I’m new to self-hosting, and I’m trying to get things set up. I’m not an IT employee or anything, I’m not deploying stuff to multiple users, and I don’t need to manage tons of accounts. I’m just a nerd with a server in my apartment and I want to learn how to host things on the internet.
That being said: I’ve installed Bitwarden on my Debian server. I followed all the instructions on Install and Deploy - Linux | Bitwarden Help & Support. This included buying a domain name (From Namecheap), associating its DNS record to my IP address, etc. I now have a working installation, and I’m happy about that!
Now, if I go to my domain
example.com, I am greeted with the Bitwarden main login page. The next thing I’d like to do is put the Bitwarden page in a subdomain. I want
example.com to go to my personal website (which I’m writing myself in pure HTML/CSS, rather than using Wordpress or similar - I think it’s fun to learn to do things myself). Then, to access my Bitwarden instance, I would use
bw.example.com. I stress that I am running this all on a single Debian server. This creates a conflict, since Bitwarden wants to use port 80 to serve everything, but I want to also host my generic webpage, which would also use port 80. My understanding is that this is where a reverse proxy comes in. Traffic for
bw.example.com would be directed to the Bitwarden Docker container, while
example.com would go to the main web page. I found that Nginx Proxy Manager is an option people often use (and, from my understanding, the main Bitwarden already uses Nginx?). What I’m struggling with is configuring this. My understanding is that the idea would be for Nginx to be the only thing operating on the main 80 and 443 ports, and it would direct traffic to Bitwarden on a different port, but only if that traffic is looking for
bw.example.com. So I went into Bitwarden’s bwdata/config.yml and changed
http_port to 800, and
https_port to 444. Then I ran
bitwarden.sh rebuild, to make it pull in those changes. My next step was to figure out how to get Nginx to associate to those ports.
However, after rebuilding I went to do
bitwarden.sh start and I get:
Open source password management solutions Copyright 2015-2022, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 1.47.1 Docker version 20.10.14, build a224086 docker-compose version 1.29.2, build 5becea4c Pulling mssql ... done Pulling web ... done Pulling attachments ... done Pulling api ... done Pulling identity ... done Pulling sso ... done Pulling admin ... done Pulling icons ... done Pulling notifications ... done Pulling events ... done Pulling nginx ... done Using default tag: latest latest: Pulling from certbot/certbot Digest: sha256:d13d98ebf10c37e864da33f89585dfc712185fca0b6740d956106f64d467ee6a Status: Image is up to date for certbot/certbot:latest docker.io/certbot/certbot:latest docker: Error response from daemon: driver failed programming external connectivity on endpoint certbot (e7ad08a13667cf96d3dd2823ea9c7e089020e3c16e79c8514c91d89680e41f2e): Bind for 0.0.0.0:443 failed: port is already allocated.
So what I see is that it’s still trying to bind 443, even though I changed
https_port to 444 instead. This means I can’t properly launch Bitwarden. I might be totally going about this the wrong way - but I’d really appreciate anyone who can steer me in the right direction. Thanks!