Bitwarden's dedicated self-hosted release repository. This holds the installation scripts for our self-host project.
For any issues regarding a specific client application, please visit bitwarden/clients
Bitwarden's self-hosted release repository
License: GNU General Public License v3.0
Bitwarden's dedicated self-hosted release repository. This holds the installation scripts for our self-host project.
For any issues regarding a specific client application, please visit bitwarden/clients
Hi!
I have been unable to update my Debian 12 selfhosted instance of bitwarden since 2023.10.3: once the update completes my instance becames inaccesible from both web and client. A downgrade back to 2023.10.3 returns full functionality.
When accessing a 2024.1.0 server, the browser console (Chrome and Firefox) returns a 500 error relating to identity connections tokens and the identity logs show the following:
2024-01-13 15:49:17.946 +00:00 [Error] Connection id ""0HN0K9R2L8GSH"", Request id ""0HN0K9R2L8GSH:00000002"": An unhandled exception was thrown by the application.
System.Security.Cryptography.CryptographicException: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information. For more information go to http://aka.ms/dataprotectionwarning
---> System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlReader.MoveToContent()
at System.Xml.Linq.XElement.Load(XmlReader reader, LoadOptions options)
at System.Xml.Linq.XElement.Load(Stream stream, LoadOptions options)
at System.Xml.Linq.XElement.Load(Stream stream)
at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.ReadElementFromFile(String fullPath)
at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElementsCore()+MoveNext()
at System.Collections.Generic.List1..ctor(IEnumerable
1 collection)
at System.Linq.Enumerable.ToList[TSource](IEnumerable1 source) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElements() at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.GetAllKeys() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow, Boolean forceRefresh) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRing() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) --- End of inner exception stack trace --- at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Protect(IDataProtector protector, String plaintext) at Duende.IdentityServer.Stores.Serialization.PersistentGrantSerializer.Serialize[T](T value) in /_/src/Storage/Stores/Serialization/PersistentGrantSerializer.cs:line 61 at Duende.IdentityServer.Stores.DefaultGrantStore
1.StoreItemByHashedKeyAsync(String hashedKey, T item, String clientId, String subjectId, String sessionId, String description, DateTime created, Nullable1 expiration, Nullable
1 consumedTime) in /_/src/IdentityServer/Stores/Default/DefaultGrantStore.cs:line 211
at Duende.IdentityServer.Stores.DefaultGrantStore1.CreateItemAsync(T item, String clientId, String subjectId, String sessionId, String description, DateTime created, Int32 lifetime) in /_/src/IdentityServer/Stores/Default/DefaultGrantStore.cs:line 173 at Duende.IdentityServer.Stores.DefaultRefreshTokenStore.StoreRefreshTokenAsync(RefreshToken refreshToken) in /_/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs:line 43 at Duende.IdentityServer.Services.DefaultRefreshTokenService.CreateRefreshTokenAsync(RefreshTokenCreationRequest request) in /_/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs:line 223 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.CreateAccessTokenAsync(ValidatedTokenRequest request) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 454 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessTokenRequestAsync(TokenRequestValidationResult validationResult) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 336 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessAsync(TokenRequestValidationResult request) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 98 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context) in /_/src/IdentityServer/Endpoints/TokenEndpoint.cs:line 128 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context) in /_/src/IdentityServer/Endpoints/TokenEndpoint.cs:line 81 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in /_/src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 101 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in /_/src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 117 at Duende.IdentityServer.Hosting.MutualTlsEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes) in /_/src/IdentityServer/Hosting/MutualTlsEndpointMiddleware.cs:line 95 at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Duende.IdentityServer.Hosting.DynamicProviders.DynamicSchemeAuthenticationMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/DynamicProviders/DynamicSchemes/DynamicSchemeAuthenticationMiddleware.cs:line 50 at Duende.IdentityServer.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/BaseUrlMiddleware.cs:line 27 at Bit.Core.Utilities.CurrentContextMiddleware.Invoke(HttpContext httpContext, ICurrentContext currentContext, GlobalSettings globalSettings) in /home/runner/work/server/server/src/Core/Utilities/CurrentContextMiddleware.cs:line 19 at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Bit.SharedWeb.Utilities.ServiceCollectionExtensions.<>c__DisplayClass11_0.<<UseDefaultMiddleware>b__1>d.MoveNext() in /home/runner/work/server/server/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs:line 572 --- End of stack trace from previous location --- at Microsoft.AspNetCore.Builder.Extensions.UsePathBaseMiddleware.InvokeCore(HttpContext context, PathString matchedPath, PathString remainingPath) at Bit.Identity.Startup.<>c__DisplayClass10_1.<<Configure>b__2>d.MoveNext() in /home/runner/work/server/server/src/Identity/Startup.cs:line 180 --- End of stack trace from previous location --- at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication
1 application)
I attempted to follow the openssl procedure indicated here (bitwarden/server#1528) (with the -legacy option added due to RC being deprecated) but it lead to no result.
I apologise if my bug statement is incomplete or non-valid, but I received no help in the past 30 days on the forum and the issue has very repeatable for the past two update cycles.
Docker Compose defaults to the basename of the project directory if no project name is set. Here, that means the project is simply called docker
. This shows up in, for example, the output of docker compose ls
and the name of the networks created. This should be set to bitwarden
instead.
I am trying to install a self-hosted bitwarden-server
on my local machine (Ubuntu 20.4). I have docker
and docker-compose
installed. I have downloaded bitwarden.sh
from this repo, made it executable and then run it. The output is as follows:-
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2022.6.2
Docker version 20.10.17, build 100c701
docker-compose version 1.25.0, build unknown
~/bitwarden/bwdata/scripts/run.sh: line 1: error: command not found
Upon investigation the contents of ~/bitwarden/bwdata/scripts/run.sh are:
error code: 1005
Please advise how I should proceed, thanks.
I get an MySqlConnector.MySqlException (0x80004005): Unable to connect to any of the specified MySQL hosts. error using the RUN method of the unified deployment.
Set up on: Debian 12
Docker version: 24.0.7
Created DB: Mysql/MariaDB
running via RUN sudo docker run -d --name bitwarden -v /$(pwd)/bwdata/:/etc/bitwarden -p 443:8443 --env-file settings.env bitwarden/self-host:beta
MariaDB is set up on the same host directly, without docker.
Logs & settings.env:
admin.log
api.log
identity.log
notifications.log
settings.env.txt
Opening a new issue here since bitwarden/server#2644 was closed and I'm not sure if my last comment will be noticed.
My instance just broke again after a failed download of run.sh
:
Unable to download run script from https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run. Received status code: 502
http response:
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>
As stated in my comment on the other issue, the problem is that the file is still not downloaded to a temporary location, overwriting any existing file:
The addition to the
downloadRunFile
function that checks the HTTP return code still breaks instances on failure, because it still downloads directly to the "final" destination ofrun.sh
instead of downloading to a temporary location and only moving the file on success.
In the case I just experienced, the API sent an HTTP 400 response upon executingbitwarden.sh update
, resulting in the following message:Unable to download run script from https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run. Received status code: 400
http response:
{"message": "Traffic from your network looks unusual. Connect to a different network or try again later. [Error Code 2]"}The
run.sh
file was missing afterwards since the function removes it on failure.
INFO exited: admin (terminated by SIGABRT (core dumped); not expected)
Clicking CREATE ACCOUNT on startup page doesn't do anything.
It doesnt matter if I choose to install mariadb or postgres.
my portainer compose and stack.env below:
---
version: "3.8"
services:
bitwarden:
depends_on:
- db
env_file:
- stack.env
image: ${REGISTRY:-bitwarden}/self-host:${TAG:-latest}
restart: always
ports:
- "7080:8080"
- "7443:8443"
volumes:
- bitwarden:/etc/bitwarden
- logs:/var/log/bitwarden
# PostgreSQL Example
db:
environment:
POSTGRES_USER: "bitwarden"
POSTGRES_PASSWORD: "super_strong_password"
POSTGRES_DB: "bitwarden_vault"
image: postgres:14
restart: always
volumes:
- data:/var/lib/postgresql/data
# MS SQL Server Example
# Docs: https://learn.microsoft.com/en-us/sql/linux/sql-server-linux-docker-container-deployment
# db:
# environment:
# MSSQL_SA_PASSWORD: "super_strong_password"
# ACCEPT_EULA: Y
# image: mcr.microsoft.com/mssql/server:2019-latest
# restart: always
# volumes:
# - data:/var/opt/mssql
volumes:
bitwarden:
logs:
data:
networks:
default:
external: true
name: chw
my stack.env added as environment variables in portainer:
BW_DOMAIN=sub.domain.com (using outside real fqdn)
BW_DB_PROVIDER=postgresql
BW_DB_SERVER=db
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=bitwarden
BW_DB_PASSWORD=mysuperstrongpass
BW_INSTALLATION_ID=my id got from bitwarden website
BW_INSTALLATION_KEY=my key got from bitwarden website
COMPOSE_PROJECT_NAME=bitwarden
REGISTRY=bitwarden
TAG=dev
I'm running version 2022.12.0 of Bitwarden self-hosted on a Ubuntu 22.04 Live Server host.
