starred/vaultwarden

Fork 0

mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-25 17:25:57 +03:00

[GH-ISSUE #1441] Non-editable config overriden when using admin page #962

New issue

Closed

opened 2026-03-03 02:05:03 +03:00 by kerem · 4 comments

kerem commented

2026-03-03 02:05:03 +03:00

Owner

Originally created by @nbdd0121 on GitHub (Feb 26, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1441

Subject of the issue

If non-editable configs are specified in config.json, it will be lost when configs are saved in the admin page (which, in a sense, made them editable).

Your environment

Bitwarden_rs version: 1.19.0

Install method: Docker image
Clients used: Web
Reverse proxy and version: nginx/1.17.3
Version of mysql/postgresql: N/A

Steps to reproduce

Add some non-editable configs in config.json, e.g. websocket_enabled.
Start bitwarden_rs, open admin page, save.

Expected behaviour

Non-editable configs stay in config.json.

Actual behaviour

Non-editable configs are gone in config.json.

Originally created by @nbdd0121 on GitHub (Feb 26, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1441   ### Subject of the issue If non-editable configs are specified in config.json, it will be lost when configs are saved in the admin page (which, in a sense, made them editable). ### Your environment   * Bitwarden_rs version: 1.19.0  * Install method: Docker image * Clients used: Web * Reverse proxy and version: nginx/1.17.3 * Version of mysql/postgresql: N/A ### Steps to reproduce  1. Add some non-editable configs in config.json, e.g. websocket_enabled. 2. Start bitwarden_rs, open admin page, save. ### Expected behaviour  Non-editable configs stay in config.json. ### Actual behaviour  Non-editable configs are gone in config.json.

kerem

2026-03-03 02:05:03 +03:00

closed this issue
added the
documentation
label

kerem commented

2026-03-03 02:05:04 +03:00

Author

Owner

@BlackDex commented on GitHub (Feb 26, 2021):

I'm not following you.
If you add a non-editable manually to the config.json you find it strange that it disappears after you press save??

That sounds illogical, because, they are non-editable they should disappear and only able to work via export .env or -e.

@BlackDex commented on GitHub (Feb 26, 2021): I'm not following you. If you add a non-editable manually to the config.json you find it strange that it disappears after you press save?? That sounds illogical, because, they are non-editable they should disappear and only able to work via `export` `.env` or `-e`.

kerem commented

2026-03-03 02:05:04 +03:00

Author

Owner

@nbdd0121 commented on GitHub (Feb 26, 2021):

The wiki page makes it sound like the two methods are equivalent (with config.json taking priority) and does not mention about non-editable configs at all (I only know that certain things are non-editable by peeking into config.rs).

In bitwarden_rs, you can perform configuration either via environment variables or an admin page (which writes settings to a config.json file under your data directory). It's important to note that each setting in config.json overrides the corresponding environment variable setting (if it exists). For example, if you set the environment variable DOMAIN=https://bitwarden.example.com, but your config.json includes "domain": "https://bw.example.com", then bitwarden_rs will generate various links based on what's in the config file (https://bw.example.com).

A common source of confusion is enabling the admin page (which creates the config.json file), changing some settings via the admin page (which sets the corresponding values in config.json), then later trying to change those settings via environment variable (which doesn't work because config.json overrides env vars). To avoid this confusion, it's highly recommended to stick to one configuration method or the other; that is, configure entirely via environment variables, or entirely via config.json (whether using the admin page or editing config.json directly).

Since I would like to make some changes using config.json, by following the recommendation of that wiki page I had all my configurations entirely in config.json and does not set any environment variables. (Personally I would also prefer to use a single config.json because that way all my config is in one place).

I think it is reasonable to expect from the wiki's wording that admin page keeps non-editable configs intact.

@nbdd0121 commented on GitHub (Feb 26, 2021): The wiki page makes it sound like the two methods are equivalent (with config.json taking priority) and does not mention about non-editable configs at all (I only know that certain things are non-editable by peeking into config.rs). > In bitwarden_rs, you can perform configuration either via environment variables or an admin page (which writes settings to a config.json file under your data directory). It's important to note that each setting in config.json overrides the corresponding environment variable setting (if it exists). For example, if you set the environment variable DOMAIN=https://bitwarden.example.com, but your config.json includes "domain": "https://bw.example.com", then bitwarden_rs will generate various links based on what's in the config file (https://bw.example.com). > > A common source of confusion is enabling the admin page (which creates the config.json file), changing some settings via the admin page (which sets the corresponding values in config.json), then later trying to change those settings via environment variable (which doesn't work because config.json overrides env vars). To avoid this confusion, it's highly recommended to stick to one configuration method or the other; that is, configure entirely via environment variables, or entirely via config.json (whether using the admin page or editing config.json directly). Since I would like to make some changes using config.json, by following the recommendation of that wiki page I had all my configurations entirely in config.json and does not set any environment variables. (Personally I would also prefer to use a single config.json because that way all my config is in one place). I think it is reasonable to expect from the wiki's wording that admin page keeps non-editable configs intact.

kerem commented

2026-03-03 02:05:04 +03:00

Author

Owner

@jjlin commented on GitHub (Feb 26, 2021):

My mistake for not clarifying which config items aren't editable via config.json. I'll update the wiki later to mention that read-only config can only be set via environment variable.

@jjlin commented on GitHub (Feb 26, 2021): My mistake for not clarifying which config items aren't editable via config.json. I'll update the wiki later to mention that read-only config can only be set via environment variable.

kerem commented

2026-03-03 02:05:04 +03:00

Author

Owner

@BlackDex commented on GitHub (Feb 26, 2021):

As a side note, if you want to have a single file use the .env file either via docker-compose, or mount that file via -v /path/to/env-file:/.env
Though for changing those settings you need to restart bitwarden.

Also, if you modify the config.json file it will always loose it's contents of you keep bitwarden runnen and press the save button. Because it doesn't reload/re-read that file. It only rewards it during startup and writes during save.

@BlackDex commented on GitHub (Feb 26, 2021): As a side note, if you want to have a single file use the .env file either via docker-compose, or mount that file via `-v /path/to/env-file:/.env` Though for changing those settings you need to restart bitwarden. Also, if you modify the config.json file it will always loose it's contents of you keep bitwarden runnen and press the save button. Because it doesn't reload/re-read that file. It only rewards it during startup and writes during save.