Bitwarden

No ; after the proxy pass. Also, it needs to have http:// in front of the ip.

Should be

	location / { 
		proxy_pass  http://127.0.0.1:8443;
	}

Stupid semicolons.

@TheCakeIsNaOH I have a bad gateway error when I load the website now…

You are going to want to proxy_pass to the http port? Not sure.

Or change the proxy_pass to https

Wait I think I figured out the issue. I am not sure yet, but in ./bwdata/config.yml it is set to http://bitwarden.linuxdragon.dev. I’ve updated that for https and rebuilt it.

Didn’t work, but I see these warnings:

Removing network docker_default
WARNING: Network docker_default not found.
Removing network docker_public
WARNING: Network docker_public not found.

Look to me like a cleanup thing, just it was not required.

Also, it would be good to add these to the location block:

  proxy_redirect off;
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-Protocol $scheme;
  proxy_set_header X-Url-Scheme $scheme;

I fixed the gateway error. I had Nginx proxy_pass to the container listening on port 8443, but apparently it is listening on 8080. So I do not get a gateway error anymore, but anytime I try to create a new account, it errors out saying that an unhandled exception occurred. Checking the logs in ./bwdata/logs/api/Api I can see that the error is with the SQL database.

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 35 - An internal exception was caught)

Apparently the container is still restarting… which is confusing.

619f2c2a7be8   bitwarden/nginx:1.38.4           "/entrypoint.sh"   3 minutes ago   Up 3 minutes (healthy)          0.0.0.0:8080->8080/tcp, 80/tcp, 0.0.0.0:8443->8443/tcp   bitwarden-nginx
4847aa142d18   bitwarden/portal:1.38.4          "/entrypoint.sh"   4 minutes ago   Up 3 minutes (healthy)          5000/tcp                                                 bitwarden-portal
efac30f8bbaa   bitwarden/admin:1.38.4           "/entrypoint.sh"   4 minutes ago   Up 3 minutes (unhealthy)        5000/tcp                                                 bitwarden-admin
8ec72401e840   bitwarden/identity:1.38.4        "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)          5000/tcp                                                 bitwarden-identity
d552830444fe   bitwarden/icons:1.38.4           "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)          5000/tcp                                                 bitwarden-icons
a15ae904ac86   bitwarden/mssql:1.38.4           "/entrypoint.sh"   4 minutes ago   Restarting (1) 52 seconds ago                                                            bitwarden-mssql
976bf85c735c   bitwarden/sso:1.38.4             "/entrypoint.sh"   4 minutes ago   Up 4 minutes (unhealthy)        5000/tcp                                                 bitwarden-sso
4390d4cae53c   bitwarden/attachments:1.38.4     "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)                                                                   bitwarden-attachments
82dfa4c98ed8   bitwarden/web:2.17.1             "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)                                                                   bitwarden-web
ec5c20cea50c   bitwarden/events:1.38.4          "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)          5000/tcp                                                 bitwarden-events
d13872fe2465   bitwarden/api:1.38.4             "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)          5000/tcp                                                 bitwarden-api
d1c3b315a70a   bitwarden/notifications:1.38.4   "/entrypoint.sh"   4 minutes ago   Up 4 minutes (healthy)          5000/tcp                                                 bitwarden-notifications

And there are several unhealthy containers

Honestly, Docker is worse than snap. At least snap is simple…

Try docker logs bitwarden-mssql. That seems like it is missing a file permission or something so it keeps restarting to retry. The admin and sso containers are probably unhealthy because the mssql container is not working correctly.

Bitwarden is not a good example of how to make a docker container IMO.

It says:

sqlservr: This program requires a machine with at least 2000 megabytes of memory.
/opt/mssql/bin/sqlservr: This program requires a machine with at least 2000 megabytes of memory.

I have 1000Mb

I guess I will have to put it on my home server that I am going to front with the Linode as a Proxy.

@TheCakeIsNaOH do you know of an alternative to HaProxy?

You could also use bitwarden_rs on your Linode. It’s much lighter on ram, because it can use sqlite and is written in rust rather than c#.

Nginx and Traefik are the other two popular open-source reverse proxies. Apache2 also has reverse proxy functionality but AFAIK it is slower.

I already use Nginx for the webserver, so I guess that should be what I use. Also I am already going to have my home server set up for Nextcloud. I used to have that on my Linode as well, but then I saw Wendell’s HaProxyWI video.

Just use bitwarden-rs

It’s a single container that can be docjer-composed properly and it doesn’t have any stupidly large resource requirements.

@SgtAwesomesauce @TheCakeIsNaOH wow guys thanks. Bitwarden-rs is infinitely better than the original Bitwarden. I wish I had known of it before. It’s also infinitely easier to set up.

Yeah, mssql is not the software you want on your Linux box.