I can browse my vault on my local network but when I enter all my details and click the "Create account" button, nothing happens. The screen stays on the page where I have filled all the fields.
There doesn't appear to be an update that I'm missing. I've completely removed my Ubuntu host and started from the beginning. After the new install of Bitwarden is up and running the same thing is happening.
I've tried multiple browsers.
Thanks in advance.
I'm unable to add user to a Collection in my Organization after the docker image upgrade. If i add a Group instead it works. The procedure gives a green pop up but the user is not added to the Collection access rules.
Tried with every user role (Owner, Administrator etc etc).
The feature worked until bitwarden 2023.5.0, i'm unable to downgrade to any older version because there's no beta tag that can go further past. I'm stuck with the latest bitwarden/self-host:beta now
I have no error in the browser console or the kubernetes container
Disclaimer: This is a copy of bitwarden/server#2989, since the Docker part moved to this repo
The logs show a "permission denied" error when trying to set the permissions for /etc/bitwarden. This happens in the unified and the regular containers.
The exact line of code producing the error is for the regular installation this https://github.com/bitwarden/server/blob/master/src/Admin/entrypoint.sh#L33 and for the unified this https://github.com/bitwarden/server/blob/master/docker-unified/entrypoint.sh#L97.
After some investiagation the underlying problem seems to be that the application user is created in the entrypoint.sh script and thus the /etc/bitwarden directory is owned by root:root during the container creation when the mount is happening. Changing permissions to a mounted directory is not possible afterwards, thus the application does not have permissions to /etc/bitwarden during runtime and does not work.
No response
Best practice by Docker seems to be to create the user with an explicit UID/GID during the image creation and not during container startup. Source: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
A change of this explicit UID/GID should then not be done in the entrypoint script but utilizing a remap as suggested by Docker: https://docs.docker.com/engine/security/userns-remap/
bitwarden/server@8d9ca424a1ec2079cc2508be5c23a4883987ea69-dirty and 2023.4.3
Self-Hosted
Tested on various Setups including:
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates are awaiting their schedule. Click on a checkbox to get an update now.
mcr.microsoft.com/dotnet/aspnet
, mcr.microsoft.com/dotnet/sdk
)These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
docker/build-push-action
, docker/setup-buildx-action
, docker/setup-qemu-action
)docker-unified/docker-compose.yml
mariadb 10
docker-unified/Dockerfile
docker/dockerfile 1.8
mcr.microsoft.com/dotnet/sdk 8.0
mcr.microsoft.com/dotnet/aspnet 8.0
.github/workflows/DCT-test.yml
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
ubuntu 22.04
.github/workflows/build-unified.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
docker/setup-qemu-action v3.0.0@68827325e0b33c7199eb31dd4e31fbe9023e06e3
docker/setup-buildx-action v3.3.0@d70bba72b1f3fd22344832f00baa16ece964efeb
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
docker/build-push-action v6.1.0@31159d49c0d4756269a0940a750801a1ea5d7003
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
act10ns/slack v2.1.0@44541246747a30eb3102d87f7a4cc5471b0ffb7d
ubuntu 22.04
ubuntu 22.04
.github/workflows/release-digital-ocean.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
hashicorp/setup-packer v3.1.0@1aa358be5cf73883762b302a3a03abd66e75b232
digitalocean/action-doctl v2.5.1@135ac0aa0eed4437d547c6f12c364d3006b42824
ubuntu 22.04
.github/workflows/release-web-latest.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
ubuntu 22.04
ubuntu 22.04
.github/workflows/release.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
ncipollo/release-action v1.14.0@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
ubuntu 22.04
ubuntu 22.04
ubuntu 22.04
ubuntu 22.04
ubuntu 22.04
.github/workflows/update-links.yml
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
ubuntu 22.04
.github/workflows/update-versions.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
Azure/login v1.6.0@e15b166166a8746d1a47596803bd8c1b595455cf
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
crazy-max/ghaction-import-gpg v6.1.0@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4
ubuntu 22.04
ubuntu 22.04
In Settings-> Options -> Enable Full Width Layout when enabled will not maintain (even though checked) in Google Chrome and MS Edge regardless of theme (dark or light) when using SSO. Checks were completed via both incognito and history/cookie purge browser sessions with fresh SSO logons.
I'm using bitwarden self hosted at home and it's working fine to log in through the URL and browser extension, but in the windows app it pop up an error "failed to fetch", is there any solution for that?
Hi,
As of now the current server version is 2022.9.1 but the bitwarden.sh
script still downloads the previous version, 8.1 for the web version and 8.4 for the server version.
Can you please check?
Setting up a fresh install my instance no matter how many docker rm and relaunches I do seems to be trying to redirect to the internal port instead of the external SSL port.
Looks to be https://github.com/bitwarden/self-host/blame/master/docker-unified/hbs/nginx-config.hbs on line 7 thats causing the issue.
curl -I http://mybitwardendomain.tld
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 12 Aug 2023 11:06:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://mybitwardendomain.tld:8443/
curl -I https://mybitwardendomain.tld
curl: (7) Failed to connect to mybitwardendomain.tld port 8443 after 15 ms: Couldn't connect to server
curl -I https://mybitwardendomain.tld
HTTP/2 200 server: nginx date: Sat, 12 Aug 2023 11:19:31 GMT content-type: text/html content-length: 1238 last-modified: Tue, 25 Jul 2023 20:03:38 GMT vary: Accept-Encoding etag: "64c02a9a-4d6" strict-transport-security: max-age=15768000 referrer-policy: same-origin x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory; object-src 'self' blob:; x-frame-options: SAMEORIGIN x-robots-tag: noindex, nofollow accept-ranges: bytes
settings.env:
`#####################
#####################
BW_DOMAIN=mybitwardendomain.tld
BW_DB_PROVIDER=postgresql
BW_DB_SERVER=10.8.96.3
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=bitwarden
BW_DB_PASSWORD=postgres-password
BW_INSTALLATION_ID=generated-install-id
BW_INSTALLATION_KEY=generated-install-key
#####################
#####################
#PUID=1000
#PGID=1000
BW_PORT_HTTP=8080
BW_PORT_HTTPS=8443
BW_ENABLE_SSL=true
#BW_ENABLE_SSL_CA=true
BW_SSL_CERT=letsencrypt/live/mybitwardendomain.tld/fullchain.pem
BW_SSL_KEY=letsencrypt/live/mybitwardendomain.tld/privkey.pem
#BW_SSL_CA_CERT=ca.crt
BW_ENABLE_ADMIN=true
BW_ENABLE_API=true
BW_ENABLE_EVENTS=false
BW_ENABLE_ICONS=true
BW_ENABLE_IDENTITY=true
BW_ENABLE_NOTIFICATIONS=true
BW_ENABLE_SCIM=false
BW_ENABLE_SSO=false
BW_ICONS_PROXY_TO_CLOUD=false
globalSettings__mail__replyToEmail=[email protected]
globalSettings__mail__smtp__host=smtp.domain.com
globalSettings__mail__smtp__port=465
globalSettings__mail__smtp__ssl=true
globalSettings__mail__smtp__username=emailuser
globalSettings__mail__smtp__password='randomly generated password in marks due to symbols requirement'
#globalSettings__yubico__clientId=REPLACE
#globalSettings__yubico__key=REPLACE
#globalSettings__disableUserRegistration=false
#globalSettings__hibpApiKey=REPLACE
#adminSettings__admins=[email protected],[email protected]`
I just updated my self-hosted docker to the latest version 2023.2.1 and now I am unable to manage collections in my family organization. The vault overview shows all entries just fine including the display if it is my own entry or from the family organization. When I open the organization tab it just shows all entries without the collections and the left pane where the collections should be displayed is only showing the rotating circles trying to load the collection list I suppose. I cannot add a new collection as the popup only shows the same loading indicator. In the entry table all entries are shown but instead of the collection names it just shows some small grey boxes.
The docker uses a maria-db database for data storage.
