BitWarden - self hosted password manager using vaultwarden/server image

Docker BitWarden - self hosted password manager using vaultwarden/server image

Currently reading
Docker BitWarden - self hosted password manager using vaultwarden/server image

@Gibrus what exact error do you get?

The message showed is: "There is a problem connecting to the server." I put the server url in the first line of the BitWarden iOS app options. If I put in the second line, "online vault url", I receive a message of incorrect password or username, but they are the same that work in the windows pc.
 
OH, sorry, I didn't read closely enough. You don't mention whether you have the router port forwarding port 443 to the LAN address of the Synology. Do you? Also, you'd need an SSL certificate on the synology for the subdomain xxx.synology.com . Do you have that installed?

Yes both the question, thanks. I have a forwarding rule in the router for the 443 port to the Synology, and I have the certificate that include, in the configuration panel, the "xxx.synology.me" url.
 
The message showed is: "There is a problem connecting to the server." I put the server url in the first line of the BitWarden iOS app options. If I put in the second line, "online vault url", I receive a message of incorrect password or username, but they are the same that work in the windows pc.
Are you sure that you are entering your custom URL? By default opening an app and entering username and pass you are authenticating against official BW installation and not your custom one.

Also, are you testing this from inside your LAN or WAN? Are you sure that your router supports access to a FQDN address inside your LAN that terminates again in your LAN? If it's not then that might also be your problem.

To test this does simple access to your FQDN URL works from inside your LAN using your web browser? If it does, then check that you are targeting your mobile app to your custom URL, if its not, then try and access it from outside your LAN.
 
Are you sure that you are entering your custom URL? By default opening an app and entering username and pass you are authenticating against official BW installation and not your custom one.

Thanks for your help. Yes, in the iOS app I enter my default Synology url “https://xxxx.synolgoy.me, like this:

Istantanea schermo 2019-11-13 (15.13.41).png


and I receive this message:

Istantanea schermo 2019-11-13 (15.16.37).png


Also, are you testing this from inside your LAN or WAN? Are you sure that your router supports access to a FQDN address inside your LAN that terminates again in your LAN? If it's not then that might also be your problem.

To test this does simple access to your FQDN URL works from inside your LAN using your web browser? If it does, then check that you are targeting your mobile app to your custom URL, if its not, then try and access it from outside your LAN.

I‘m trying through a mobile data connection, so outside my LAN, but I always receive an error message. In a computer Windows, using BitWarden Firefox extension, everything goes well.
 
Hm, what happens if you don't enter 443 as port?

Also... do you have that SSL cert imported on your ios device?

If I don't enter the 443 port, I receive the same error message, but you got the point! There's something wrong with the Synology certificate and Apple devices. I can reach the BitWarden server via browser without problems, but when I try to do the same thing in Safari for iOS I receive a message of server unavailability.

So I try to manage with the SSL certificate, at least trying with a different URL than the Synology *.me one.

Thanks a lot.
 
Just a little update. I've solved the BitWarden iOS app issue by updating my certificate, generating a new Let's Encrypt certificate for the domain "xxx.synology.me", and everything just works.
The next step is to use a subdomain like "bitwarden.xxx.synology.me" to be ready for using new service installed in Docker, and this show me the same problem as before. I think @Rusty tutorial Let's Encrypt + Docker = wildcard certs for wildcard certs could help.
 
When you create the LE certificate, list all the alternate domains you will be using the certificate for in the "subject alternative name" field, separated by semicolons.

So if I understand correctly in case I have created the LE certificate yet for the "xxx.synology.me" domain I can't add other sub domains in it. I have to recreate a new LE certificate and fill in the "subject alternative name" field the "Bitwarden.xxx.synology.me". The problem could be, in case of future need of new subdomain, I need new LE certificates.

Thanks
 
So if I understand correctly in case I have created the LE certificate yet for the "xxx.synology.me" domain I can't add other sub domains in it. I have to recreate a new LE certificate and fill in the "subject alternative name" field the "Bitwarden.xxx.synology.me". The problem could be, in case of future need of new subdomain, I need new LE certificates.

Thanks
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.
 
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.

Yes, very useful tutorial. Is it possible to avoid (also temporary) the CloudFlare part of the tutorial for the ***.synology.me domain?
 
Yes, very useful tutorial. Is it possible to avoid (also temporary) the CloudFlare part of the tutorial for the ***.synology.me domain?
You can't use CF with Synology root or subdomains. The tutorial is for custom domains only.
 
This is correct. The reason why I use LE wildcard cert (*.yourdomain.something). This way I don't have to worry about using subdomain names in the future.

You can do as Rusty does with wildcards, OR create a new LE cert that contains the additional subdomains you need. Either approach works.
 
New version

1.13.0
  • Implemented email verification, to disable users until the email is verified you can use SIGNUPS_VERIFY=true, default is false. There are also options to change the options for verification mail resending, check the .env.template file.
  • Also implemented welcome email, change email confirmation and account deletion confirmation.
  • Modified icon parsing to accept favicons using DataURLs
  • Updated dependencies
 
Hi all,
I've been using BitwardenRS for a few months now but I can't get the mail notifications to work though I tried many different configurations.
My running image version is 1.13 (latest) on my DS918+ and everything works fine except email notifications.
I tired to set the gmail smtp parameters in the admin panel (the configuration is saved successfully) but when I try to invite a user, no mail is sent.
After checking the logs, il seems like my Bitwarden container is not able to resolve smtp.gmail.com. I have also tried to put the IP instead and I get a timeout.
Checked the config.json and everything seems OK.

I'm kinda lost, I don't know what I did wrong.

(P.S.: Since last update, the webvault is showing an "alert" on the right side asking me to verify my email adress to unlock all the functionalities but pressing "send e-mail" does nothing since it's not able to send mails)

Hope someone here will be able to help me.
Thanks.
 
@Shoop - not sure what to tell you, considering I'm running a private BW instance with no invites options. Will update to the latest version now to test out this "alert" problem.

Hi,
I'm sharing it with some family members and since I have disabled the ability to register other than with the invite, i may need this functionality to work.
It's not really a big deal but it bothers me :)

Also I'm not sure if it might cause issue in the future for these users if they need to change master password, contact email etc...
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top