[support] Vaultwarden (formerly Bitwarden_rs)


Recommended Posts

I installed Bitwarden, it seems to be working fine. I can access my vault send emails and I added imported all my lastpass passwords into the app. My issue is that I cannot login to the chrome extention it did not recognise my account. The app for android phone will it work? Do we only have a "vault" to use with our private server? OR is there something I'm missing and I want to be able to login to the browser extention too. Is there a special version of the extention to install?

Edited by RYZEN5000
Link to comment

Hello,

 

I am running bitwarden (and now vaultwarden) since long time now with 2 accounts.

 

Now I wanted to add a third account, but I cannot. 

 

First I tried to activate via the Admin-Portal. It said "send invitation" but nothing came to the users email account.

Then I deleted the account again and tried to register the user via the Login Page. Although I have deleted the Account on the Admin-Page, I am getting "user exists"....

Link to comment
On 12/1/2021 at 9:57 AM, yogy said:

Have no more ideas. Where does SWAG keeping the certs, maybe worth checking. Or you need to enable something there, just guessing. I don't use it, prefer Nginx Proxy Manager.

 

I switched from swag to Nginx proxy manager, and it immediately started working.

 

I noticed that ngnix looks like it uses dedicated certs for each subdomain, while swag uses a single cert for all subdomains listed. I went back to swag and tried setting bitwarden as the only subdomain and it worked.  Not sure what it takes to make swag work with multi subs but nginx seems to be doing to job, so I'll stay there for now.

 

Link to comment

I had to restore an appdata backup. The restore went fine, but now vaultwarden won't start anymore:

 

[2021-12-18 21:16:03.674][panic][ERROR] thread 'main' panicked at 'Failed to turn on WAL: DatabaseError(__Unknown, "database disk image is malformed")': src/db/mod.rs:307

0: vaultwarden::init_logging::{{closure}}
1: std::panicking::rust_panic_with_hook
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:610:17
2: std::panicking::begin_panic_handler::{{closure}}
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:502:13
3: std::sys_common::backtrace::__rust_end_short_backtrace
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/sys_common/backtrace.rs:139:18
4: rust_begin_unwind
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:498:5
5: core::panicking::panic_fmt
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/core/src/panicking.rs:106:14
6: core::result::unwrap_failed
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/core/src/result.rs:1613:5
7: vaultwarden::util::retry_db
8: vaultwarden::main
9: std::sys_common::backtrace::__rust_begin_short_backtrace
10: std::rt::lang_start::{{closure}}
11: core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/core/src/ops/function.rs:259:13
std::panicking::try::do_call
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:406:40
std::panicking::try
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:370:19
std::panic::catch_unwind
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panic.rs:133:14
std::rt::lang_start_internal::{{closure}}
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/rt.rs:128:48
std::panicking::try::do_call
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:406:40
std::panicking::try
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panicking.rs:370:19
std::panic::catch_unwind
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/panic.rs:133:14
std::rt::lang_start_internal
at rustc/4961b107f204e15b26961eab0685df6be3ab03c6/library/std/src/rt.rs:128:20
12: main
13: __libc_start_main
14: _start

 

How do I resolve this? 

 

Thanks in advance!

Link to comment
On 12/18/2021 at 11:49 PM, yogy said:

 

Thanks, but the steps mentioned there are too "expert" for me. How do I do those steps within Unraid? ELI5 please :)

 

EDIT:

I fixed it another way. All seems to be working again.

- Unpacked the latest appdata backup .tar.gz

- Opened the .tar file

- Extracted Vaultwarden folder

- Opened Krusader and deleted the content off the Vaultwarden folder in Appdata

- Copied the extraxted Vaultwarden backup

- Started Vaultwarden again

- All is working again. 

 

So, did I do this "the right way"? Or the it's stupid, but it works, but still stupid way? :P

 

 

Edited by FreakyUnraid
Link to comment
  • 2 weeks later...
On 6/5/2021 at 10:37 AM, Shantarius said:

Second Question:

From time to time i hvae the folloing message in the bitwarden.log:

 

###########################################################
    '/notifications/hub' should be proxied to the websocket server or notifications won't work.
    Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
    ###########################################################################################

 

What is mean with that, what is notification/hub and what can i do to solve this?

 

Thank you very much for the help!

 

Christian 

 

 

I would get the same message and also noticed that my "instant" updates were not working...I would have to manually refresh between clients to get them in sync with any changes. Luckily I had this working previously when I had vaultwarden setup outside of Unraid. Here's how I fixed it.

Config below assumes your container is exposed to the internet via Nginx Proxy Manager:

 

1. Manually add the following custom "Port" field to the Unraid container settings:

image.png.3f854ed97ca4112e32fc16551990f86d.png

 

image.thumb.png.ccaaf76b25c81208e5d5cd29c7db7469.png

 

Port 3012 is the default websocket port for the vaultwarden container. You will need to put whatever Host Port that is appropriate and available on your host workstation.

