I wish there was something official to set this up and my brain is at a breaking point.
I’m using the self hosted install process of Bitwarden.
I have setup my Traefik2 / Portainer using this as a guide:
And trying to use this old thread on how to configure Bitwarden and I’m running into problems.
I can see the entry in the Traefik dashboard, but it keeps giving me “Bad Gateway - openresty” when trying to use my bitwarden domain.
Any Ideas? Bitwarden PLEASE make a guide how to set this up.
laurent78
(laurent)
November 5, 2022, 4:45pm
2
Hello,
in config.yml turn off ssl and ssl_managed_lets_encrypt like this
Configure Nginx for SSL.
ssl: false
Installation uses a managed Let’s Encrypt certificate.
ssl_managed_lets_encrypt: false
create a docker-compose.override.yml in same repository where is docker-compose.yml and put this
version: ‘3.7’
services:
nginx:
labels:
- “traefik.enable=true”
- “traefik.docker.network=yourtraefiknetwork”
- “traefik.http.routers.nginx.rule=Host(yourdomain
)”
- “traefik.http.routers.nginx.entrypoints=web,web-secure”
- “traefik.http.routers.nginx.tls=true”
- “traefik.http.routers.nginx.tls.certresolver=yourresolver”
- “traefik.http.services.nginx-docker.loadbalancer.server.port=yourcontenairport”
networks:
- yourtraefiknetwork
networks:
yourtraefiknetwork:
external: true
paco
September 29, 2023, 7:22am
3
I had my bitwarden set up break recently and had to make a few changes. Namely, adding my traefik reverse proxy network into bitwarden docker’s ‘web’ service.
My setup is very similar to the link above. I am using traefik 2 with wild card certificates and cloudflare.
docker-compose.override.yml
file to be placed alongside the generated docker-compose.yml
version: '3'
services:
web:
networks:
- yourtraefiknetwork
nginx:
networks:
- default
- public
- yourtraefiknetwork
labels:
traefik.enable: "true"
traefik.http.routers.nginx-bw.entrypoints: "web"
traefik.http.routers.nginx-bw.rule: "Host(`yourdomain`)"
traefik.http.middlewares.nginx-bw-https-redirect.redirectscheme.scheme: "https"
traefik.http.routers.nginx-bw.middlewares: "nginx-bw-https-redirect"
traefik.http.routers.nginx-bw-secure.entrypoints: "websecure"
traefik.http.routers.nginx-bw-secure.rule: "Host(`yourdomain`)"
traefik.http.routers.nginx-bw-secure.tls: "true"
traefik.http.routers.nginx-bw-secure.service: "nginx-bw"
traefik.http.services.nginx-bw.loadbalancer.server.port: "8080"
traefik.docker.network: "yourtraefiknetwork"
networks:
default:
internal: true
public:
internal: false
yourtraefiknetwork:
external: true
notes/assistance on this docker compose override:
yourtraefiknetwork = ‘proxy’ for me
load balancer port default is 8080. you can check this is right for you by noting the bitwarden-nginx container ports using ‘docker ps’
yourdomain = ‘bitwarden.example.com ’ for example
my ‘web’ and ‘websecure’ may be ‘http’ and ‘https’ respectively on your traefik setup (or anything else)
i use ‘nginx-bw’ as my service name. you may use ‘nginx’ or whatever you’d like
configure ‘config.yml’
likely you’ll also disable ssl related config options as @laurent78 mentioned in the previous reply
if you need to debug further you can use traefik’s web ui and refer to the generated docker-compose.yml. check firewalls and/or port forwarding as well.