cksapp
June 22, 2022, 5:59pm
4
The manual install may give you more flexibility but as mentioned does have a bit more nuance to it.
I found this open source project looking for alternatives to commercial implementations (currently LastPass). And that the project owners have a Docker deployment model for self-hosting.
On my Docker install, I currently use the jwilder\nginx-proxy reverse proxy with the companion letsencrypt-nginx-proxy container for automated Lets Encrypt certificate management. All I need to do is supply an extra Environment Variable (“VIRTUAL_HOST”) to the web server container of any solution.
This page ha…
I’m running the full Bitwarden stack via Docker, including the Nginx webserver. It uses almost no resources (especially compared to the MSSQL database), so I see no point in disabling it.
I changed the ports in bwdata/config.yml to 8̶0̶8̶0̶ 4480 and 4443 according to the FAQ:
These two ports are only exposed to localhost and not reachable from the outside.
My Apache then passes all HTTPS requests from the outside to the Bitwarden Nginx like this:
ProxyPass / http://127.0.0.1:4480/
…
EDIT: Checking further this may be something that is specific to the FIDO2 auth, as others have had a similar problem.
Hi everyone.
I self-host Bitwarden. I recently wanted to put it behind my nginx reverse proxy, as I run various other services behind it and wanted to manage them all centrally.
I did set up nginx successfully, but Bitwarden’s original URL still works. I tried to change it in global.override.env but that seems to break BW completely.
The current setup is fine for me, however it has also broken WebAuthn - I can’t use my key to login any more (I have other 2FA set up so I have not lost access). …
So hopefully double checking the settings can help, otherwise perhaps the manual install may be needed for your own nginx reverse proxy and webauthn to function.