The api.log contains the following message:
fail[39m[22m[49m:` Bit.Api.Utilities.ExceptionHandlerFilterAttribute[0]
=> SpanId:8de51beafea0925d, TraceId:89ce70322580ad6bb13c9e4618aaeb44, ParentId:0000000000000000 => ConnectionId:0HMONBQUKRF78 => RequestPath:/organizations/2c1ac356-be09-422c-b4fe-af8f01695194/collections/details RequestId:0HMONBQUKRF78:00000002 => Bit.Api.Controllers.CollectionsController.GetManyWithDetails (Api)
The LINQ expression 'DbSet<CollectionGroup>()
.Where(cg => cg.Collection.OrganizationId == __organizationId_0 && __Select_1
.Contains(cg.Collection.Id))
.GroupBy(cg => cg.CollectionId)
.Select(g => g)' could not be translated. Additional information: Translation of 'Select' which contains grouping parameter without composition is not supported. Either rewrite the query in a form that can be translated, or switch to client evaluation explicitly by inserting a call to 'AsEnumerable', 'AsAsyncEnumerable', 'ToList', or 'ToListAsync'. See https://go.microsoft.com/fwlink/?linkid=2101038 for more information.
System.InvalidOperationException: The LINQ expression 'DbSet<CollectionGroup>()
.Where(cg => cg.Collection.OrganizationId == __organizationId_0 && __Select_1
.Contains(cg.Collection.Id))
.GroupBy(cg => cg.CollectionId)
.Select(g => g)' could not be translated. Additional information: Translation of 'Select' which contains grouping parameter without composition is not supported. Either rewrite the query in a form that can be translated, or switch to client evaluation explicitly by inserting a call to 'AsEnumerable', 'AsAsyncEnumerable', 'ToList', or 'ToListAsync'. See https://go.microsoft.com/fwlink/?linkid=2101038 for more information.
at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.VisitMethodCall(MethodCallExpression methodCallExpression)
at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.VisitMethodCall(MethodCallExpression methodCallExpression)
at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.Expand(Expression query)
at Microsoft.EntityFrameworkCore.Query.QueryTranslationPreprocessor.Process(Expression query)
at Microsoft.EntityFrameworkCore.Query.QueryCompilationContext.CreateQueryExecutor[TResult](Expression query)
at Microsoft.EntityFrameworkCore.Storage.Database.CompileQuery[TResult](Expression query, Boolean async)
at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.CompileQueryCore[TResult](IDatabase database, Expression query, IModel model, Boolean async)
at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.<>c__DisplayClass9_0`1.<Execute>b__0()
at Microsoft.EntityFrameworkCore.Query.Internal.CompiledQueryCache.GetOrAddQuery[TResult](Object cacheKey, Func`1 compiler)
at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.Execute[TResult](Expression query)
at Microsoft.EntityFrameworkCore.Query.Internal.EntityQueryProvider.Execute[TResult](Expression expression)
at System.Linq.Queryable.FirstOrDefault[TSource](IQueryable`1 source, Expression`1 predicate)
at Bit.Infrastructure.EntityFramework.Repositories.CollectionRepository.<>c__DisplayClass10_1.<GetManyByUserIdWithAccessAsync>b__7(CollectionDetails collection) in /source/src/Infrastructure.EntityFramework/Repositories/CollectionRepository.cs:line 247
at System.Linq.Enumerable.SelectListIterator`2.ToList()
at Bit.Infrastructure.EntityFramework.Repositories.CollectionRepository.GetManyByUserIdWithAccessAsync(Guid userId, Guid organizationId) in /source/src/Infrastructure.EntityFramework/Repositories/CollectionRepository.cs:line 246
at Bit.Api.Controllers.CollectionsController.GetManyWithDetails(Guid orgId) in /source/src/Api/Controllers/CollectionsController.cs:line 88
at lambda_method1059(Closure , Object )
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
Setting parameter globalSettings__disableUserRegistration=true in the ./bwdata/env/global.override.env
After ./bitwarden.sh rebuild && ./bitwarden.sh restart
bitwarden.sh version 2022.9.1
Docker version 20.10.3, build 55f0773
docker-compose version 1.28.5, build 24fb474e
I see the register button and it works - registration of new users occurs without errors.
What am I doing wrong?
Would it be possible to use docker compose version 2?
As of right now, the script uses the old version 1, which is no longer supported.
Is there a reason why ipv6 is commented out?
If not, can it be switched on by default or controlled via an environment variable?
https://github.com/bitwarden/self-host/blob/master/docker-unified/hbs/nginx-config.hbs#L3
The installation process should proceed to the next step after entering the instance name and database name.
After entering the instance name and database name, the installation process hangs and does not proceed to the next step.
The installation process does not proceed beyond this point, even after waiting for a long time. This issue has been encountered consistently on multiple attempts.
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
Docker version 20.10.24, build 297e128
After updating to 2022.6.2, I was unable to access the web interface for my self-hosted instance. I checked the nginx error.log and saw the following error flooding the log:
[emerg] 1#1: invalid number of arguments in "server_name" directive in /etc/nginx/conf.d/default.conf:11
Checking bwdata/nginx/default.conf
line 11, I saw the server_name
directive was blank. Adding in localhost and restarting bitwarden solved the issue.
I did not see any errors during the update and made no other changes when updating.
Hi. After updating the script to the latest version and then running the update command, I am receiving the following error,
| |__ () |__ ____ _ _ __ _| | ___ _ __
| ' | | \ \ /\ / / | '__/ _
|/ _ \ '
| |) | | | \ V V / (| | | | (| | / | | |
|_./||_| _/_/ _,|| _,_|_|| ||
Open source password management solutions
Copyright 2015-2024, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2024.1.0
Docker version 24.0.7, build afdd53b
Docker Compose version v2.20.3
[+] Running 13/13
✔ Container bitwarden-icons Removed 1.4s
✔ Container bitwarden-notifications Removed 1.4s
✔ Container bitwarden-sso Removed 1.3s
✔ Container bitwarden-events Removed 1.1s
✔ Container bitwarden-attachments Removed 1.0s
✔ Container bitwarden-nginx Removed 1.5s
✔ Container bitwarden-web Removed 0.6s
✔ Container bitwarden-api Removed 1.0s
✔ Container bitwarden-identity Removed 0.9s
✔ Container bitwarden-admin Removed 0.9s
✔ Container bitwarden-mssql Removed 0.8s
✔ Network docker_public Removed 0.2s
✔ Network docker_default Removed 0.3s
2024.1.0: Pulling from bitwarden/setup
b5a0d5c14ba9: Pull complete
633d76141204: Pull complete
1848b362d065: Pull complete
fbe27472c7a1: Pull complete
f1dad1ba8f85: Pull complete
5086debf0418: Pull complete
e092098130a8: Pull complete
0d0f68a904a8: Pull complete
b60aca579b54: Pull complete
ce406edb9606: Pull complete
Digest: sha256:*****
Status: Downloaded newer image for bitwarden/setup:2024.1.0
docker.io/bitwarden/setup:2024.1.0
Unhandled exception. YamlDotNet.Core.YamlException: (Line: 90, Col: 11, Idx: 3822) - (Line: 90, Col: 25, Idx: 3836): Exception during deserialization
---> System.InvalidCastException: Invalid cast from 'System.String' to 'System.Collections.Generic.List1[[System.String, System.Private.CoreLib, Version=6.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]'. at System.Convert.DefaultToType(IConvertible value, Type targetType, IFormatProvider provider) at System.String.System.IConvertible.ToType(Type type, IFormatProvider provider) at System.Convert.ChangeType(Object value, Type conversionType, IFormatProvider provider) at YamlDotNet.Serialization.Utilities.TypeConverter.ChangeType(Object value, Type destinationType, CultureInfo culture) at YamlDotNet.Serialization.Utilities.TypeConverter.ChangeType(Object value, Type destinationType) at YamlDotNet.Serialization.NodeDeserializers.ScalarNodeDeserializer.YamlDotNet.Serialization.INodeDeserializer.Deserialize(IParser parser, Type expectedType, Func
3 nestedObjectDeserializer, Object& value)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
--- End of inner exception stack trace ---
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.AliasValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.<>c__DisplayClass3_0.b__0(IParser r, Type t)
at YamlDotNet.Serialization.NodeDeserializers.ObjectNodeDeserializer.YamlDotNet.Serialization.INodeDeserializer.Deserialize(IParser parser, Type expectedType, Func`3 nestedObjectDeserializer, Object& value)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.AliasValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.Deserializer.Deserialize(IParser parser, Type type)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](IParser parser)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](TextReader input)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](String input)
at Bit.Setup.Context.LoadConfiguration() in /home/runner/work/server/server/util/Setup/Context.cs:line 154
at Bit.Setup.Program.RebuildConfigs() in /home/runner/work/server/server/util/Setup/Program.cs:line 312
at Bit.Setup.Program.Update() in /home/runner/work/server/server/util/Setup/Program.cs:line 162
at Bit.Setup.Program.Main(String[] args) in /home/runner/work/server/server/util/Setup/Program.cs:line 56
root@bitwarden:/home/kc#
I have never had an issue updating before. This is on a ubuntu VM. I was able to restore a snapshot and everything is back fine with the previous version. I did try the update again and received the same error. Any suggestions ? Thanks
I know the stable release doesn't officially launch until 6/10/23, and that the self hosted documentation doesn't specifically call out any OS versions, but I wanted to confirm that this is going to be supported on launch day.
