[support] Vaultwarden (formerly Bitwarden_rs)


400 posts in this topic Last Reply

Recommended Posts

2 minutes ago, Squid said:

Now that particular variable is missing from the template, and the container won't install properly

For this container, that wont happen with that variable in mind. You can create an account by using the variable for allowing sing ups. 
For the lsio container i brought up, it means that it wont create the user automatically on startup, you can still create it with the containers shell with the same commands you would use to create user 3 currently. 

You do inn fact bring up an interesting point, and see where the template maintainer may be able to mess it up. 

This whole discussion will probably fit another thread (please point me to it), but it would also be nice to be able to have variables connected to the branch tag. For this container its not needed, as its sql based counterpart is another image, and introduces some variables. 

Link to post
  • Replies 399
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

New repository is: vaultwarden/server:latest Change it in docker settings: Stop the container Rename repository to vaultwarden/server Hit Apply and start the container

I added the following to my reverse proxy for the admin panel   location /admin { return 404; } I only access the panel locally using the direct ip.

Thanks for the thorough response. Me and the 10479 people that will ask after me VERY MUCH appreciate it :-)

Posted Images

6 hours ago, Roxedus said:

Its really not. Bitwarden_rs doesn't have a way to generate a self-signed certificate, hence why it cant be delivered with one. 
The project has its own wiki page on enabling SLL, and another page on how to use self-signed certs with it. What you are asking is extending the containers functionality. 

 

I can help with that, if you hop on over to the discord linked in my signature.

Thank you for wanting to help. I have try it again from newone and now its working. my finaly fault was a stupid config error on my fritz box... 

so now its running finaly.. yay ^^

Edited by Wetterchen
Link to post
On 2/16/2020 at 10:42 PM, kilobit said:

Beware of putting anything important in the vault area.  I had put some stuff in there a couple weeks ago and now when I try to download an attachment on the vault it says unknown error.  I'll have to dig around in the logs to see what's going on I'll post back.

 

I had the same problem, I solved it by setting in admin panel the Domain Url to my domain. And I use cloudflare so for "Client IP header" I set "CF-Connecting-IP". Now I am able to download from both web vault and mobile app.

Link to post

I cannot seem to get my Bitwarden to restart after a server restart. Any help would be awesome.

/--------------------------------------------------------------------\
| Starting Bitwarden_RS |
| Version 1.13.1-8a5450e8 |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the |
| official channels to report bugs/features, regardless of client. |
| Report URL: https://github.com/dani-garcia/bitwarden_rs/issues/new |
\--------------------------------------------------------------------/

[WARNING] The following environment variables are being overriden by the config file,
[WARNING] please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN

