Vaultwarden doesn't work with DSM 7

Currently reading
Vaultwarden doesn't work with DSM 7

5
0
NAS
DS920+
Operating system
  1. Linux
  2. Windows
Mobile operating system
  1. iOS
Last edited:
Hi,
i'm trying to setup VaultWarden, but it doesn't work. i can only acces over http, not over https. constantly connection time out or connection closed.
i've setup the ports, created reverse proxy, added a separate certificate, can't seem to get it fixed.
can someone help me or point me in the right direction?

1.JPG


2.png


3.png


4.JPG


thx
 
You have to use https://vaultwarden.YOURDDNS.synology.me in order for the reverse proxy to identify the request. Also, check that the new certificate has been assigned to this specific reverse proxy hostname (in Control Panel).

If you want to access using the NAS LAN IP then it's only going to work for HTTP to port 8880.
 
The only RP difference with my set-up is that I have HSTS enabled, and I use the NAS IP instead of "localhost" (this latter thing as nearly always caused me difficulty).
 
The last screenshot is kind of puzzling...

You try to access the publised local port of the vaultwarden container on the nas-ip:local-port via https - which can not work unless you enabled tls inside vaultwarden (which you try to delegate to the reverse proxy instead).

It is how fredbert wrote: you need to use the "Hostname" that you configured in the reverse proxy's source area..
 
When you use your YOURDDNS.synology.me or any other SUB.YOURDDNS.synology.me to access the NAS from the LAN does it work? If not then it could be that your Internet router doesn't support NAT loopback.

You do have a port forwarding (NAT) rule in the Internet router to send all TCP 443 requests to the NAS?
 
that's it: even internal i can't reach it. i now have modified my windows host file to redirect it and now it works. is there a way to counter that with the synology or not?
 
You can investigate if your router supports NAT loopback (i.e. if the DNS resolution is to the router's Internet/WAN IP then it NAT's it back to the LAN device, as per prot forwarding rules). Otherwise it's a bit more tricky unless you manually edit you host file, and keep a note to remind yourself. I run DNS Server on the NAS and use if for all my LAN devices: it resolves my personal domain to LAN IPs, everything else it will go and get the Internet IP.
 
You can investigate if your router supports NAT loopback (i.e. if the DNS resolution is to the router's Internet/WAN IP then it NAT's it back to the LAN device, as per prot forwarding rules). Otherwise it's a bit more tricky unless you manually edit you host file, and keep a note to remind yourself. I run DNS Server on the NAS and use if for all my LAN devices: it resolves my personal domain to LAN IPs, everything else it will go and get the Internet IP.
think i'll need to fix it with a DNS server as well, router doesn't support NAT loopback. Now i'm trying to connect on my iPhone app of Bitwarden to connect: get an SSL error: on local network as on 4G. any idea how to fix that?
 
think i'll need to fix it with a DNS server as well, router doesn't support NAT loopback. Now i'm trying to connect on my iPhone app of Bitwarden to connect: get an SSL error: on local network as on 4G. any idea how to fix that?
This would suggest that your BW instance is not working at all (if you can’t get to it locally).

Have you configured the DOMAIN variable with your public domain name? If so and if your 443 port is forwarded then access from the outside should work.

Also make sure that if you are using the official app, to use the gear icon and set the client to your domain. If you don’t, then the client will want to connect to BW official instance.
 
This would suggest that your BW instance is not working at all (if you can’t get to it locally).

Have you configured the DOMAIN variable with your public domain name? If so and if your 443 port is forwarded then access from the outside should work.

Also make sure that if you are using the official app, to use the gear icon and set the client to your domain. If you don’t, then the client will want to connect to BW official instance.

On the Syno it works now, i can access it. where do i need to change the DOMAIN variable? port 443 is forwarded.
 
where do i need to change the DOMAIN variable
Depends on how you have set this up. If you have used the Synology DSM Docker UI, then edit the container and go to the Environment tab and add the DOMAIN as a variable and your public URL as its VALUE.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Sorry, I read your post late. You already did it. Thanks,
Replies
3
Views
981
Yeah, apols fellas/ladies. Busy week. Need to focus on work. I figure this is going take the application...
Replies
54
Views
3,377

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top