Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[support] Vaultwarden (formerly Bitwarden_rs)

Featured Replies

  • Author
Loving this Docker! Thanks for the great efforts.
I am getting an error though. Everything works from outside my network but not the internal. When trying to log in I get "Cannot read property 'importKey' of null". The browser extension just says wrong username or password.
Any idea?

Are you browsing trough a reverse proxy?
  • Replies 734
  • Views 278.2k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • I added the following to my reverse proxy for the admin panel   location /admin { return 404; } I only access the panel locally using the direct ip.

  • New repository is: vaultwarden/server:latest Change it in docker settings: Stop the container Rename repository to vaultwarden/server Hit Apply and start the container

  • log showing [NOTICE] You are using a plain text `ADMIN_TOKEN` which is insecure. Please generate a secure Argon2 PHC string by using `vaultwarden hash` or `argon2`. See: https://github.com/dani-gar

Posted Images

18 minutes ago, Roxedus said:


Are you browsing trough a reverse proxy?

Locally I go through "http://192.168.x.zzz:y/#/" which doesn't work.

Outside my network I use a reverse proxy (LetsEncrypt) which does work.

Does that help answer your question? I appreciate any suggestions!

I'm having the same issue... I go to https://dnsname.domain.com to login and it now tries to resolve to:  https://_/  or  https://_/admin (if using admin).  dcpdad is correct in that if you try to resolve outside your network, it resolves fine.  as of last night, it was working fine.  after the latest update, it stopped working.

  • Author

I just updated, and i dont see those errors. which reverse proxy confs are you guys using?

3 minutes ago, Roxedus said:

I just updated, and i dont see those errors. which reverse proxy confs are you guys using?

Mine is from SpaceInvaderOne

I just updated, and i dont see those errors. which reverse proxy confs are you guys using?

This one works fine for me inside and out [emoji2373]

5ac0007e305ca245b37764f6289d4a23.jpg

Hi.  I should have tried this before, but I tried with FireFox and it worked fine.. I ended up clearing out all the cookies from Brave and it started to work fine under the original letsencrypt conf file.  I did try the other one as well and both seemed to work fine.  Odd that a cookie issue would also stop the main bitwarden app from working as well... but stranger things have happened I guess.. Thanks for the help and the replies!

I have two problems. First I am not able to have a new user created. When I invite the user they get a link in the email. When they click "create account" I get a response saying "you logon session has expired" and it will not allow them to create an account. Second problem is that any changed I make under settings>options they don't stick. They revert back to the way they were before.

1 hour ago, zenmak said:

Hi.  I should have tried this before, but I tried with FireFox and it worked fine.. I ended up clearing out all the cookies from Brave and it started to work fine under the original letsencrypt conf file.  I did try the other one as well and both seemed to work fine.  Odd that a cookie issue would also stop the main bitwarden app from working as well... but stranger things have happened I guess.. Thanks for the help and the replies!

Bingo! Same result here. Switched from Chrome to Safari and it worked fine.

Thanks all for the help and responses!

  • Author

So the issue you guys are having, is that chrome disallows insecure connections and cryptokit. It makes me believe that the reverse proxy isn't fully over https.

  • Author
53 minutes ago, BrunoVic said:

you logon session has expired

Is the time in the container correct? check with `date` in a console to the container. 

 

56 minutes ago, BrunoVic said:

any changed I make under settings>options they don't stick

First guess is that the database is in read-only mode, checked the container logs?

2 hours ago, Roxedus said:

So the issue you guys are having, is that chrome disallows insecure connections and cryptokit. It makes me believe that the reverse proxy isn't fully over https.

no idea.. it's working fine now under Brave since I cleared out my cache and cookies.. browser app is also working now as well under Brave. 

9 hours ago, Roxedus said:

Is the time in the container correct? check with `date` in a console to the container. 

 

First guess is that the database is in read-only mode, checked the container logs?

I have the exact same problem as BrunoVic.

The date/time is correct. The Bitwarden dockerlogs tells me this:

[WARNING] The following environment variables are being overriden by the config file,
[WARNING] please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN

[2020-03-20 09:00:11][ws][INFO] Listening for new connections on 0.0.0.0:3012.
[2020-03-20 09:00:11][start][INFO] Rocket has launched from http://0.0.0.0:80

I have followed the guide that Spaceinvader One posted on youtube and used a xxx.duckdns.org domain.