thread 'main' panicked at 'valid URL: RelativeUrlWithoutBase', src/config.rs:468:15
stack backtrace:
0: 0x55c5f1cced34 - backtrace::backtrace::libunwind::trace::h4c2cc0e2e6ab3962
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88
1: 0x55c5f1cced34 - backtrace::backtrace::trace_unsynchronized::hea6bde8e7134fd0e
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/mod.rs:66
2: 0x55c5f1cced34 - std::sys_common::backtrace::_print_fmt::he7d4732f58e6db0f
at src/libstd/sys_common/backtrace.rs:77
3: 0x55c5f1cced34 - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::hf701bbc56fde8d3e
at src/libstd/sys_common/backtrace.rs:59
4: 0x55c5f1cf4e3c - core::fmt::write::he594986618f675c1
at src/libcore/fmt/mod.rs:1052
5: 0x55c5f1cc69f7 - std::io::Write::write_fmt::hd70ac90f82ab1700
at src/libstd/io/mod.rs:1428
6: 0x55c5f1cd0f65 - std::sys_common::backtrace::_print::h25a36b234ec491c1
at src/libstd/sys_common/backtrace.rs:62
7: 0x55c5f1cd0f65 - std::sys_common::backtrace::print::h62a7683f84bc3186
at src/libstd/sys_common/backtrace.rs:49
8: 0x55c5f1cd0f65 - std::panicking::default_hook::{{closure}}::h768d56ec1648bf19
at src/libstd/panicking.rs:204
9: 0x55c5f1cd0c51 - std::panicking::default_hook::h1b45fc6f2d3bc4d1
at src/libstd/panicking.rs:224
10: 0x55c5f1cd15ca - std::panicking::rust_panic_with_hook::h4280c0e24899f0dd
at src/libstd/panicking.rs:472
11: 0x55c5f1cd11b0 - rust_begin_unwind
at src/libstd/panicking.rs:380
12: 0x55c5f1cf3651 - core::panicking::panic_fmt::hd08789ca336a1e3e
at src/libcore/panicking.rs:85
13: 0x55c5f1cf3473 - core::option::expect_none_failed::h5f7476254e94cf79
at src/libcore/option.rs:1199
14: 0x55c5f14813f0 - bitwarden_rs::config::ConfigBuilder::build::h9cb995d9b2e4de93
15: 0x55c5f146f961 - bitwarden_rs::config::Config::load::hc92698509b101da7
16: 0x55c5f159dfa7 - std::sync::once::Once::call_once::{{closure}}::h41770cf18adb5a8c
17: 0x55c5f1cce441 - std::sync::once::Once::call_inner::h53918a41f1388da8
at src/libstd/sync/once.rs:417
18: 0x55c5f170adfe - bitwarden_rs::main::h37edf665a219ea51
19: 0x55c5f16079a3 - std::rt::lang_start::{{closure}}::h474530925c77fdb6
20: 0x55c5f1cd1093 - std::rt::lang_start_internal::{{closure}}::h146e16f41944d428
at src/libstd/rt.rs:52
21: 0x55c5f1cd1093 - std::panicking::try::do_call::h3f5225ae73a228e1
at src/libstd/panicking.rs:305
22: 0x55c5f1cdb0d7 - __rust_maybe_catch_panic
at src/libpanic_unwind/lib.rs:86
23: 0x55c5f1cd1b30 - std::panicking::try::h51b6356779bfebde
at src/libstd/panicking.rs:281
24: 0x55c5f1cd1b30 - std::panic::catch_unwind::h5160e22d94ba4502
at src/libstd/panic.rs:394
25: 0x55c5f1cd1b30 - std::rt::lang_start_internal::hbe3c5736d32d3fde
at src/libstd/rt.rs:51
26: 0x55c5f171c5f2 - main
27: 0x1473dace009b - __libc_start_main
28: 0x55c5f133256a - _start
29: 0x0 - <unknown>

Link to post
On 2/21/2020 at 10:45 AM, harshakavuri said:

I had the same problem, I solved it by setting in admin panel the Domain Url to my domain. And I use cloudflare so for "Client IP header" I set "CF-Connecting-IP". Now I am able to download from both web vault and mobile app.

I am unable to download attachments. I get the following in the container log:

 

[2020-03-01 13:29:45][request][INFO] GET /attachments/4792c8d7-2777-4faf-8e2a-d1f59c15620e/14993558e8d29203c55e
[2020-03-01 13:29:45][response][INFO] GET /attachments/<uuid>/<file..> (attachments) => 404 Not Found
[2020-03-01 13:30:17][request][INFO] GET /attachments/74f4380a-aa10-4b53-8f99-ff95cad2c78a/e8f4879a1cd97a7d0570
[2020-03-01 13:30:17][response][INFO] GET /attachments/<uuid>/<file..> (attachments) => 404 Not Found

 

Im behind a reverse proxy. Used the Space Invader Video to set up. I get the same response if I go to the webui using my domain or go directly to the local ip. Any help would be appreciated.

 

 

 

Link to post

odd issue I have with my BW.. it's not a big deal but slightly annoying.. I had the previous BW installed and the icon showed. After some time the icon went away. Then I updated the rs version and still can't get the icon to show. I've set the icon address.. unraid isn't going through any pihole..  

