I’ve very recently done the same thing and found it works really well. I believe from memory, that you need to edit ./bwdata/config.yml
, setting the ssl:
option to false. I’m not sure if you also need to set ssl_managed_lets_encrypt: false
(I would assume that ssl: false
probably has the highest priority), but it won’t do any harm. You can also clear out the ssl_*_path:
settings and ssl_diffie_hellman_path:
setting. Once you’re happy with the settings, just run ./bitwarden.sh rebuild
. That should reconfigure the docker containers to work without ssl. Then restart the Docker containers with ./bitwarden.sh start
.
The above is from memory, (so hoping it’s accurate), as I subsequently installed self-signed certificates and I am proxy_pass
'ing on my network from the reverse proxy to Bitwarden using https. It’s probably a bit of an overkill, as my reverse proxy handles the incoming https, but it won’t do any harm and works flawlessly.
I also installed Nextcloud on the same PC as Bitwarden. Each have different https domain names (bw.mydomain.net and nc.mydomain.net) on the internet side and they each get proxy_pass
'ed on different ports to the correct Bitwarden/Nextcloud service. It now means I only have one Lets Encrypt certificate to renew on my reverse proxy server, instead of having to juggle with port forwarding on my router to renew the separate Bitwarden and Nextcloud Lets Encrypt certs.
Hope this helps you, but feel free to ask any questions, and I’ll try to help out.