Is the letsencrypt config correct?
 

resolver 127.0.0.11 valid=30s;
upstream bitwarden {
    server bitwardenrs:80;
}

server {
    listen 443 ssl;
    server_name xxx.duckdns.org;
    include /config/nginx/ssl.conf;
  client_max_body_size 128M;

  location / {
   proxy_pass http://bitwarden;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
  
  location /notifications/hub {
   proxy_pass http://bitwarden;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
  
  location /notifications/hub/negotiate {
    proxy_pass http://bitwarden;
  }
}

 

So I checked the time and it is correct. The error logs show this [2020-03-19 17:27:37][error][ERROR] Registration not allowed or user already exists. Problem is I created the user in the admin panel and it sends out an email prompting the user to create an account. How can the user create an account that I already created? I cannot create a password for them in the admin panel. The only way around this was to temporarily allow the user to create their own account in the admin panel and then disable that when I know they've created the account. When I first launched this container I didn't have to do that. Second as for the configs not saving the storage was already read and write. So I am not sure why any changes I make don't save.

Edited by BrunoVic

On 3/20/2020 at 7:34 PM, BrunoVic said:

So I checked the time and it is correct. The error logs show this [2020-03-19 17:27:37][error][ERROR] Registration not allowed or user already exists. Problem is I created the user in the admin panel and it sends out an email prompting the user to create an account. How can the user create an account that I already created? I cannot create a password for them in the admin panel. The only way around this was to temporarily allow the user to create their own account in the admin panel and then disable that when I know they've created the account. When I first launched this container I didn't have to do that. Second as for the configs not saving the storage was already read and write. So I am not sure why any changes I make don't save.

We seem to have similar problems. I solved my problems with an uninstallation of Bitwarden, also deleted the folder in appdata. And after that I installed it again with the same settings. Now everything works like a charm. :)

  • 2 weeks later...

so, i read that this is a known issue.  I was struggling with this today.

 

https://www.reddit.com/r/Bitwarden/comments/9azs1d/unraid_docker_issues/

 

Quote

Tweak3D 3 points·1 year ago

So I did hear back that this is a known issue when using HTTP via chrome and its not expected to be fixed as the issue surrounds security API's that are not available via HTTP. The work around is to either us another browser or implement HTTPS on the docker which will allow it to work as expected.

 

so it works fine under https in brave, chrome safari and firefox.

 

dont know what to think of that. 

  • Author
dont know what to think of that. 

 

 

 

 

What to think about what? That chrome takes a firm stand and not let people try to do actions that are supposed to be secure, over a insecure connection?

I am having an issue that recent replies in this topic have stated but I haven't seen a definite fix. I am passing this site external via the same spaceinvaderone let's encrypt config that someone else mentioned. When trying to navigate to my external URL the page gets redirected to "https://_" This happens both internal and external. If I try to navigate to the IP:Port of the container, launching via the weburl shortcut in Unraid, it takes me to the login page. When trying to login I get the following error and it does not proceed. 

 

An error has occurred.

Cannot read property 'importKey' of null

 

Not sure what to do with this.

  • Author
1 minute ago, gRuNdLeKrEiSt said:

URL the page gets redirected to "https://_"

Classical example of a bad configed reverse proxy. You can start with replacing the server_name to your bitwarden domain.
 

 

2 minutes ago, gRuNdLeKrEiSt said:

Cannot read property 'importKey' of null

This is normal when trying to login over http with chrome. 

18 hours ago, Roxedus said:

Classical example of a bad configed reverse proxy. You can start with replacing the server_name to your bitwarden domain.

My server_name was "server_name bitwarden.*;" but I just changed it to the full url and it still doesn't work. I just don't understand why this would have worked for the past several months and then all of the sudden it stopped.

Edited by gRuNdLeKrEiSt
changed wording and quote

So if I was running bitwarden before and now added this docker, how do I transition? Just export the vault, send an invite to my email and then import?

4 hours ago, tknx said:

So if I was running bitwarden before and now added this docker, how do I transition? Just export the vault, send an invite to my email and then import?

Follow this guide https://www.youtube.com/watch?v=HLcj-p-lcXY

 

On 4/1/2020 at 3:46 PM, Roxedus said:

Classical example of a bad configed reverse proxy. You can start with replacing the server_name to your bitwarden domain.
 

 

This is normal when trying to login over http with chrome. 

My bitwarden setup started working over the weekend not sure what the problem was. Thanks for the help anyway.

Whether I try the config from Spaceinvader or the LSIO config, I cant reach bitwarden over letsencrypt reverse proxy, it just shows the default letsencrypt page "The website is currently being setup under this address." etc. In the LSIO file I exchanged ALL locations to

set $upstream_app bitwardenrc;
set $upstream_port 8086;

of course, also tried with port 80.

 

Both letsencrypt as well as bitwardenrc are running on a custom net `localproxy`, the port passed to bitwardenrc is 8086, I can reach bitwardenrc over [serverip]:8086 just fine, other containers work just fine reverse-proxied by letsencrypt (i.e. gitlab, code-server).

 

The one thing that doesnt work with other containers either is having them either on localproxy or on the macvlan driver (br0) with independent ip and using letsencrypt to forward to them. So this option, which is suggested in the file from spaceinvader, doesnt work either.

Edited by 9smtm6

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.