Hi!
I want to install Bitwaself-hosted, but after running ./bitwarden.sh install I received the following error:
docker: Error response from daemon: driver failed programming external connectivity on endpoint certbot (b9b17fe72efe89025dc7921f8cabe29e2923d8b09460b8bd6edc4e46a79321dc): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use.
Port 80 is already in use, and I should modify the ports before running the installer, but I don’t know how because I see only the file uid.env under /opt/bitwarden/bwdata/env/
You can disable Certbot by reinstalling and choosing to NOT use Certbot for an ssl cert (use a self-signed cert instead), or obtain your own CA cert instead, or you can run a reverse proxy to manage the ports. Not my area of expertise though.
Thank you.
It’s not clear to me what the Bitwarden configuration is.
Once installed to set a reverse proxy, must I change values into config.yml, or have I set up an nginx file external to bitwarden?
Glad to hear that, @nicfab. If you would be willing to share how you fixed the issue, I suspect that some future reader would really benefit from that. Thanks!
Sorry, but before, I was in a hurry to conclude the activity on the server.
I would have come back to clarify.
I did the following steps:
I stopped the NGINX service running systemctl stop nginx;
I run a fresh installation of bitwarden following the instructions published here, avoiding any request related to the SSL certificates (I remember to have chosen N at any questions);
After the installation, I started the NGINX again, running systemctl start nginx so to come back on the services I have;
I modified the config.yaml, changing the ports as follows:
# Docker compose file port mapping for HTTP. Leave empty to remove the port mapping.
# Learn more: https://docs.docker.com/compose/compose-file/#ports
http_port: 127.0.0.1:8089
#
# Docker compose file port mapping for HTTPS. Leave empty to remove the port mapping.
# Learn more: https://docs.docker.com/compose/compose-file/#ports
https_port: 9443
I choose those ports,s but you can decide any other you want; note that you do not have to open those ports because they are in localhost.
5. I created an NGINX file with the following content:
server {
server_name your_domain.com;
location / {
proxy_pass http://127.0.0.1:8089;
}
client_max_body_size 100M;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/your_domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/your_domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = your_domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
I modified the file ./bwdata/env/global.override.env adding the information related to my email address and the admin email, and I set globalSettings__disableUserRegistration=true to avoid that others can register on my instance.
I run:
./bitwarden.sh restart
./bitwarden.sh rebuild
./bitwarden.sh start
Finally, my instance is online.
I will be happy to receive any comments on the step I did, hoping not to have done anything wrong.