 

 

2. Setup the Advanced portion of the NPM host your configured to expose this container to the internet. See example config below:

 

image.thumb.png.4c9552c5f10ec4f22fbcdc6064dc10c1.png

 

Replace the highlighted portions with the ip and ports for your setup.

IP should be the destination ip of your NPM proxy host (likely your unraid server ip).

Replace port 3012 if you configured a different Websocket Host Port in step 1.

Replace port 8888 with the WebUI HTTP Port you configured in your container settings.

 

This is the text version of what was pictured above for easy copy and paste:

location /notifications/hub {
        proxy_pass http://192.168.1.100:3012;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location /notifications/hub/negotiate {
        proxy_pass http://192.168.1.100:8888;
    }

 

Edited by stephack
Link to comment
  • 5 weeks later...
Tried to login to my bitwarden (I know it's vaultwarden) instance today and got this warning. First time I've seen it.  Also got an error on the phone app.  I think there may have been a recent update that broke something. Is anyone else having these issues
 
image.png.622d7705285046ccc9c1dfd6286713c4.png

This has been the case for years
Link to comment

I am trying to add a new YUBIKEY 5NFC to my Bitwarden. I am told I need to globalSettings__yubico__clientId and globalSettings__yubico__key in the global.override.env file located at ~/bwdata/env/. Not sure how to get to that. Noob....

Looked at this posting...

Any help is greatly appreciated.

 

Link to comment
12 hours ago, crusemm said:

So what's the resolution?  It was working, then it wasn't (with that error) then it was working again, and now it isn't again.

You need to access Vaultwarden via secure connection with a valid certificate, that's it. It won't allow you to connect to it via http.

Link to comment

Well, I don't think it's designed to work like that and it simply doesn't allow unsecure connections. Maybe it could work with self signed certificate, but I cannot confirm this even works. It is intented to work only via https. I understand you are worried about security and wants to access Vaultwarden via LAN only, either through VPN, Proxy etc. But if you set it up correctly (reverse proxy, Cloudflare, valid certifikate, etc.) and use 2FA you are doing everything to mitigate that risk.

But like I said I understand some people doesn't want to expose their Vaultwarden to the internet but maybe someone else could provide you with assistance doing that. I never tried but I think it's doable. Sorry, this is not much help to you but maybe someone else can provide some assistance.

Link to comment
  • 2 weeks later...

I have to reboot my container a few times per week because I wake up the next morning (after a nightly backup script had run to export my sql db) and be unable to login. "Disk I/O error" or "Unable to save device" in the Vaultwarden logs. I just disabled WAL but haven't tested its efficacy on the issue yet, but I'm hopeful.

 

Does this happen to anyone else?

Link to comment
  • 3 weeks later...
  • 2 weeks later...

Is there any security issue if I place my LE wild card certificate files in the VaultWarden data folder, then add a variable to use them directly without a reverse proxy (see attached)?

 

I access my VaultWarden from within my LAN (I re-direct the URL to the unRAID server IP) e.g. https://vaultwarden.mydomain.com:4743 > 192.168.1.253 and when I'm outside my LAN my WireGuard VPN runs continuously on my devices so I have direct access to my server (and VaultWarden).

 

This appears to work fine but I'm concerned that I might be missing something.

VaultWarden-enviroment-variable.png

Link to comment
  • 1 month later...
  • 4 weeks later...

Am I the only one having problems after upgrading Vaultwarden from 1.24.0 to 1.25.0?

 

If I revert back to 1.24.0 there are no problems at all.

 

This is what bitwardenrs.log looks like on 1.25.0:

 

 

|                           Version 1.25.0                           |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the   |
| official channels to report bugs/features, regardless of client.   |
| Send usage/configuration questions or feature requests to:         |
|   https://vaultwarden.discourse.group/                             |
| Report suspected bugs/issues in the software itself at:            |
|   https://github.com/dani-garcia/vaultwarden/issues/new            |
\--------------------------------------------------------------------/

[INFO] No .env file found.

[WARNING] The following environment variables are being overriden by the config file,
[WARNING] please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN

[DEPRECATED]: `SMTP_SSL` or `SMTP_EXPLICIT_TLS` is set. Please use `SMTP_SECURITY` instead.
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:46.047][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:47.049][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:48.051][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:49.053][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:50.055][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:51.057][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:52.060][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:53.063][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:54.066][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:55.068][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:56.070][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:57.074][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:58.076][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:13:59.078][vaultwarden::util][WARN] Can't connect to database, retrying: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)
Running migration 20220302210038
Executing migration script 20220302210038/up.sql
[2022-05-26 23:14:00.080][vaultwarden][ERROR] Error creating database pool: DieselMig.
[CAUSE] QueryError(
    DatabaseError(
        __Unknown,
        "UNIQUE constraint failed: devices_new.uuid, devices_new.user_uuid",
    ),
)

Edited by gizmer
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.