Until version 2023.8.2 arm64 and arm/v7 arch images where published to the 'bitwarden/self-host:beta' tag on dockerhub. However, these tags are no longer updated on dockerhub and the version-specific tags have no support for ARM-platforms.
Could you please fix the publication of the ARM versions? A lot of users run Bitwarden on RPI's or NAS hardware with ARM processors.
Would it be possible to run multiple Docker instances (multiple installations) for different domains?
How can I setup it up?
Thank you
I may have missed it. But I can’t see in the code where one can specify dns-01 with a wait time for a Let’s Encrypt challenge on ./bitwarden install.
Self-hosters running in VMs behind proxies will have real issues using other, non pause-able LE challenges.
Without this capability one has to run certbot on the VM and arrange to have certs renewed, copied to ./bwdata/ssl and restart the nginx container on a cron schedule.
Not hard but not convenient.
Self hosted backup files are being created with a file name which includes the UTC date and time as part of the filename itself, but with a file timestamp (modified time) based on Local time.
This is confusing, and should be corrected. Especially as it may be assumed that the backups are being taken at the local time shown in the filename, when in fact they are not. Additionally, one would assume the backups would be taken at midnight, but in fact they are being taken at midnight UTC which may be quite unexpected in many cases.
Also, some backup files are being created just one minute after the previous backup, while others are created one day after the previous backup. Again, confusing. One backup every 24 hours is what I would suspect most people would assume should happen.
Please see the screen shot below:
While the above is a bug report, it is related to the following feature request:
https://community.bitwarden.com/t/feature-request-self-hosting-respect-for-local-time-zone/53130
I really wish we can deploy Bitwarden on Kubernetes because high availability, and to ease the use on enterprise platform to self-host on Google Cloud or Azure.
https://github.com/mcfedr/bitwarden-chart is a good starting point
I've got a brand new instance of Bitwarden up and running.
The host VM is Ubuntu 22.10 if that matters.
All containers are healthy except sso when I issue docker ps command. When I look at the log files I see in the SSO directory there are endless repeating entries of the following:
2023-02-18 01:08:47.224 +00:00 [Information] SSO started.
2023-02-18 01:09:27.829 +00:00 [Error] An unhandled exception has occurred while executing the request.
Microsoft.Data.SqlClient.SqlException (0x80131904): Cannot open database "vault" requested by the login. The login failed.
Login failed for user 'sa'.
--- End of stack trace from previous location ---
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
at Dapper.SqlMapper.QueryAsync[T](IDbConnection cnn, Type effectiveType, CommandDefinition command) in /_/Dapper/SqlMapper.Async.cs>
at Bit.Infrastructure.Dapper.Repositories.SsoConfigRepository.GetManyByRevisionNotBeforeDate(Nullable1 notBefore) in /home/runner/> at Bit.Core.Business.Sso.DynamicAuthenticationSchemeProvider.LoadAllDynamicSchemesIntoCacheAsync() in /home/runner/work/server/serv> at Bit.Core.Business.Sso.DynamicAuthenticationSchemeProvider.GetRequestHandlerSchemesAsync() in /home/runner/work/server/server/bit> at Bit.Sso.Utilities.SsoAuthenticationMiddleware.Invoke(HttpContext context) in /home/runner/work/server/server/bitwarden_license/s> at IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) at Bit.Core.Utilities.CurrentContextMiddleware.Invoke(HttpContext httpContext, ICurrentContext currentContext, GlobalSettings globa> at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpCo> ClientConnectionId:ca7d6b27-c42e-49bf-8e70-2755fea41d60 Error Number:2812,State:62,Class:162023-02-20 00:00:05.537 +00:00 [Error] An unhandled exception has occurred while executing the request. Microsoft.Data.SqlClient.SqlException (0x80131904): Could not find stored procedure 'dbo.SsoConfig_ReadManyByNotBeforeRevisionDate'. at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__208_0(Task
1 result)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
This is not an exhaustive copy and paste of the log but it is most of the major blocks.
I haven't made any changes or updates to any of the configuration files other than the necessary ones such as the port numbers in config.yml and the entries in the global environment file.
Thanks in advance.
I have the same problem as issue #186.
We first deploy self host image version 2023.5.0. We add a Collection to our Organization. Afeter that, we can add user to Collection and set permission. After upgrade to latest version, we are unable to add user to Collection and set permission (we try with user with different permission, no one is working, even if it is an Administrator).
So, we tried to downgrade to 2023.7.0-beta (that is the oldest version currently available on docker hub) and the problem is still there.
Actually we can't downgrade to 2023.5.0 version, because it is no longer present on docker hub.
We try to search into application log, but there is nothing releated to this problem. The changelogs on github between different versions are useless, as they are very generic. Have there been any changes in the application management functions that may have broken the functionality?
Hello,
my Linux Docker installation stalled after update via
./bitwarden.sh updateself
./bitwarden.sh update
The error is
Database is in script upgrade mode. Trying again (attempt #10)...
Migrating database.
Unhandled exception. System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'sa'. Reason: Server is in script upgrade mode. Only administrator can connect at this time.
After waiting several minutes and running the two update script commands again, the update finalizes successfully.
Maybee there should more attempts to wait for successfull database upgrade.
This is the end of my logged run of the two update commands above
Creating network "docker_default" with the default driver
Creating network "docker_public" with the default driver
Creating bitwarden-notifications ...
Creating bitwarden-identity ...
Creating bitwarden-mssql ...
Creating bitwarden-web ...
Creating bitwarden-events ...
Creating bitwarden-attachments ...
Creating bitwarden-api ...
Creating bitwarden-sso ...
Creating bitwarden-icons ...
Creating bitwarden-web ... done
Creating bitwarden-mssql ... done
Creating bitwarden-admin ...
Creating bitwarden-notifications ... done
Creating bitwarden-attachments ... done
Creating bitwarden-identity ... done
Creating bitwarden-icons ... done
Creating bitwarden-api ... done
Creating bitwarden-sso ... done
Creating bitwarden-events ... done
Creating bitwarden-admin ... done
Creating bitwarden-nginx ...
Creating bitwarden-nginx ... done
2022.10.0: Pulling from bitwarden/setup
Digest: sha256:b20826e60e6084ed5a727eea998433ae37ff7baa3b7dea05e6432fb6c65eb182
Status: Image is up to date for bitwarden/setup:2022.10.0
docker.io/bitwarden/setup:2022.10.0
Bitwarden is up and running!
