starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-25 17:25:57 +03:00
Code Issues 39 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #735] Not working through Nginx Proxy Manager #497

New issue
Closed
opened 2026-03-03 01:29:54 +03:00 by kerem · 9 comments
kerem commented 2026-03-03 01:29:54 +03:00
Owner
Copy link

Originally created by @ataylor1988 on GitHub (Nov 19, 2019).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/735

I have the bitwarden docker setup in my unraid server. I have several other web facing dockers setup behind the "Nginx Proxy Manager" container without issue. But bitwarden seems to not be working.

I want it to use HTTPS, but maybe http is the only option?

I do not have config files as this proxy is all gui based but here are screens of my settings.
Nothing in the advance, or custom tab

proxy1
proxy2

Originally created by @ataylor1988 on GitHub (Nov 19, 2019). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/735 I have the bitwarden docker setup in my unraid server. I have several other web facing dockers setup behind the "Nginx Proxy Manager" container without issue. But bitwarden seems to not be working. I want it to use HTTPS, but maybe http is the only option? I do not have config files as this proxy is all gui based but here are screens of my settings. Nothing in the advance, or custom tab ![proxy1](https://user-images.githubusercontent.com/31442865/69197095-12b05500-0af6-11ea-993a-0ea3a9b53941.PNG) ![proxy2](https://user-images.githubusercontent.com/31442865/69197099-15ab4580-0af6-11ea-98f5-8b33d66257e2.PNG)
kerem closed this issue 2026-03-03 01:29:54 +03:00
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@dani-garcia commented on GitHub (Nov 20, 2019):

I assume https://192.168.1.22:8343 is the address to access bitwarden_rs? Maybe you need to select http there if you are configuring HTTPS in the proxy and not in bitwarden_rs?

<!-- gh-comment-id:556224520 --> @dani-garcia commented on GitHub (Nov 20, 2019): I assume `https://192.168.1.22:8343` is the address to access bitwarden_rs? Maybe you need to select http there if you are configuring HTTPS in the proxy and not in bitwarden_rs?
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ataylor1988 commented on GitHub (Nov 21, 2019):

I would like to forward it as HTTPS, where do i enable HTTPS in the docker?

<!-- gh-comment-id:556557559 --> @ataylor1988 commented on GitHub (Nov 21, 2019): I would like to forward it as HTTPS, where do i enable HTTPS in the docker?
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ntimo commented on GitHub (Nov 21, 2019):

Take a look at the docs here on how to enable https for the docker container https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-HTTPS

<!-- gh-comment-id:556947477 --> @ntimo commented on GitHub (Nov 21, 2019): Take a look at the docs here on how to enable https for the docker container https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-HTTPS
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ataylor1988 commented on GitHub (Nov 21, 2019):

So the issue with that at least i think, is that you are setting that up inside the docker container, and in my experience that usually means if you update said docker those settings can get removed. Also i would much rather have my reverse proxy docker handle everything to do with the certificates as it does with all my other apps, like nextcloud, and ombi. Is the bitwarden container simply not responding to HTTPS? I would think all the needs to happen is to allow for HTTPS connections, no need to set the SSL cert and so on up directly in the container. Unless there is some intricacy related to bitwardenrs that does not allow this. Other containers such as nextcloud, ombi, organizer, sonarr, radarr, have all worked this way.

<!-- gh-comment-id:557077967 --> @ataylor1988 commented on GitHub (Nov 21, 2019): So the issue with that at least i think, is that you are setting that up inside the docker container, and in my experience that usually means if you update said docker those settings can get removed. Also i would much rather have my reverse proxy docker handle everything to do with the certificates as it does with all my other apps, like nextcloud, and ombi. Is the bitwarden container simply not responding to HTTPS? I would think all the needs to happen is to allow for HTTPS connections, no need to set the SSL cert and so on up directly in the container. Unless there is some intricacy related to bitwardenrs that does not allow this. Other containers such as nextcloud, ombi, organizer, sonarr, radarr, have all worked this way.
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ntimo commented on GitHub (Nov 21, 2019):

If you send a https request to a http endpoint this is not going to work. Therefore you will need to configure bitwarden_rs to use https as explained in the docs.

<!-- gh-comment-id:557090221 --> @ntimo commented on GitHub (Nov 21, 2019): If you send a https request to a http endpoint this is not going to work. Therefore you will need to configure bitwarden_rs to use https as explained in the docs.
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ataylor1988 commented on GitHub (Nov 21, 2019):

Yes, but the docs you linked are setting up a cert and everything. I would prefer to not manage the cert inside the container. I would rather my docker container that is build and dedicated to handling certs, and outside access to handle it. I just need the bitwardenrs container to allow connections of 443. Do not need to setup a cert and all that inside its container.

