search

dani-garcia / vaultwarden

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
GNU Affero General Public License v3.0
38.51k stars 1.87k forks source link

Cannot read property 'importKey' of null #872

Closed Etelis2019 closed 4 years ago

Etelis2019 commented 4 years ago

I run bitwarden on ubuntu 18.4 aws , now I understand that I need HTTPS in order to run this on chrome or use chrome expansion.

I went to the wiki but I couldnt figure out how to make the connection HTTPS I mean, please can you direct me to a method that explains how to do SSL certification on that docker container.

sorry about the noob question

Gasur commented 4 years ago

You should probably look at running a reverse proxy, especially if you run more websites. If you only use Docker, I would recommend Traefik as it is super easy to set up. Else Caddy is very user friendly too.

Etelis2019 commented 4 years ago

You should probably look at running a reverse proxy, especially if you run more websites. If you only use Docker, I would recommend Traefik as it is super easy to set up. Else Caddy is very user friendly too.

Hey thank you so much for the reply. I have installed Traefik, set it up using this guide https://www.digitalocean.com/community/tutorials/how-to-use-traefik-as-a-reverse-proxy-for-docker-containers-on-ubuntu-18-04

Also combined the domain I bought with the AWS dns of my server so now I have the subdomain monitor.myserver.club running and it is SSL, and I have also bitwarden installed on the docker, but how do I combine them so the bitwarden runs through Traefik? I really do try to understand and find but I cannot figure that out :(

dennisgerding commented 4 years ago

Dear @Etelis2019, it looks like you have Traefik up and running. Good job! Now you should add the proper labels to your bitwarden container so Traefik knows what to do. You can find an example of that here. I'll also post my docker-compose.yml below so you have another example. Hope it helps! 

version: '2.0'

services:
  bitwarden_rs:
    image: bitwardenrs/server:alpine
    container_name: bitwarden_rs
    restart: always
    volumes:
      - /opt/docker/bitwarden_rs/bw-data:/data
    networks:
      - proxy
    environment:
      LOG_FILE: '/data/bitwarden.log'
      LOG_LEVEL: 'warn'
      EXTENDED_LOGGING: 'true'
      WEBSOCKET_ENABLED: 'true'
    labels:
      - "traefik.enable=true"
## TRAEFIK VAULT ##
      - "traefik.http.routers.bitwarden-secure.entrypoints=https"
      - "traefik.http.routers.bitwarden-secure.rule=Host(`vault.domain.nl`)"
      - "traefik.http.routers.bitwarden-secure.tls=true"
      - "traefik.http.routers.bitwarden-secure.tls.certresolver=http"
      - "traefik.http.routers.bitwarden-secure.service=bitwarden"
      - "traefik.http.routers.bitwarden-secure.middlewares=security-headers@file"
      - "traefik.http.services.bitwarden.loadbalancer.server.port=80"
## TRAEFIK ADMIN ##
      - "traefik.http.routers.bitwarden-secure-admin.entrypoints=https"
      - "traefik.http.routers.bitwarden-secure-admin.rule=Host(`vault.domain.nl`) && Path(`/admin`)"
      - "traefik.http.routers.bitwarden-secure-admin.tls=true"
      - "traefik.http.routers.bitwarden-secure-admin.tls.certresolver=http"
      - "traefik.http.routers.bitwarden-secure-admin.service=bitwarden-admin"
      - "traefik.http.routers.bitwarden-secure-admin.middlewares=sysop-auth@file,security-headers@file"
      - "traefik.http.services.bitwarden-admin.loadbalancer.server.port=80"
## TRAEFIK WEBSOCKET ##
      - "traefik.http.routers.bitwarden-secure-websocket.rule=Host(`vault.domain.nl`) && Path(`/notifications/hub`)"
      - "traefik.http.routers.bitwarden-secure-websocket.entrypoints=https"
      - "traefik.http.routers.bitwarden-secure-websocket.tls=true"
      - "traefik.http.routers.bitwarden-secure-websocket.tls.certresolver=http"
      - "traefik.http.routers.bitwarden-secure-websocket.service=bitwarden-websocket"
      - "traefik.http.routers.bitwarden-secure-websocket.middlewares=security-headers@file"
      - "traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012"
## TRAEFIK NETWORK ##
      - "traefik.docker.network=proxy"

networks:
  proxy:
    external: true
Etelis2019 commented 4 years ago

version: '2.0'

services: bitwarden_rs: image: bitwardenrs/server:alpine container_name: bitwarden_rs restart: always volumes:

  • /opt/docker/bitwarden_rs/bw-data:/data networks:
  • proxy environment: LOG_FILE: '/data/bitwarden.log' LOG_LEVEL: 'warn' EXTENDED_LOGGING: 'true' WEBSOCKET_ENABLED: 'true' labels:
  • "traefik.enable=true"