===================================================
visit https://xxx/
to update, run `./bitwarden.sh updateself` and then `./bitwarden.sh update`
Deleted Images:
untagged: bitwarden/api:2022.9.1
untagged: bitwarden/api@sha256:cfb8a16e6a0fa25377fd032c292a76c758c2051357b263358de1cf513a72e828
deleted: sha256:925de309736ed558eaf4af1976ecfd1e019dc4cea20484dd5194c0c60c5a23ca
deleted: sha256:928abc6578c8f859d74657ec19b26fb830d3627e53e1f6df29f56b654dd7a4e4
deleted: sha256:e31f7d6155e115973ebf44f84d4a29cac28054d00f7efa453cd225ade01b1c5b
deleted: sha256:031aacd1791427ce1a940813a68252aab29e0341d73ef94d5728c04ab2d028da
deleted: sha256:9a8dc7587739226badf483f1e1bc9d20f4bf9f8e0ac7ac1d704970989ef7a52f
deleted: sha256:0867ecd4946de0962d7b426c17020a1518a66bdf9957aac54635b71cbc97b395
deleted:
deleted:
deleted:
deleted:
untagged: bitwarden/mssql:2022.9.1
untagged: bitwarden/mssql@sha256:d38d299eb9155993965c1c4947e9b8a90d4a95917644e2157a4e9bb312941ef6
deleted: sha256:773e91dfa3ab5c4a28894b0f3007ea378919c536fa19870531b77ed27a54248c
deleted: sha256:acfdbb8ae0b55f00d2baae31326cad54b4b80a000e5e2ef22277b5afebcf108f
deleted: sha256:737e83203504229a0ff0afbf382d438daee5eb1514021f7024efd4de3669e8a3
deleted: sha256:2b6c8367b125d38bc8de9a56b4a85b4223b5ec6f39a1b9472f1cc69f625522c3
deleted: sha256:8cad2e4d24541d45364fe59a8160593b30eceadbaecb2f07511058874bfda51c
deleted: sha256:72e2c563dbd0a63a13eaebe6f3f4426ed8d847b02889cdfb976fd4bd6d1af162
deleted: sha256:025522b71cfe4f0c83f82b6870065d9c7b6574c7539b307585d9f0d4fa87bca6
deleted: sha256:8c29a31bd900d07ae2e6f16163e8667291ff83bb4d344facc14c2ed2f6a4e8a2
deleted: sha256:bfd45a4b249a45a22429adcd8c58845747e5c971d1683127ed68e1d4e0b09959
deleted: sha256:6a0e6bf8055ade83f0e1a811778801da594b6b2d0f0559513cfa3ab09cc44687
deleted: sha256:91e4318a5f8d6a9aead4e9e0dbf6eaf425f84b761bcf4d8f8380c918340bebfc
deleted: sha256:ef572e1ba2ecca900f0ec3db00e997de12dd380ce3e360b5813fd75920232359
deleted: sha256:98fc4d5421178c7be7d5718d2d44abba8053dc5c712e51658fe5b872675b4f7a
deleted: sha256:7b2cc05dfd889e28234f8831c80ac20cf299d5bbebbbac013f8f7d2b7abc0d65
deleted: sha256:6b0187d1cdff63eb5966ac72bf4ccd96150586c1409eb858bb98783f02018ee7
deleted: sha256:644879075e24394efef8a7dddefbc133aad42002df6223cacf98bd1e3d5ddde2
deleted:
deleted:
untagged: bitwarden/web:2022.9.1
untagged: bitwarden/web@sha256:a183fe841a3269a5a49f0787f4341126d4f25041adf185b368af2bb7bbcf1fae
deleted: sha256:3b112ddf352c1d4a95bbbb8192e11e257722d18b7a0f2ac43253578be8f1f963
deleted: sha256:f3e013b2b6773bfcbb4280022b6dedaf3d4b5473f8ec4813e4c0ff38f762906b
deleted: sha256:b05337c3dba36affe50117decdc83f53c1f755639b687e2d07461352cd99c4a7
deleted: sha256:933405b6737dd184f75bf434621d696fde28ab26c92987d144f9800e405d0459
deleted: sha256:a44df38e4b63f57e7d0293e12934c9c89f0e49aef86899342f1807de886f6466
deleted: sha256:c0a4025569d41dae98e302b85bc81a91bcddfdbf4b314ce28598fa272958220b
deleted: sha256:45dde847e0eefe2957f1190383623762fd7d00d0ef6c3308cd8047de524aa2df
deleted: sha256:1aec719198fd7343aa3d572cf2ab609cdf86a3afcc56e058ac536d2f4ac06b94
deleted: sha256:b264cff4e083c2b28fa7dd83b9c405755af14ac8e7ca9bb00e57a64792931fe0
deleted: sha256:77fca1f8661c068c1e3eab1e688e924fbfdeb2bee13db116e33ceeecd412929f
deleted: sha256:dc46ee02ad38a8aa20fe9258d772c6c3a2518c3ac655834cd8b5aba0460f5956
untagged: bitwarden/events:2022.9.1
untagged: bitwarden/events@sha256:3ac03e470430c292878000e939ecb67a4c886a5e1c7b454da65f6c5ad873dfd5
deleted: sha256:951bebd465f1fd537918fb069600145cfbd724f3a91463944581b881d17f8e40
deleted: sha256:43e2a3998210074fbec17486c15f46ccd21076445bc16a855f724e41ef22a0f6
deleted: sha256:089517a4f4961c0f901282f2ad544f4dac1665b2a52ece62f06b0a88beea38ff
deleted: sha256:1514d1bcc396695796cd22d76c9aa3b24e1c565680273a77cafb379d1b27a99f
deleted: sha256:3e9f57b7c249a4e3d2c590be3ad6f6db4434c341a3cd83756739cee927db2e82
deleted: sha256:e455200fe80739839e2ee0792d1e0686bebe05103e9e612d188eb7d75e82d87f
untagged: bitwarden/admin:2022.9.1
untagged: bitwarden/admin@sha256:c38e47c46dc675debb46fc2598006fd5380fe86c8817fc57f00e50fac4504762
deleted: sha256:a535f05fbb98b78a2e9396b3abaca28952ac3ed377e9400f1963370c567c65be
deleted: sha256:7e6bb22af9788eee0dd7638a80199652b76d07ab453b449bf556452769d09310
deleted: sha256:e2df6b55a1601a3e0bb2f1a894eb257dafefba828691ef8e0ba17568b7cc0f1c
deleted: sha256:00873ca4ecdf58efe7a0b73bb5dc122ad0e9527d763d62229047774480a95f8d
deleted: sha256:c34b2101fc3c93eb8c611b7a89937eafc5661eedd323d4acda1c66200f501f60
deleted: sha256:120d0c80f61a9e2f62baf748d759c89b2ae4092a628bd18abc00d2d378f4ade5
untagged: bitwarden/attachments:2022.9.1
untagged: bitwarden/attachments@sha256:7bc300775614bb3292a2a8fdbf15747ba616bc68fc15463bd1b6c058be05f6e2
deleted: sha256:8cb7c3d1917ed1fab0ea991681edfb4b1b7e3ee805eeb0b5720b2783a87d4e48
deleted: sha256:5514acad792c8346055a9a7ea9815f276e194f4a61f29e8f1064f11e1033eaa3
deleted: sha256:19296bc1ddd58e2d02a5c7133f531ff8972d14c8d7f52964c4f04776c8c19677
deleted: sha256:1b326a4692e99d1198218b6c965e27a215f9b66ae11b08783a1383f9709aa730
deleted: sha256:b39192df4eee844a1b4453c95dc0bca14271921cd24c5cd83b8b92449cd6da0a
untagged: bitwarden/nginx:2022.9.1
untagged: bitwarden/nginx@sha256:24e01d5fb26daf2c0674738c86baa82ef20046a814e4c592061d336260db9a8d
deleted: sha256:2fc32efe65881ea595ac9977c3555c8275ca11d11ef57da5c3fcd9150a8f68fd
deleted: sha256:f6368f15071c455264c019ca1a1356079f53ff2877c51362880bb9f2919b822a
deleted: sha256:a196afcf3d7882a05491529f947a22806c7436a709f3104cf25a31987ad1a2fc
deleted: sha256:1279c6420f845360dc4a67e7eba95370e19e6f4d15a99c286e346f05ee0f4fe4
deleted: sha256:2b04477b51e8e97dabc68a1a5396a4eb479b50c872684a645581b6815cca3b77
deleted: sha256:6455851996279fe7f4d0dbe4269da84c33a76efa104e3bccf96cf6bdef432245
deleted: sha256:0245d94e4637f6be6a275c4af7ecb716089865e9e86f7e1e391efb9e6b27b805
deleted: sha256:decb740c10b8d0b9a3e921e9d91a9a87b3dcafca5f783deee7a778395590a38c
deleted: sha256:c927dcf2cd3697f86d6c4c729e689f175ea10ab967e77eab8f35447e7748e599
deleted: sha256:37a4f8d71046d3d484f730140e355ab2ca224e2a36889e615ed8865bb423d7e0
deleted: sha256:59716a71cea879143c86425b10986e2f28b1f4e6f6ecfff7a6bdc469a5e29486
deleted: sha256:34bdfbf02b3bbb46879c29769150eeb7cf5151b0addb86e5ac626bd8813ef99b
deleted: sha256:0333123f731a60ef626adca3670129136871cb3d0a70c0154196028d6b2405e3
deleted: sha256:4e41d535a6361e4c9760d5f2b37782a6a7e460d5dd187c4e3d1685efb4b24ce3
deleted: sha256:73757063f2c178000cbff9abd5a10f71932fb24f51fff4b87dba216f7ce8ad52
untagged: bitwarden/identity:2022.9.1
untagged: bitwarden/identity@sha256:80d3cd02baa811e45e8e85d7bf366e6bb37da7b618d6622f32378b6445fd215c
deleted: sha256:5d28235aa023ea328708236b07b13a5d59ceaed7f2165cb25b2cb0faf0523a07
deleted: sha256:b1e464eeb412ca8157c7effbbd955aab82600a64d42d1f322f25b8c8500adb6a
deleted: sha256:af56dc562a3a34ad13547d9bec71e36be0cc7e4cf06cecb5ad431f354c319233
deleted: sha256:4fab89a21f1af917902c7a3ad2507ce9637a72cb64b6d2abdb844be68c3da595
deleted: sha256:fb1470229bd547bfd0d291eea809314f742fe42bf06d6fe70d8525c3f169e67c
deleted: sha256:b695fd4960680f45b90384637169d5bfe3e77dffdd4240e2c336928e4bcbb8cf
deleted:
deleted:
untagged: bitwarden/notifications:2022.9.1
untagged: bitwarden/notifications@sha256:f728d114412e17ed77d256fd58a5b938000669a137fcb3b93d9671c8b8a90b02
deleted: sha256:d9e8152e31716876b2b6217ce5f57e5154eca121d8d411da44d9cbd7e434364b
deleted: sha256:22d935cd2703b4fa92070413f6f921efb203fe5a8243d254b89ea2f46a818ff4
deleted: sha256:2ae044d9af3a275b87d1502090ad5e028a000fa2f2c99fd3d0b67d677a05a5ea
deleted: sha256:6774ec82e3d4e209ac0e68acce78a344225257b3c1b4a2ad1b0f831f8b82f675
deleted: sha256:6eef464cc09381826a90532179891721591bf5c283e2c47344395e104b444ea4