<!-- gh-comment-id:557220099 --> @ataylor1988 commented on GitHub (Nov 21, 2019): Yes, but the docs you linked are setting up a cert and everything. I would prefer to not manage the cert inside the container. I would rather my docker container that is build and dedicated to handling certs, and outside access to handle it. I just need the bitwardenrs container to allow connections of 443. Do not need to setup a cert and all that inside its container.
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@dani-garcia commented on GitHub (Nov 21, 2019):

Well if you want to use HTTPS between the proxy and bitwarden_rs you need certificates, either proper ones or self signed.

There isn't much benefit to running self signed certificates compared to just using HTTP, unless the proxy allows certificate pinning, that's why we are recomending either to set up the certificates in the container, or to just use HTTP behind the proxy.

<!-- gh-comment-id:557221626 --> @dani-garcia commented on GitHub (Nov 21, 2019): Well if you want to use HTTPS between the proxy and bitwarden_rs you need certificates, either proper ones or self signed. There isn't much benefit to running self signed certificates compared to just using HTTP, unless the proxy allows certificate pinning, that's why we are recomending either to set up the certificates in the container, or to just use HTTP behind the proxy.
kerem commented 2026-03-03 01:29:55 +03:00
Author
Owner
Copy link

@ataylor1988 commented on GitHub (Nov 21, 2019):

So then how do all my other containers just work with HTTPS, without doing setup inside the conainter? Ombi, Nextcloud, and a few others are setup just like the screen shots above with their ports. I did not have to do any certificate setup on those, just pointed the proxy at them.

Maybe a feature request for just having bitwardenrs listen on 443 to facilitate this is needed. This would make a proper https setup much easier for people uncomfortable with docker commands and linux command line. Not saying im not, i have done plenty, but this would make hosting your own bitwarden way easier for not so technical people.

<!-- gh-comment-id:557223022 --> @ataylor1988 commented on GitHub (Nov 21, 2019): So then how do all my other containers just work with HTTPS, without doing setup inside the conainter? Ombi, Nextcloud, and a few others are setup just like the screen shots above with their ports. I did not have to do any certificate setup on those, just pointed the proxy at them. Maybe a feature request for just having bitwardenrs listen on 443 to facilitate this is needed. This would make a proper https setup much easier for people uncomfortable with docker commands and linux command line. Not saying im not, i have done plenty, but this would make hosting your own bitwarden way easier for not so technical people.
kerem commented 2026-03-03 01:29:56 +03:00
Author
Owner
Copy link

@dani-garcia commented on GitHub (Nov 21, 2019):

I assume those other services use self signed certificates, which is barely more secure than HTTP, that's why I don't want to add that functionality.

You can still point the proxy to bitwarden_rs directly, just use HTTP, which should be perfectly safe as long as the network behind the proxy is safe.

If you still want to create a self signed certificate, you can use something like this to generate it, and then use the wiki page above to set it up:

openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out certs.pem -days 365
<!-- gh-comment-id:557227776 --> @dani-garcia commented on GitHub (Nov 21, 2019): I assume those other services use self signed certificates, which is barely more secure than HTTP, that's why I don't want to add that functionality. You can still point the proxy to bitwarden_rs directly, just use HTTP, which should be perfectly safe as long as the network behind the proxy is safe. If you still want to create a self signed certificate, you can use something like this to generate it, and then use the wiki page above to set it up: ``` openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out certs.pem -days 365 ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
revert-7033-patch-1
cached-config-operations
test_dylint
1.35.7
1.35.6
1.35.5
1.35.4
1.35.3
1.35.2
1.35.1
1.35.0
1.34.3
1.34.2
1.34.1
1.34.0
1.33.2
1.33.1
1.33.0
1.32.7
1.32.6
1.32.5
1.32.4
1.32.3
1.32.2
1.32.1
1.32.0
1.31.0
1.30.5
1.30.4
1.30.3
1.30.2
1.30.1
1.30.0
1.29.2
1.29.1
1.29.0
1.28.1
1.28.0
1.27.0
1.26.0
1.25.2
1.25.1
1.25.0
1.24.0
1.23.1
1.23.0
1.22.2
1.22.1
1.22.0
1.21.0
1.20.0
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.1
1.15.0
1.14.2
1.14.1
1.14
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.1
1.9.0
1.8.0
1.7.0
1.6.1
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.13.0
0.12.0
0.11.0
0.10.0
0.9.0
Labels
Clear labels   
SSO

   
Third party

   
better for forum

   
bug

   
bug

   
documentation

   
duplicate

   
enhancement

   
future Vault

   
future Vault

   
future Vault

   
good first issue

   
help wanted

   
low priority

   
notes

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
troubleshooting

   
wontfix
No labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
question
troubleshooting
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/vaultwarden#497
No description provided.