search

DoTheEvo / selfhosted-apps-docker

Guide by Example
1.71k stars 122 forks source link

Bitwardenrs LAN Access #2

Closed Borlean closed 4 years ago

Borlean commented 4 years ago

Thanks for the walkthrough, easy to follow and i'm able to use Caddy to access the bitwardenrs container from outside the network. Much appreciated. However, I'm not able to connect within the network via LAN.

I can see the homepage when using 192.168.1.8:8023, but receive an error message "This Browser requires HTTPS to use the web vault" So, tired using https://192.168.1.8:8023, but that results in a Secure Connection Failed PR_END_OF_FILE_ERROR. What settings are needed in Caddy for network access? yml and Caddy files are below. What is needed in Caddy to generate the cert for local access?

Also, using the passwd.mywebsite.com when in network says "The connection has timed out". Can you use the domain address while in network or are you forced to use a local IP?

Both Caddy and Bitwardenrs are on the same machine.

yml File

version: '3.7'
networks:
  default:
    external:
      name: $DEFAULT_NETWORK
services:
  caddy:
    image: caddy/caddy
    container_name: caddy
    hostname: caddy
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
      - 8023:8023
    environment:
      - MY_DOMAIN
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - ./data:/data
      - ./config:/config

  bitwardenrs:
    container_name: bitwarden
    image: bitwardenrs/server:latest
    hostname: bitwarden
    volumes:
      - /share/appdata/bitwarden-data/:/data/
    ports:
      - 8023:80
      - 3012:3012
    env_file: .env
    restart: unless-stopped

.env:

MY_DOMAIN=mywebsite.com
DEFAULT_NETWORK=caddy_net
TZ=America/New_York

# BITWARDEN
ADMIN_TOKEN= randomkey
SIGNUPS_ALLOWED=false
WEBSOCKET_ENABLED=true

Caddyfile:

# Bitwarden vai website
passwd.{$MY_DOMAIN} {
    header / {
       X-XSS-Protection "1; mode=block"
       X-Frame-Options "DENY"
       X-Robots-Tag "none"
       -Server
    }
    encode gzip
    reverse_proxy /notifications/hub/negotiate bitwarden:80
    reverse_proxy /notifications/hub bitwarden:3012
    reverse_proxy bitwarden:80
}

# Bitwarden local 
localhost:8023 {
    header / {
       X-XSS-Protection "1; mode=block"
       X-Frame-Options "DENY"
       X-Robots-Tag "none"
       -Server
    }
    encode gzip
    reverse_proxy /notifications/hub/negotiate bitwarden:80
    reverse_proxy /notifications/hub bitwarden:3012
    reverse_proxy bitwarden:80
}
DoTheEvo commented 4 years ago

https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/caddy_v2#--editing-hosts-file https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/dnsmasq

Borlean commented 4 years ago

Thanks for the response. Missed that in the install.