I tried to switch my self hosted domain from bw.nd.online to bitwarden.nd.online but after that (following all the instructions) the server gives me a 504 Gateway Timeout.
Here is what I have done so far:
- I added the CNAME bitwarden into the DNS of my domain
- I set up NPM+ with port forwarding bitwarden.nanotekdynamic.online to my bitwarden server
- I modified the config.yml, global.override.env and the ngxing default.conf and replaced all bw.nd.online to bitwarden.nd.online
- I rebuild and restartet bitwarden
- Gateway Timeout while trying to access the server
Here my config.yml:
url: https://bitwarden.nd.online
generate_compose_config: true
generate_nginx_config: true
http_port: 80
https_port: 443
ssl: true
ssl_versions:
ssl_ciphersuites:
ssl_managed_lets_encrypt: false
ssl_certificate_path: /etc/ssl/bitwarden.ndonline/certificate.crt
ssl_key_path: /etc/ssl/bitwarden.nd.online/private.key
ssl_ca_path:
ssl_diffie_hellman_path: /etc/ssl/bitwarden.ndonline/dhparam.pem
nginx_header_content_security_policy:
push_notifications: true
database_docker_volume: false
real_ips:
enable_key_connector: false
enable_scim: false
enable_built_in_ms_sql: true
Here my global.override.env:
globalSettings__baseServiceUri__vault=https://bitwarden.ndonline
Here a part of the nginx config:
server {
listen 8080 default_server;
listen [::]:8080 default_server;
server_name bitwarden.nd.online;
return 301 https://bitwarden.nd.online$request_uri;
}
server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
server_name bitwarden.nd.online;
ssl_certificate /etc/ssl/bitwarden.nd.online/certificate.crt;
ssl_certificate_key /etc/ssl/bitwarden.nd.online/private.key;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:20m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /etc/ssl/bitwarden.nd.online/dhparam.pem;
For better understanding: I have nginx proxy manger + in front of bitwarden with a wildcard lets encrypt certificate for my domain nanotekdynamic.online.
In addition, I added a lets encrypt inside bitwarden with a DNS challenge and my cloudflare API key. There is a script that copies the folder /etc/letsencrypt/live/ to /opt/bitwarden/bwdate/ssl with each renewal.
It was working fine with my old domain bw.nanotekdynamic.online.
I requested a new certificate for bitwarden.nanotekdynamic.online, copied it to /opt/bitwarden/bwdata/ssl and changed the config.yml.
I mean its not that hard to set it from “bw” to “bitwarden” and yet it’s not working.
I restarted, rebuilt, updated, pulled and composed everything in all orders. The script always says, that bitwarden is running and shows me the domain. But always a 504 error. And after returning to my old domain, still a 504 error.
I followed this manual here: Certificate Options | Bitwarden
Why do I get a 504 Gateway Timeout? I replaced all domains in the config files, I searched in every visible file and folder and double checked everything. What am I missing?