BitWarden - self hosted password manager using bitwardenrs/server image

Docker BitWarden - self hosted password manager using bitwardenrs/server image

Currently reading
Docker BitWarden - self hosted password manager using bitwardenrs/server image

Gibrus

Byte Poster
NAS
DS412+
@Gibrus what exact error do you get?
The message showed is: "There is a problem connecting to the server." I put the server url in the first line of the BitWarden iOS app options. If I put in the second line, "online vault url", I receive a message of incorrect password or username, but they are the same that work in the windows pc.
 

Gibrus

Byte Poster
NAS
DS412+
OH, sorry, I didn't read closely enough. You don't mention whether you have the router port forwarding port 443 to the LAN address of the Synology. Do you? Also, you'd need an SSL certificate on the synology for the subdomain xxx.synology.com . Do you have that installed?
Yes both the question, thanks. I have a forwarding rule in the router for the 443 port to the Synology, and I have the certificate that include, in the configuration panel, the "xxx.synology.me" url.
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
The message showed is: "There is a problem connecting to the server." I put the server url in the first line of the BitWarden iOS app options. If I put in the second line, "online vault url", I receive a message of incorrect password or username, but they are the same that work in the windows pc.
Are you sure that you are entering your custom URL? By default opening an app and entering username and pass you are authenticating against official BW installation and not your custom one.

Also, are you testing this from inside your LAN or WAN? Are you sure that your router supports access to a FQDN address inside your LAN that terminates again in your LAN? If it's not then that might also be your problem.

To test this does simple access to your FQDN URL works from inside your LAN using your web browser? If it does, then check that you are targeting your mobile app to your custom URL, if its not, then try and access it from outside your LAN.
 

Gibrus

Byte Poster
NAS
DS412+
Are you sure that you are entering your custom URL? By default opening an app and entering username and pass you are authenticating against official BW installation and not your custom one.
Thanks for your help. Yes, in the iOS app I enter my default Synology url “https://xxxx.synolgoy.me, like this:

Istantanea schermo 2019-11-13 (15.13.41).png


and I receive this message:

Istantanea schermo 2019-11-13 (15.16.37).png


Also, are you testing this from inside your LAN or WAN? Are you sure that your router supports access to a FQDN address inside your LAN that terminates again in your LAN? If it's not then that might also be your problem.

To test this does simple access to your FQDN URL works from inside your LAN using your web browser? If it does, then check that you are targeting your mobile app to your custom URL, if its not, then try and access it from outside your LAN.
I‘m trying through a mobile data connection, so outside my LAN, but I always receive an error message. In a computer Windows, using BitWarden Firefox extension, everything goes well.
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
Hm, what happens if you don't enter 443 as port?

Also... do you have that SSL cert imported on your ios device?
 

Gibrus

Byte Poster
NAS
DS412+
Hm, what happens if you don't enter 443 as port?

Also... do you have that SSL cert imported on your ios device?
If I don't enter the 443 port, I receive the same error message, but you got the point! There's something wrong with the Synology certificate and Apple devices. I can reach the BitWarden server via browser without problems, but when I try to do the same thing in Safari for iOS I receive a message of server unavailability.

So I try to manage with the SSL certificate, at least trying with a different URL than the Synology *.me one.

Thanks a lot.
 

Gibrus

Byte Poster
NAS
DS412+
Just a little update. I've solved the BitWarden iOS app issue by updating my certificate, generating a new Let's Encrypt certificate for the domain "xxx.synology.me", and everything just works.
The next step is to use a subdomain like "bitwarden.xxx.synology.me" to be ready for using new service installed in Docker, and this show me the same problem as before. I think @Rusty tutorial Let's Encrypt + Docker = wildcard certs for wildcard certs could help.
 

akahan

Byte Poster
NAS
DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
RT2600ac
You can accomplish this by adding bitwarden.xxx.synology.me to the list of alternate domains covered by your LE cert.
 

Gibrus

Byte Poster
NAS
DS412+
You can accomplish this by adding bitwarden.xxx.synology.me to the list of alternate domains covered by your LE cert.
Interesting, how does it work? I can add the alternate domain in the Synology function Control Panel, Security, Certificate?
 

akahan

Byte Poster
NAS
DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
RT2600ac
When you create the LE certificate, list all the alternate domains you will be using the certificate for in the "subject alternative name" field, separated by semicolons.
 

Gibrus

Byte Poster
NAS
DS412+
When you create the LE certificate, list all the alternate domains you will be using the certificate for in the "subject alternative name" field, separated by semicolons.
So if I understand correctly in case I have created the LE certificate yet for the "xxx.synology.me" domain I can't add other sub domains in it. I have to recreate a new LE certificate and fill in the "subject alternative name" field the "Bitwarden.xxx.synology.me". The problem could be, in case of future need of new subdomain, I need new LE certificates.

Thanks
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
So if I understand correctly in case I have created the LE certificate yet for the "xxx.synology.me" domain I can't add other sub domains in it. I have to recreate a new LE certificate and fill in the "subject alternative name" field the "Bitwarden.xxx.synology.me". The problem could be, in case of future need of new subdomain, I need new LE certificates.

Thanks
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.
 

Gibrus

Byte Poster
NAS
DS412+
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.
Yes, very useful tutorial. Is it possible to avoid (also temporary) the CloudFlare part of the tutorial for the ***.synology.me domain?
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
Yes, very useful tutorial. Is it possible to avoid (also temporary) the CloudFlare part of the tutorial for the ***.synology.me domain?
You can't use CF with Synology root or subdomains. The tutorial is for custom domains only.
 

akahan

Byte Poster
NAS
DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
RT2600ac
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.
You can do as Rusty does with wildcards, OR create a new LE cert that contains the additional subdomains you need. Either approach works.
 

wwwampy

Mega Poster
NAS
DS418play
Router
RT2600ac
Operating system
macOS, Windows
Mobile operating system
iOS
New version

1.13.0
  • Implemented email verification, to disable users until the email is verified you can use SIGNUPS_VERIFY=true, default is false. There are also options to change the options for verification mail resending, check the .env.template file.
  • Also implemented welcome email, change email confirmation and account deletion confirmation.
  • Modified icon parsing to accept favicons using DataURLs
  • Updated dependencies
 

Shoop

Byte Poster
NAS
DS918+
Operating system
Windows
Mobile operating system
Android
Hi all,
I've been using BitwardenRS for a few months now but I can't get the mail notifications to work though I tried many different configurations.
My running image version is 1.13 (latest) on my DS918+ and everything works fine except email notifications.
I tired to set the gmail smtp parameters in the admin panel (the configuration is saved successfully) but when I try to invite a user, no mail is sent.
After checking the logs, il seems like my Bitwarden container is not able to resolve smtp.gmail.com. I have also tried to put the IP instead and I get a timeout.
Checked the config.json and everything seems OK.

I'm kinda lost, I don't know what I did wrong.

(P.S.: Since last update, the webvault is showing an "alert" on the right side asking me to verify my email adress to unlock all the functionalities but pressing "send e-mail" does nothing since it's not able to send mails)

Hope someone here will be able to help me.
Thanks.
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
@Shoop - not sure what to tell you, considering I'm running a private BW instance with no invites options. Will update to the latest version now to test out this "alert" problem.
 

Shoop

Byte Poster
NAS
DS918+
Operating system
Windows
Mobile operating system
Android
@Shoop - not sure what to tell you, considering I'm running a private BW instance with no invites options. Will update to the latest version now to test out this "alert" problem.
Hi,
I'm sharing it with some family members and since I have disabled the ability to register other than with the invite, i may need this functionality to work.
It's not really a big deal but it bothers me :)

Also I'm not sure if it might cause issue in the future for these users if they need to change master password, contact email etc...
 

Rusty

Moderator
NAS Support
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
@Shoop Fair point indeed, regardless of what the needs are. If you have multiple users, email notifications should work.

I can confirm that 1.13 "alert" problem is not visible on my end.

Can I guess that SMTP worked fine for you so far?
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top