Closed mobizent closed 4 years ago
I think you should change cert.pem to fullchain.pem. There's explanation in the wiki.
I think you should change cert.pem to fullchain.pem. There's explanation in the wiki.
I did that too... still the same issue
But if i run it on port 8088 without SSL it works just fine
sudo docker run -d --name bitwarden -v /opt/bitwarden/:/data/ -p 8088:80 bitwardenrs/server:alpine
The paths in ROCKET_TLS
need to be from the perspective of the container, i.e. /ssl/<pem-file>
, not /opt/bitwarden/keys/<pem-file>
.
The paths in
ROCKET_TLS
need to be from the perspective of the container, i.e./ssl/<pem-file>
, not/opt/bitwarden/keys/<pem-file>
.
thanks..
the /ssl is on the host OR within the container?
how do i map the wildcard CA certs to the container then? can i do -v /opt/bitwarden/keys to /ssl mount point?
The paths in
ROCKET_TLS
need to be from the perspective of the container, i.e./ssl/<pem-file>
, not/opt/bitwarden/keys/<pem-file>
.
but when i use the earlier option, the SSL cert & key file gets copied into the container ssl folder
The paths in
ROCKET_TLS
need to be from the perspective of the container, i.e./ssl/<pem-file>
, not/opt/bitwarden/keys/<pem-file>
.
I tried this
docker run -d --name bitwarden -e ROCKET_TLS='{certs="/ssl/fullchain.pem",key="/ssl/key.pem"}' -v /opt/bitwarden/keys/:/ssl/ -v /opt/bitwarden/:/data/ -p 7443:8088 bitwardenrs/server:alpine
& now get this in the log
[2020-02-24 03:49:21][start][INFO] Rocket has launched from https://0.0.0.0:80
& i'm not able to access the web interface
You should probably read https://docs.docker.com/storage/bind-mounts/. Your current command should work, but you haven't explained what exactly "doesn't work" (e.g., error messages), and there are other aspects of your config that haven't been provided that could also have problems.
You should probably read https://docs.docker.com/storage/bind-mounts/. Your current command should work, but you haven't explained what exactly "doesn't work" (e.g., error messages), and there are other aspects of your config that haven't been provided that could also have problems.
sorry, i've edited my reply earlier with what i see in the log
do i need to change ownership of the cert & key file to other than root?
root ownership is fine. Your log messages now suggest that it started up fine. However, it's listening on port 80 (not 8088) in the container. You would need to pass -p 7443:80
.
root ownership is fine. Your log messages now suggest that it started up fine. However, it's listening on port 80 (not 8088) in the container. You would need to pass
-p 7443:80
.
Thanks. It works now..
Subject of the issue
Container stops on error with Custom Wildcard SSL
Your environment
Bitwarden_rs version: bitwardenrs/server:alpine
Install method: Docker Image
Other relevant information:
Ran the container with
docker run -d --name bitwarden -e ROCKET_TLS='{certs="/opt/bitwarden/keys/cert.pem",key="/opt/bitwarden/keys/key.pem"}' -v /opt/bitwarden/keys/:/ssl/ -v /opt/bitwarden/:/data/ -p 7443:8088 bitwardenrs/server:alpine
the container errors out with this error message
PS: I'm running on 7443 as i have other container running on 443
But if i run this
docker run -d --name bitwarden -v /opt/bitwarden/:/data/ -v /opt/bitwarden/keys/:/ssl/ -it ubuntu bash
the SSL files are in the container
[https://i.imgur.com/L56LFwn.png](Screenshot of SSL folder)
I tried removing the "" but still same result.
The SSL certs are in the local directory