deleted: sha256:d757db22a8a1c3047516b232de64dbf0d47e2c852be90633b9fa09cc3eeee5d9
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
untagged: bitwarden/icons:2022.9.1
untagged: bitwarden/icons@sha256:f03005b186658322359432d57d1349c0db5668f4e16fe4b8375088e48ecb14c3
deleted: sha256:340ef1d632f7962b519d8a7c0cf1556f8c5d3816f8a70d6e5f54cd4d74d80351
deleted: sha256:b5777e3fbfc305e0954ca182efe39c3cb431fb333fb0dca32dcd601e8906ee92
deleted: sha256:3bd5f4b9018f32f495bc7f90bb81b10b129883bd4664d1d114f22e79faba8969
deleted: sha256:1b6cb0012215cd8940931aefe5d8701ad1a388b708a48e32958595f027a35677
deleted: sha256:f3bc98e133aaae78954dea41675c6e42ed0db6cab9d6cafa67403e8e8a8b5d7b
deleted: sha256:19789059efeea7b2c76e1e76041f4b8efa006fda78940355506f6b5e309062a5
untagged: bitwarden/sso:2022.9.1
untagged: bitwarden/sso@sha256:d1fb1a78282f2aef2eadbc43cd098ecfcad23213789b75cc6d1b1e8651f4388a
deleted: sha256:dfc27543d3dfd9afe6a7b757c56da6f7c6d10c18227fa298325b7009d2fe1c84
deleted: sha256:c1a1fc139938ec0b469accba8c0d3ab34566a421dd7e463da37290d4084f0572
deleted: sha256:379170e1b6af2fc95057218e53bd2f3fa4309d255d9fc6f1b1a6a21f05130c95
deleted: sha256:465bafd7e80cf37549afeac43aa87aaa60ad357f3e146816f36c198c34137695
deleted: sha256:2526515a1045ea8e63a80407e1ae78ab65a8b6daa1e12a05dc76c378eade369b
deleted: sha256:f2a7df6cb062da6533659af582aa639cf8af805c5c895f7aff907113eaadf189
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
Total reclaimed space: 2.249GB
Pausing 60 seconds for database to come online. Please wait...
2022.10.0: Pulling from bitwarden/setup
Digest: sha256:b20826e60e6084ed5a727eea998433ae37ff7baa3b7dea05e6432fb6c65eb182
Status: Image is up to date for bitwarden/setup:2022.10.0
docker.io/bitwarden/setup:2022.10.0
Migrating database.
Database is in script upgrade mode. Trying again (attempt #2)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #3)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #4)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #5)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #6)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #7)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #8)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #9)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #10)...
Migrating database.
Unhandled exception. System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'sa'. Reason: Server is in script upgrade mode. Only administrator can connect at this time.
at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.Open()
at Bit.Migrator.DbMigrator.MigrateMsSqlDatabase(Boolean enableLogging, CancellationToken cancellationToken) in /home/runner/work/server/server/util/Migrator/DbMigrator.cs:line 47
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 196
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
at Bit.Setup.Program.Update() in /home/runner/work/server/server/util/Setup/Program.cs:line 158
at Bit.Setup.Program.Main(String[] args) in /home/runner/work/server/server/util/Setup/Program.cs:line 56
ClientConnectionId:a8a71078-ded4-4c3b-9c88-93ae9f34ce27
Error Number:18401,State:1,Class:14
Hi, sorry I am quite new to docker and I don't know if updating and versioning the repository is an automated process or something done manually.
After updating my docker container with Docker/self-host (beta) it is still 2023.02.0. whilst the latest GitHub version is 2023.03.01. Is it just taking some more time for the docker repository to be updated?
And I am feeling kind of stupid here: Is there a way to see the version of the bitwarden docker image over at docker before updating the container?
Best wishes,
Alex
hello guys,
I use VM with Ubuntu desktop on a Synology NAS.
I already installed Bitwarden with docker and can access the installation with https://localhost.
When I change the hostname in the global.override.conf for example in: https://bitwarden.local or bitwarden-xy.xy it does not work. Using an IP Address does not work either.
I checked the nginx config, and the hostname I choose is found there. But I still cannot access bitwarden with another name as localhost.
Does anyone have a solution for that?
It looks like there is an issue with updating self-hosted bitwarden instances. After some troubleshooting it looks like the source of the issue is the run script url in the bitwarden script. See below:
RUN_SCRIPT_URL="https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run"
This URL as of 2022-08-22T17:18:55Z UTC returns the following data:
StackExchange.Redis.RedisConnectionException: No connection is active/available to service this operation: GET self-host/run.sh; It was not possible to connect to the redis server(s). ConnectTimeout, mc: 1/1/0, mgr: 10 of 10 available, clientName: appfunctions-9dcc4d77c-l2ksx, IOCP: (Busy=0,Free=1000,Min=24,Max=1000), WORKER: (Busy=2,Free=32765,Min=24,Max=32767), v: 2.1.58.34321
---> StackExchange.Redis.RedisConnectionException: It was not possible to connect to the redis server(s). ConnectTimeout
--- End of inner exception stack trace ---
at StackExchange.Redis.ConnectionMultiplexer.ThrowFailed[T](TaskCompletionSource1 source, Exception unthrownException) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 2769 --- End of stack trace from previous location --- at Proxies.Downloads.GetDownloadUrlAsync(ValueTuple
4 valueTuple) in /home/runner/work/misc/misc/AzureFunctions/prod/AppFunctions/Downloads.cs:line 192
at Proxies.Downloads.Run(HttpRequest req, ILogger log) in /home/runner/work/misc/misc/AzureFunctions/prod/AppFunctions/Downloads.cs:line 174
It looks like it is probably an issue for both linux and windows users.
Hi,
I use bitwarden self-hosted on a Synology NAS with daily update mechanism. Since 29 Mar 2022 05:00 I get errors when trying auto updating.
So I tried to run the scheduled script manually and I get stuck in a user prompt while running bitwarden.sh updateself
asking
mv: replace '/volume1/docker/bitwarden.sh', overriding mode 0755 (rwxr-xr-x)?
After accepting question with entering Y, bitwarden.sh updateself
continues and ask no prompt anymore.
Please consider use of mv -f
instead of mv
in line 63.
Lines 60 to 68 in acdf6fc
user@DiskStation:/volume1/docker$ bash bitwarden.sh updateself
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 1.47.1
Docker version 20.10.3, build b455053
docker-compose version 1.28.5, build 324b023a
mv: replace '/volume1/docker/bitwarden.sh', overriding mode 0755 (rwxr-xr-x)?
On the admin page I have the follow image, that the version locally is out of date.
While if I do the updateself and update of the script it will say "no update needed".
When running docker ps, I do see the version at 2023.4.1
I assume that there is a fault in the display, or version in the code that makes the admin page thinking there is an update available while it is up-to-date
When using the environment variables to set the exposed ports:
- BW_PORT_HTTP=80
- BW_PORT_HTTPS=443
nginx doesn't start with the following error message:
nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)
I'm using a macvlan network so port mapping doesn't work.
Maybe it's possible to grant nginx privileges to bind to lower ports.
It seems that the beta tag on https://hub.docker.com/r/bitwarden/self-host is not getting updated automatically by the release process. This makes pulling the latest self-host beta version a little bit more tricky than it could be.
Would it make sense to change https://github.com/bitwarden/self-host/blob/master/.github/workflows/release.yml#L282 and currently tag beta
instead of latest
and make a corresponding comment that after GA that should be changed to latest
?