    TRAEFIK VAULT

  • "traefik.http.routers.bitwarden-secure.entrypoints=https"
  • "traefik.http.routers.bitwarden-secure.rule=Host(vault.domain.nl)"
  • "traefik.http.routers.bitwarden-secure.tls=true"
  • "traefik.http.routers.bitwarden-secure.tls.certresolver=http"
  • "traefik.http.routers.bitwarden-secure.service=bitwarden"
  • "traefik.http.routers.bitwarden-secure.middlewares=security-headers@file"
  • "traefik.http.services.bitwarden.loadbalancer.server.port=80"

    TRAEFIK ADMIN

  • "traefik.http.routers.bitwarden-secure-admin.entrypoints=https"
  • "traefik.http.routers.bitwarden-secure-admin.rule=Host(vault.domain.nl) && Path(/admin)"
  • "traefik.http.routers.bitwarden-secure-admin.tls=true"
  • "traefik.http.routers.bitwarden-secure-admin.tls.certresolver=http"
  • "traefik.http.routers.bitwarden-secure-admin.service=bitwarden-admin"
  • "traefik.http.routers.bitwarden-secure-admin.middlewares=sysop-auth@file,security-headers@file"
  • "traefik.http.services.bitwarden-admin.loadbalancer.server.port=80"

    TRAEFIK WEBSOCKET

  • "traefik.http.routers.bitwarden-secure-websocket.rule=Host(vault.domain.nl) && Path(/notifications/hub)"
  • "traefik.http.routers.bitwarden-secure-websocket.entrypoints=https"
  • "traefik.http.routers.bitwarden-secure-websocket.tls=true"
  • "traefik.http.routers.bitwarden-secure-websocket.tls.certresolver=http"
  • "traefik.http.routers.bitwarden-secure-websocket.service=bitwarden-websocket"
  • "traefik.http.routers.bitwarden-secure-websocket.middlewares=security-headers@file"
  • "traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012"

    TRAEFIK NETWORK

  • "traefik.docker.network=proxy"

networks: proxy: external: true

Thank you so much for the detailed information you have provided. I have used your conf changed network to web (as this is the name I gave) and ran the code, eveything worked with no errors. I entered my monitor page and saw the following: https://prnt.sc/r6fwc5 that my Host:bitwarden-rs.ubuntu.etelis.club as I run my server using AWS I went to route 53 and added bitwarden-rs.ubuntu as a subdomain https://prnt.sc/r6fw32

but now when I try to access it bitwarden-rs.ubuntu.etelis.club it wont load :(

dennisgerding commented 4 years ago

Hi @Etelis2019, I use Traefik v2.1 which has complete different configuration options compared to v1.0...

But I suspect if you go to bitwarden-rs.ubuntu.etelis.club you should at least see an error from Traefik (e.g. bad gateway or not found). If you see the Traefik error I suspect the frontend or backend router is not configured properly. If you don’t see anything at all (e.g. dns error or server not found in your browser) I suspect it is because your dns settings are incorrect.

-- edit -- When I try to access bitwarden-rs.ubuntu.etelis.club I get a dns error so you probably have to check your dns settings

C:\Users\dege016>nslookup bitwarden-rs.ubuntu.etelis.club
Server:  pihole
Address:  192.168.1.254

*** pihole can't find bitwarden-rs.ubuntu.etelis.club: Server failed

C:\Users\dege016>

Hope this helps! Dennis

Etelis2019 commented 4 years ago

Hi @Etelis2019, I use Traefik v2.1 which has complete different configuration options compared to v1.0...

But I suspect if you go to bitwarden-rs.ubuntu.etelis.club you should at least see an error from Traefik (e.g. bad gateway or not found). If you see the Traefik error I suspect the frontend or backend router is not configured properly. If you don’t see anything at all (e.g. dns error or server not found in your browser) I suspect it is because your dns settings are incorrect.

-- edit -- When I try to access bitwarden-rs.ubuntu.etelis.club I get a dns error so you probably have to check your dns settings

C:\Users\dege016>nslookup bitwarden-rs.ubuntu.etelis.club
Server:  pihole
Address:  192.168.1.254

*** pihole can't find bitwarden-rs.ubuntu.etelis.club: Server failed

C:\Users\dege016>

Hope this helps! Dennis

But I have added this on the route53 on AWS with the same DNS and also with the IPV4 adress as showen in the picture, have I done a misstake adding subdomain?

dennisgerding commented 4 years ago

I have no experience in AWS so I'm afraid I can't help you with this... I'm sorry. I'm glad to help you again when this dns issue is resolved. Sorry mate!

Gasur commented 4 years ago

Do you have an internal DNS server? If the answer is "no" or "I don't know", then type nslookup bitwarden-rs.ubuntu.etelis.club. (note the dot at the end).

Anyways, the issue is that that domain is not properly configured. Post a screenshot of your DNS config, and I can take a look at it.

Etelis2019 commented 4 years ago

figured eveything out! working like a champ! thank you guys!

madereddy commented 4 years ago

Can you post your completed Traefik 2.1 setup file? I have 1.7 running now and need to upgrade to 2.1.

Etelis2019 commented 4 years ago

I did not change =d a thing actually

dani-garcia commented 4 years ago

Closed due to inactivity.