It does look like Oracle has a EntityFrameworkCore provider and it even looks like they are keeping it pretty well updated so there is a path towards possibly being able to support it but before I would want to add support for it I will really like to see their source code for the provider be open sourced (maybe it is but I canât find it) so if we run into issues we can possibly even help upstream the fixes and I would want to see that there would be significant usage of such database with Bitwarden.
So in that vain I would say make a full feature request here on the forums and if it has a lot of community support we can look into supporting it in the future.
Dear community and Unified beta developers,
Iâm very happy with the unified docker version. If I would open the site up to the internet, through reverse proxy, everyone could click CREATE ACCOUNT from the login page. As system owner, I would like to be able to grant and deny access to new users.
I know Vaultwarden has a possibility to disable that function, and the self-hosted version can also be configured to disable that.
I havenât been able to find documentation on how to configure this for the Unified Beta; is it even possible?
In the settings.env file you should be able to add the line globalSettings__disableUserRegistration=true to disable user registration. The line might already exist and be commented out.
For future reference, I found the currently available options in the environment settings on github.
I must have overlooked the line containing âdisableUserRegistrationâ somehowâŠ
Thanks, that works like a charm!
Since I use docker run, I added the following line to my command: -e globalSettings__disableUserRegistration=true \
I have set up bitwarden Unified twice (once with nginx/SSL and once with the unmodified docker-compose on port 80) but run into the same problem both times. I get to the login page fine, and click on âNew around here? Create accountâ. I enter all my information as requested and click on âCreate accountâ and⊠nothing. It doesnât act like it is registering the click at all. It changes to a âhandâ icon but there is no link shown when I hover over the âCreate accountâ button. What am I missing? I canât seem to do anything further.
at the risk of sounding like Iâm *******, I read the unified documentation page, and I donât get it. what are the main differences between the standard unix self hosted install I did about a month ago and this new unified install? looks the same, afaik.
In my exoerience:
Difficulty of installation. Number of docker containers (only one, vs multiple in standard), external database like mysql is made possible (mssql docker is created in standard). Possibility to locate data wherever you want (docker volume, vs /opt/bitwarden).
Unified is more for the tech enthusiast. For example, itâs now easier to install it to a Synology server. When I installed the selfhosted version in /opt, the system partition was full, resulting in errors. Thatâs solved by switching to unified. (it may also be possible to move data to volume1 with standard selfhosted script somehow, but I didnât make it that far)
Unified lowers the bar for selfhosting.
Iâve successfully setup up my raspberry pi with bitwarden unified + mariadb.
Two questions:
Is or will sqlite be supported (found nothing in the documentation)?
How do I backup my data (also found nothing in the documentation)?
Do I need to backup the whole /var/lib/docker/âŠ/bitwarden_bitwarden and /âŠ/bitwarden_data?
so for a 2nd grader (a trending way to explain things, lol) more complex to install but compatible with more hardware, and lighter weight? will it be packaged for synology? what I would like to see is an appliance that can be installed on proxmox or other hypervisors, or even better, why not just package it as a cloud optional desktop app like 1Password (where I came from).
Hi, I never really used the old container setup but I now deployed the Unified container.
Using a mysql container on the side.
What I noticed and struggling with is that it seems that the Bitwarden container itself needs internet access to register the server ID and key. And also when creating users and such it wants to connect to e.g. https://identity.bitwarden.com
The âCreate accountâ button hangs and gives an error when isolating the server from internet.
On-prem we would really like to isolate the Bitwarden server to be used on the private network only (we donât need push notifications etc)
Is this possible ?
Hi, like I replied to the original post.
It seems that Bitwarden needs internet access to connect to certain services , like Create account
So your container needs outbound internet access
Thank you for supporting sqlite in the latest 2022.2 release! I moved my implementation from mysql to sqlite, and it works so much easier for small-scale implementations. Backup and recovery works like a charm, too, and is much more resource friendly.
Iâm not sure about Leslieâs suggestion regarding internet access, but in my case I struggled a bit with the problem regarding account creation but when checking with the browser development tools I was able to narrow it down to problems regarding access without https (there are multiple threads discussing that, like this one for instance)
So instead of accessing the application directly, used a reverse proxy Iâve already setup with https support. Just doing that, everything went fine.
First of all thanks everyone in the team for this initiative, last year found out that even being .NetCore there was no image available for ARM (for setting it up on a Rasberry Pi) I thought on start working on that myself⊠When early on February picked up my intentions and found this was happening was a nice surprise (even though it chopped my brilliant idea for contributing).
So after some afternoons spread across a couple of weeks figuring out a few things (several unrelated to Bitwarden itself) I was able to get my unified instance up and running. Being this my first Bitwarden installation, process is not complex but I found two things that can be improved in the official install and deploy guide to ease onboarding:
SSL: both docker and docker compose examples only map port 80 and wrap it up with:
Congratulations! Your unified deployment is now up and running at https://your.domain.com . Visit the web vault in your browser to confirm that itâs working. You may now register a new account and log in.
The fact that SSL is required for the frontend to work properly is not mentioned until you get to the Environment Variables section, halfway the article.
Suggestion: include a list of prerequisites at the beginning of the guide so its easier to make sure you got all needed stuff (also considering whatâs been mentioned in this thread regarding Letsencript integration). I guess having proposed deployment diagrams is not your intention (as there are many ways to achieve this) but might also help.
Email: similar to previous point, email configuration is shown way down in the guide and is not clear whatâs is needed for. Based on my experience you might get away without configuring this at all, but even that is confusing as the application shows the link for sending the email verificatio (for instance) that can be used and process successfully showing green toast even sending email was impossible without the SMTP configured.
Suggestion: clarify which features require SMTP configured properly and explain what would happen if not set.
On top of that I have two feature requests that can be interesting for you to consider:
Support for secrets: nothing is mentioned in the documentation and I wandered a bit through the repository but found nothing that would allow an easy way to setup sensitive pieces of the configuration (like passwords and keys) through docker secrets. Guys from linuxerver.io have several flavours for implementing that in their images, for instance. I will give a try to write myself some kind of hack for this in my stack configuration, but having it in the image itself is gonna be better and safer for everyone.
Handling error when not served over https: right now when Bitwarden web app is loaded through http it seems to be perfect but when you try to use the registration it silently fails. Using browserâs developer console in the end can be seen that a null reference happened:
Cannot read properties of null (reading âimportKeyâ)
Rather than this, it could be clearer for the user setting this up if when loading web application over an http address the app itself shows a warning about this (depending on how affected is the frontend based on the lack of SSL maybe it can fail to load with a harsher message regarding the missing configuration)
Iâm happy to write this in a more formal way in case you find this valuable.
On this topic you can look into the current waitlist for the Bitwarden Secrets manager beta which as I understand should be launching into beta soon.
Though I do not believe this will be supported for self-hosting just yet I would imagine eventually this would be worked in and eventually to the Unified Beta as well.
I wasnât going that far⊠but just having a way to fill the environment variables out of the secrets being injected as files in /run/secrets. So rather than specifying in my compose something like: