Bitwarden + reverse proxy

Hi, I posted this in bitwarden github as an issue, but I think this would be a good place to ask also. Maybe somebody had the same problems I’m having and can help me.

I’m having problems configuring a bitwarden docker behind a reverse apache proxy. I don’t know if the problem is in the proxy config or bitwarden, but there are other services working properly using that proxy.

The configuration is mostly default, I’m using a self signed key against the proxy, and the proxy has a letsencrypt certificate to be connected from outside.

Also, I selected yes when asked if using a reverse proxy in the bitwarden setup script, and I am using 8444 port for ssl, so it’s not the same as proxy port (443).

I get constant 503 errors when browsing bitwarden, redering it unusable. Some times it’s the whole web, other times in scripts, from time to time it works properly.

Here is the vhost config in the proxy:

<VirtualHost *:80>
  ServerName bitwarden.[...]

  ErrorLog ${APACHE_LOG_DIR}/bitwarden.error.log
  CustomLog ${APACHE_LOG_DIR}/bitwarden.access.log combined

  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^bitwarden.[...]
  RewriteRule ^/(.*)$ https://bitwarden.[...]/$1 [L,R=301]
</VirtualHost>
<IfModule mod_ssl.c>
  <VirtualHost *:443>
    ServerName bitwarden.[...]
    #DocumentRoot /var/www/default

    ServerSignature Off

    SSLEngine On
    SSLProxyEngine On
    ProxyVia On
    ProxyRequests Off
    ProxyPass / https://192.168.100.55:8444/
    ProxyPassReverse / https://192.168.100.55:8444/

    ProxyPreserveHost On
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off

    <Proxy *>
      Options FollowSymLinks MultiViews
      AllowOverride All
      Order allow,deny
      allow from all
    </Proxy>

    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/bitwarden.error.log
    CustomLog ${APACHE_LOG_DIR}/bitwarden.access.log combined

    SSLCertificateFile /etc/letsencrypt/live/bitwarden.[...]/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/bitwarden.[...]/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
  </VirtualHost>
</IfModule>
1 Like