Link to post

I cannot reach the log in page from any of my devices: 

 

I would really appreciate if someone can help me troubleshoot my issue. I can reach https://bw.mydomain.com/admin

image.thumb.png.affc442f454543a83918cb7bf6fb0dc1.png

 

But I cannot reach the log in page, I only get as far as the banner and spinning circle

image.thumb.png.ee55fd0585cdf218406525aa2954eef2.png

 

The nginx error log file reveals a error and I don't know how to fix it

Quote

2020/03/15 08:59:15 [crit] 488#488: *29 open() "/var/lib/nginx/tmp/proxy/5/00/0000000005" failed (13: Permission denied) while reading upstream, client: 10.10.20.1, server: bw.*, request: "GET /app/vendor.d3f51b84f67d0f2323ca.js HTTP/2.0", upstream: "http://10.10.20.50:8086/app/vendor.d3f51b84f67d0f2323ca.js", host: "bw.mydomain.com", referrer: "https://bw.mydomain.com/"
2020/03/15 08:59:15 [crit] 488#488: *29 open() "/var/lib/nginx/tmp/proxy/6/00/0000000006" failed (13: Permission denied) while reading upstream, client: 10.10.20.1, server: bw.*, request: "GET /app/main.d3f51b84f67d0f2323ca.js HTTP/2.0", upstream: "http://10.10.20.50:8086/app/main.d3f51b84f67d0f2323ca.js", host: "bw.mydomain.com", referrer: "https://mydomain.com/"

 

The access log file shows these requests were passed through

Quote

10.10.20.1 - - [15/Mar/2020:08:59:12 +0000] "GET /admin HTTP/2.0" 200 855 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36"
10.10.20.1 - - [15/Mar/2020:08:59:13 +0000] "GET /bwrs_static/bootstrap.css HTTP/2.0" 200 25440 "https://bw.mydomain.com/admin" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36"
10.10.20.1 - - [15/Mar/2020:08:59:15 +0000] "GET / HTTP/2.0" 200 570 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36"
10.10.20.1 - - [15/Mar/2020:08:59:15 +0000] "GET /app/vendor.d3f51b84f67d0f2323ca.js HTTP/2.0" 200 150713 "https://bw.mydomain.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36"
10.10.20.1 - - [15/Mar/2020:08:59:15 +0000] "GET /app/main.d3f51b84f67d0f2323ca.js HTTP/2.0" 200 1141945 "https://bw.mydomain.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36"

 

 

In pfSense I have the following port forwarding set up

image.thumb.png.037f5e2af4dac56547e0b7b3a5fa997b.png

 

My nginx conf file looks like this:

#BITWARDEN
# make sure that your domain has dns has a cname or a record set for the subdomain bitwarden 
# This config file will work as is when using a custom docker network the same as letesencrypt (proxynet).
# However the container name is expected to be "bitwardenrs" as it is by default the template as this name is used to resolve.  
# If you are not using the custom docker network for this container then change the line "server bitwardenrs:80;" to "server [YOUR_SERVER_IP]:8086;" Also remove line 7


server {
    listen         80;
    server_name    bw.*;
    return         301 https://$server_name$request_uri;

}


server {
	listen 443 ssl http2;
#	listen [::]:443 ssl;
    server_name bw.*;
    include /config/nginx/ssl.conf;
	client_max_body_size 128M;

  location / {
#	include /config/nginx/proxy.conf;
	resolver 127.0.0.11 valid=30s;
	proxy_pass http://10.10.20.50:8086;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
  
  location /notifications/hub {
	resolver 127.0.0.11 valid=30s;
	proxy_pass http://10.10.20.50:3012;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
  
  location /notifications/hub/negotiate {
	resolver 127.0.0.11 valid=30s;
	proxy_pass http://10.10.20.50:8086;
  }
}

 

Edited by bulletjie
Link to post

Loving this Docker! Thanks for the great efforts.

I am getting an error though. Everything works from outside my network but not the internal. When trying to log in I get "Cannot read property 'importKey' of null". The browser extension just says wrong username or password.

Any idea?

Link to post
  • Roxedus changed the title to [support] Vaultwarden (formerly Bitwarden_rs)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.