@dh024 For sure!
Sorry, but before, I was in a hurry to conclude the activity on the server.
I would have come back to clarify.
I did the following steps:
- I stopped the NGINX service running
systemctl stop nginx
; - I run a fresh installation of bitwarden following the instructions published here, avoiding any request related to the SSL certificates (I remember to have chosen N at any questions);
- After the installation, I started the NGINX again, running
systemctl start nginx
so to come back on the services I have; - I modified the
config.yaml
, changing the ports as follows:
# Docker compose file port mapping for HTTP. Leave empty to remove the port mapping.
# Learn more: https://docs.docker.com/compose/compose-file/#ports
http_port: 127.0.0.1:8089
#
# Docker compose file port mapping for HTTPS. Leave empty to remove the port mapping.
# Learn more: https://docs.docker.com/compose/compose-file/#ports
https_port: 9443
I choose those ports,s but you can decide any other you want; note that you do not have to open those ports because they are in localhost.
5. I created an NGINX file with the following content:
server {
server_name your_domain.com;
location / {
proxy_pass http://127.0.0.1:8089;
}
client_max_body_size 100M;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/your_domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/your_domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = your_domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
- I modified the file
./bwdata/env/global.override.env
adding the information related to my email address and the admin email, and I setglobalSettings__disableUserRegistration=true
to avoid that others can register on my instance. - I run:
./bitwarden.sh restart
./bitwarden.sh rebuild
./bitwarden.sh start
Finally, my instance is online.
I will be happy to receive any comments on the step I did, hoping not to have done anything wrong.
I hope my description could be helpful.