/browser-addon, works fine. However, access is not possible on MacOS desktop Bitwarden app (downloaded from Apple Store) and iOS bitwarden app
• ATM, I have two dockers in UNRAID running (BW and VW). Both point to the same repository.
  • BW dockers works perfectly fine.
  • VW: issues as explained above

 

Attached are proxy config files from SWAG, and diagnostics files from each docker. The latter seem pretty similar.

 

When I look at both VW and BW DOCKER-specific(!) CLI logs when trying to login to MacOS Bitwarden desktop app:

1. on BW CLI, I can see server responds to when username is entered, then password
2. on VW CLI, server doesn;t respond to anything. It's as if no requests are being made to server at all.

 

How do I solve this issue?

Thnx

 

 

 

Edited June 1 by tmor2

[Revan335]

Please add the Log Variable/Storage to the Template.

[tmor2]

On 5/31/2024 at 5:24 AM, Revan335 said:

Please add the Log Variable/Storage to the Template.

If this was in response to my comment, then I do not understand what you are talking about. Can you explain?

 

Where is "log Variable/Storage" and where is "Template"?

Edited June 4 by tmor2

[Revan335]

3 hours ago, tmor2 said:

If this was in response to my comment, then I do not understand what you are talking about. Can you explain?

 

Where is "log Variable/Storage" and where is "Template"?

No.

The Maintainer of the Docker Container Template can ad this. Maybe @Roxedus  can this.

 

This from here was mean:

On 3/5/2024 at 3:05 PM, Discode said:

LOG_FILE: /logs/vaultwarden.log (This variable has to be manually added. See LOG_FILE and Log Storage)

Log Storage: /mnt/user/appdata/logs/ (This variable has to be manually added. See LOG_FILE and Log Storage)

 

On 3/5/2024 at 3:05 PM, Discode said:

Log Storage Path

This is used for fail2ban.

Under SWAG's docker settings, Add another Path, Port, Variable, Label or Device

Setting:  Value

Config Type: Path

Name: Log Storage Path

Container Path: /logs

Host Path: /mnt/user/appdata/logs/

Default Value: 

Access Mode: Read Only

Create a folder wherever you would like(Host Path). In my case I used `/mnt/user/appdata/logs`

[Revan335]

On 5/19/2024 at 6:19 AM, tmor2 said:

I installed bitwarden

Bitwarden have a official Docker Container?

I mean this was a Beta (All in One and easyer, better, performance) and the old one was a Bundle of many separated Docker Containers and not so easy and bad performance. So my informations about this two ways from bitwarden.

[winglam]

It's a pain the ass and I gave up. I end up self-hosting official bitwarden on my mini server proxmox instead. which is good, I can free up more resources for my unraid server.

Edited June 12 by winglam

[Gizmokrap]

Hi all,

 

I was browsing the diagnostic page on the admin panel and found out that under the 'Check', 'Uses reverse proxy' and 'Internet access via proxy' are set to 'no'.

 

I know I've set up reverse proxy via Cloudflare with correct DNS set up and tunnelled as well. I can access the site via https and log in perfectly fine (though when I click on the 'vault' through the vault admin panel, it shows up as http)

 

I can't seem to figure out why and it's making me paranoid that my server is exposed to the internet.