Hey, when trying to self-host on version 2023.9.1, I get this issue:
fail: Bit.Admin.HostedServices.DatabaseMigrationHostedService[0]
bitwarden-admin | Database unavailable for migration.
bitwarden-admin | Microsoft.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 35 - An internal exception was caught)
I followed everything here: https://bitwarden.com/help/install-on-premise-linux/
What am I doing incorrectly?
Hi,
I have successfully setup Bitwarden in an Alpine machine on my tiny ESXi server. Created account, imported passwords - setup Browser clients, All works fine!
Now I shut down this VM1 and copied it with VMware vCenter Converter Standalone Client to another datastore on the same ESXi server with a different name.
This was reported as successful I started The VM2 and called it with IP in the browser I can see the login screen BUT I cannot log in with email and master password which I used in the VM1 which is still working fine.
What have I done wrong?
Are there some commands to repair or update Bitwarden in the VM2 so that I con login there.
Pls. Advice
Many THX
I don't know when this stopped working I know for a fact it worked at some point but I had just noticed recently the container IP address is shown in the identity logs rather than the real client IP address. The container IP address is also prepended with "::ffff:" which appears to be "an IPv4 address placed inside an IPv6 space" according to what I've found online. This is not my post but closely describes the problem I am seeing: https://community.bitwarden.com/t/identity-log-still-showing-container-ip-instead-of-real-ip/12836
I've configured the real_ips parameter in config.yml correctly (has not changed since it stopped working).
real_ips:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
I've verified they are added to the nginx default.conf and that the header "X-Forwarded-For" is set (I assume this is done when you perform a rebuild).
root@bitwarden:/opt/bitwarden/bwdata/nginx# grep real_ip default.conf
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
root@bitwarden:/opt/bitwarden/bwdata/nginx#
172.16.0.0/12 should cover any IP address the container gets assigned (172.16.0.0 - 172.31.255.255).
When I trigger a failed login this is what I see in the identity logs.
2023-05-16 12:06:45.345 -04:00 [Warning] Failed login attempt. ::ffff:172.20.0.9
And this is what I see in the nginx access.log which shows the real IPv4 address of the client.
169.150.197.121 - - [16/May/2023:16:23:37 +0000] "POST /identity/accounts/prelogin HTTP/2.0" 200 72 "-" "Mozilla/5.0 (Windows NT 10.0; rv:115.0) Gecko/20100101 Firefox/115.0" "-"
169.150.197.121 - - [16/May/2023:16:23:41 +0000] "POST /identity/connect/token HTTP/2.0" 400 166 "-" "Mozilla/5.0 (Windows NT 10.0; rv:115.0) Gecko/20100101 Firefox/115.0" "-"
I have a hunch this is due to the "::ffff:" prefix I'm not sure if that was present when I first set up fail2ban I have IPv6 disabled on my host that's running bitwarden. I've tried commenting out the IPv6 listeners in the nginx config but I still get the same result.
Looking for some guidance I've tried to investigate this myself for the past couple weeks and have not made any progress. Perhaps there's some config parameter I can change to get the real IP address again. I found an email generated by fail2ban back in November 2022 banning an IP for Bitwarden failed login so I know this worked and I have not changed anything on my end so I assume something with Bitwarden/docker/etc changed.
#167 says Core Version and Web Version are upgraded to 2023.10.0
However Web Installed stays at 2023.9.2
vault.MYDOMAIN.com/admin/home/getinstalledwebversion returns: "2023.9.2"
Just updated my APP container to 2023.9.3-beta and Bitwarden now is sitting on +- 50% of VM CPU Usage:
As the base image is a very lightweigh Debian, i cannot check processes. Can someone help me with this?
On my test container all seems fine, only 5 users which are using the service as before. My docker-compose file:
version: "3.8"
services:
bitwarden:
container_name: Bitwarden-PRO
depends_on:
- db
env_file:
- ./env/bw-settings.env
image: bitwarden/self-host:2023.9.3-beta
restart: unless-stopped
ports:
- "8085:8080"
volumes:
- ./bitwarden:/etc/bitwarden
db:
container_name: BitwardenDB-PRO
env_file:
- ./env/db-settings.env
image: mariadb:10
restart: always
volumes:
- ./db:/var/lib/mysql
Thanks in advance.
Edit 1: Is even getting worse:
Since this feature was implemented I have not been able to get it to work with my self hosted install. When I open the browser extension and select "Log in with device" I can see the 5 word string, I then open the Bitwarden app on my phone which has "Approve login requests" enabled and select "Pending login requests" from the settings menu. I can see the request initiated from the browser extension and it has the same word string but when I click "Approve" nothing happens. The only thing I can see in the logs is from the identity container but it doesn't align with when I attempt to perform the device login.
2023-06-02 11:08:01.841 -04:00 [Error] Request to "https://push.bitwarden.com/push/register" is unsuccessful with status of BadRequest-"Bad Request"
Hello,
After update to 2022.6.2 i get Error response from daemon: network docker_default not found and not running.
bitwarden@srv:/opt/bitwarden$ ./bitwarden.sh start
Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2022.6.2
Docker version 20.10.17, build 100c701
Docker Compose version v2.6.1
[+] Running 13/13
⠿ Container bitwarden-attachments Removed 0.0s
⠿ Container bitwarden-icons Removed 0.0s
⠿ Container bitwarden-events Removed 0.0s
⠿ Container bitwarden-sso Removed 0.0s
⠿ Container bitwarden-notifications Removed 0.0s
⠿ Container bitwarden-nginx Removed 0.0s
⠿ Container bitwarden-api Removed 0.0s
⠿ Container bitwarden-admin Removed 0.0s
⠿ Container bitwarden-identity Removed 0.0s
⠿ Container bitwarden-web Removed 0.0s
⠿ Container bitwarden-mssql Removed 0.0s
⠿ Network docker_public Removed 0.2s
⠿ Network docker_default Removed 0.1s
[+] Running 11/11
⠿ identity Pulled 1.5s
⠿ icons Pulled 1.5s
⠿ events Pulled 1.5s
⠿ mssql Pulled 1.5s
⠿ admin Pulled 1.4s
⠿ attachments Pulled 1.5s
⠿ sso Pulled 1.4s
⠿ nginx Pulled 1.4s
⠿ api Pulled 1.4s
⠿ web Pulled 1.5s
⠿ notifications Pulled 1.5s
[+] Running 3/120
⠿ Network docker_public Created 0.0s
⠿ Container bitwarden-identity Starting 0.3s
⠿ Container bitwarden-api Starting 0.3s
⠿ Container bitwarden-mssql Starting 0.3s
⠿ Container bitwarden-sso Starting 0.3s
⠿ Container bitwarden-events Starting 0.3s
⠿ Container bitwarden-web Starting 0.3s
⠿ Container bitwarden-notifications Starting 0.3s
⠿ Container bitwarden-attachments Starting 0.3s
⠿ Container bitwarden-icons Starting 0.3s
⠿ Container bitwarden-admin Created 0.1s
⠿ Container bitwarden-nginx Created 0.1s
Error response from daemon: network docker_default not found
Please help to fix this.
Thank you.
I am trying to run a self hosted docker container. When my docker-compose boots bitwarden/self-host:beta
using podman:
podman create --name=bitwarden_bitwarden_1 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=bitwarden --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=bitwarden --label com.docker.compose.project.working_dir=/REDACTED --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=bitwarden --env-file /REDACTED/settings.env -v /REDACTED/data:/etc/bitwarden --net bitwarden_default --network-alias bitwarden -p 2000:8080 --restart always docker.io/bitwarden/self-host:beta
fd7a2181f92c523b68ca65cd9fcf6e04c31fa01cac52840784b24e9aa9bd8c6a
I get this output
2023-01-28 22:15:18,347 INFO Included extra file "/etc/supervisor.d/admin.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/api.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/events.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/icons.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/identity.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/nginx.ini" during parsing
2023-01-28 22:15:18,351 INFO Included extra file "/etc/supervisor.d/notifications.ini" during parsing
2023-01-28 22:15:18,353 INFO Included extra file "/etc/supervisor.d/scim.ini" during parsing
2023-01-28 22:15:18,354 INFO Included extra file "/etc/supervisor.d/sso.ini" during parsing
2023-01-28 22:15:18,359 INFO RPC interface 'supervisor' initialized
2023-01-28 22:15:18,359 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2023-01-28 22:15:18,360 INFO supervisord started with pid 40
2023-01-28 22:15:19,363 INFO spawned: 'identity' with pid 41
2023-01-28 22:15:19,367 INFO spawned: 'admin' with pid 42
2023-01-28 22:15:19,375 INFO spawned: 'api' with pid 43
2023-01-28 22:15:19,377 INFO spawned: 'icons' with pid 44
2023-01-28 22:15:19,381 INFO spawned: 'nginx' with pid 45
2023-01-28 22:15:19,406 INFO spawned: 'notifications' with pid 46
2023-01-28 22:15:20,913 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,010 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,011 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,016 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,026 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:22,031 INFO spawned: 'identity' with pid 83
2023-01-28 22:15:22,034 INFO spawned: 'admin' with pid 84
2023-01-28 22:15:22,044 INFO spawned: 'api' with pid 85
2023-01-28 22:15:22,047 INFO spawned: 'icons' with pid 86
2023-01-28 22:15:22,054 INFO spawned: 'notifications' with pid 87
2023-01-28 22:15:23,460 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,476 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,476 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,503 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,513 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:25,517 INFO spawned: 'identity' with pid 123
2023-01-28 22:15:25,520 INFO spawned: 'admin' with pid 124
2023-01-28 22:15:25,526 INFO spawned: 'api' with pid 125
2023-01-28 22:15:25,530 INFO spawned: 'icons' with pid 126
2023-01-28 22:15:25,534 INFO spawned: 'notifications' with pid 127
2023-01-28 22:15:27,016 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,019 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,070 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,090 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,090 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:30,097 INFO spawned: 'identity' with pid 163
2023-01-28 22:15:30,102 INFO spawned: 'admin' with pid 164
2023-01-28 22:15:30,108 INFO spawned: 'api' with pid 165
2023-01-28 22:15:30,114 INFO spawned: 'icons' with pid 166
2023-01-28 22:15:30,130 INFO spawned: 'notifications' with pid 167
2023-01-28 22:15:31,490 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,536 INFO gave up: icons entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,537 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,537 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,544 INFO gave up: api entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,545 INFO gave up: notifications entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,545 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,549 INFO gave up: identity entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,549 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:32,551 INFO gave up: admin entered FATAL state, too many start retries too quickly
2023-01-28 22:15:34,554 INFO success: nginx entered RUNNING state, process has stayed up for > than 15 seconds (startsecs)
and the container stays open, supervisord doesn't exit but all the sub processes (icons, api etc) are not running.
I discovered this because I could visit the login page and enter an email address but upon submitting the form the /api request 502s becuase the internal nginx proxy cannot speak to the its upstream
2023/01/28 22:19:53 [error] 50#50: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://[::1]:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [warn] 50#50: *5 upstream server temporarily disabled while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://[::1]:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [error] 50#50: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://127.0.0.1:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [warn] 50#50: *5 upstream server temporarily disabled while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://127.0.0.1:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
Can anyone recommend a next step to debugging this?
Thank you!
As described at https://bitwarden.com/de-DE/help/updating-on-premise/, I update my self-hosted version of Bitwarden. Unfortunately, the update script does not update because the version from the server itself still contains outdated version numbers. When I look into the bitwarden.sh file, I see this:
COREVERSION="2022.10.0"
WEBVERSION="2022.10.0"
KEYCONNECTORVERSION="2022.5.0"
If I look here https://hub.docker.com/r/bitwarden/server/tags, I see that 2022.11.1 is current.
it looks like the run.sh file called by bitwarden.sh is broken.
RUN_SCRIPT_URL="https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run"
This file seems to be an error message.
Attempting to update Bitwarden with the sudo ./bitwarden.sh update
command results in the following output:
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2023, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2023.10.2
Docker version 24.0.7, build afdd53b
docker-compose version 1.25.3, build d4d1b42b
"docker inspect" requires at least 1 argument.
See 'docker inspect --help'.
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Error response from daemon: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
Attempting to start Bitwarden with the sudo ./bitwarden.sh start
command results in the following, similar output:
_ _ _ _
| |__ (_) |___ ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V V / (_| | | | (_| | __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_|
Open source password management solutions
Copyright 2015-2023, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden
===================================================
bitwarden.sh version 2023.10.2
Docker version 24.0.7, build afdd53b
docker-compose version 1.25.3, build d4d1b42b
Pulling mssql ... error
Pulling web ... error
Pulling attachments ... error
Pulling api ... error
Pulling identity ... error
Pulling sso ... error
Pulling admin ... error
Pulling icons ... error
Pulling notifications ... error
Pulling events ... error
Pulling nginx ... error
ERROR: for web error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for icons error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for events error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for attachments error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for sso error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for identity error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for nginx error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for mssql error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for notifications error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for admin error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: for api error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
Context
Linux bitwarden 5.15.0-88-generic #98-Ubuntu SMP Mon Oct 2 15:18:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
, with no pending updates.$ curl https://bitwarden.com -I
HTTP/2 200
x-build-fragments: true
cache-control: public, max-age=0, must-revalidate
etag: MjAyMy0xMS0wN1QwNDo1NDozMi41MjZa
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
content-security-policy: default-src 'self'; base-uri 'self'; child-src blob:; connect-src 'self' https: https://*.algolia.net https://*.algolianet.com https://insights.algolia.io https://func.bitwarden.com https://status.bitwarden.com https://us-central1-adaptive-growth.cloudfunctions.net https://pdf-convert.bitwarden.com https://aorta.clickagy.com https://hemsync.clickagy.com https://ws.zoominfo.com https://bitwarden.freshsales.io https://stats.g.doubleclick.net https://www.google-analytics.com https://api.hubapi.com https://forms.hubspot.com https://forms.hsforms.com https://hubspot-forms-static-embed.s3.amazonaws.com https://bat.bing.com https://cdn.linkedin.oribi.io https://i.clarity.ms https://scout.salesloft.com https://script.crazyegg.com https://tattle.api.osano.com; img-src 'self' data: https: https://*.algolia.net https://images.ctfassets.net https://www.google.com https://www.google-analytics.com https://i.ytimg.com https://*.hsforms.com https://track.hubspot.com https://analytics.twitter.com https://t.co https://alb.reddit.com https://aorta.clickagy.com https://bat.bing.com https://i.vimeocdn.com https://id.rlcdn.com https://idsync.rlcdn.com https://insight.adsrvr.org https://px.ads.linkedin.com https://p.adsymptotic.com https://stags.bluekai.com; font-src 'self' data: ; form-action 'self' https://forms.hsforms.com https://www.facebook.com; frame-ancestors 'none'; frame-src https://*.doubleclick.net https://boards.greenhouse.io https://s.company-target.com https://docs.google.com https://forms.hsforms.com https://player.vimeo.com https://preview.widgets.ninetailed.io/ https://us02web.zoom.us https://www.facebook.com/ https://www.googletagmanager.com https://www.youtube.com https://*.hs-sites.com; manifest-src 'self'; object-src 'none'; report-uri https://csp-report.browser-intake-us3-datadoghq.com/api/v2/logs?dd-api-key=pub41b0937554d4ab91e35c9ae62433371b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.hs-analytics.net https://js.hs-banner.com https://js.hs-scripts.com https://js.hsadspixel.net https://js.hscollectedforms.net https://js.hsforms.net https://js.hubspot.com https://amplify.outbrain.com https://tr.outbrain.com https://wave.outbrain.com https://j.6sc.co https://tag.demandbase.com https://a.quora.com https://amplify.outbrain.com https://assets.freshsales.io https://bat.bing.com https://boards.greenhouse.io https://cdn.jsdelivr.net/npm/[email protected] https://cdn.pdst.fm https://cmp.osano.com https://connect.facebook.net https://mountain.com https://*.mountain.com https://extend.vimeocdn.com https://googleads.g.doubleclick.net https://libraries.hund.io https://ml314.com https://*.ml314.com https://player.vimeo.com https://plausible.io https://script.crazyegg.com https://scout-cdn.salesloft.com https://snap.licdn.com https://static.ads-twitter.com https://tag.clearbitscripts.com https://tags.clickagy.com https://ws.zoominfo.com https://www.clarity.ms https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.redditstatic.com https://x.clearbitjs.com; style-src 'self' 'unsafe-inline' https://libraries.hund.io; worker-src 'self' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 09:05:37 GMT
via: 1.1 varnish
age: 3874
x-served-by: cache-lhr7337-LHR
x-cache: HIT
x-cache-hits: 1
x-timer: S1699347937.025829,VS0,VE3
vary: Accept-Encoding
server: GatsbyHosting
After upgrade to latest beta, bitwarden could not autheticate user and mariadb is full of log as this:
2024-01-22 13:51:10 441 [Warning] Aborted connection 441 to db: 'xxxxx' user: 'yyyyyyy' host: 'zzzzzzzzz' (Got an error reading communication packets)
Note: i tried to use also the dev image, but it's the same.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.