I get an MySqlConnector.MySqlException (0x80004005): Unable to connect to any of the specified MySQL hosts. error using the RUN method of the unified deployment.

Set up on: Debian 12
Docker version: 24.0.7
Created DB: Mysql/MariaDB

running via RUN sudo docker run -d --name bitwarden -v /$(pwd)/bwdata/:/etc/bitwarden -p 443:8443 --env-file settings.env bitwarden/self-host:beta

MariaDB is set up on the same host directly, without docker.

Logs & settings.env:
admin.log
api.log
identity.log
notifications.log
settings.env.txt

hello guys,

I use VM with Ubuntu desktop on a Synology NAS.

I already installed Bitwarden with docker and can access the installation with https://localhost.

When I change the hostname in the global.override.conf for example in: https://bitwarden.local or bitwarden-xy.xy it does not work. Using an IP Address does not work either.

I checked the nginx config, and the hostname I choose is found there. But I still cannot access bitwarden with another name as localhost.

Does anyone have a solution for that?

Hi, sorry I am quite new to docker and I don't know if updating and versioning the repository is an automated process or something done manually.

After updating my docker container with Docker/self-host (beta) it is still 2023.02.0. whilst the latest GitHub version is 2023.03.01. Is it just taking some more time for the docker repository to be updated?

And I am feeling kind of stupid here: Is there a way to see the version of the bitwarden docker image over at docker before updating the container?

Best wishes,
Alex

I have the same problem as issue #186.

We first deploy self host image version 2023.5.0. We add a Collection to our Organization. Afeter that, we can add user to Collection and set permission. After upgrade to latest version, we are unable to add user to Collection and set permission (we try with user with different permission, no one is working, even if it is an Administrator).
So, we tried to downgrade to 2023.7.0-beta (that is the oldest version currently available on docker hub) and the problem is still there.
Actually we can't downgrade to 2023.5.0 version, because it is no longer present on docker hub.

We try to search into application log, but there is nothing releated to this problem. The changelogs on github between different versions are useless, as they are very generic. Have there been any changes in the application management functions that may have broken the functionality?

I really wish we can deploy Bitwarden on Kubernetes because high availability, and to ease the use on enterprise platform to self-host on Google Cloud or Azure.

https://github.com/mcfedr/bitwarden-chart is a good starting point

INFO exited: admin (terminated by SIGABRT (core dumped); not expected)
Clicking CREATE ACCOUNT on startup page doesn't do anything.

It doesnt matter if I choose to install mariadb or postgres.
my portainer compose and stack.env below:

---
version: "3.8"

services:
  bitwarden:
    depends_on:
      - db
    env_file:
      - stack.env
    image: ${REGISTRY:-bitwarden}/self-host:${TAG:-latest}
    restart: always
    ports:
      - "7080:8080"
      - "7443:8443"
    volumes:
      - bitwarden:/etc/bitwarden
      - logs:/var/log/bitwarden



  # PostgreSQL Example
  db:
    environment:
      POSTGRES_USER: "bitwarden"
      POSTGRES_PASSWORD: "super_strong_password"
      POSTGRES_DB: "bitwarden_vault"
    image: postgres:14
    restart: always
    volumes:
      - data:/var/lib/postgresql/data

  # MS SQL Server Example
  # Docs: https://learn.microsoft.com/en-us/sql/linux/sql-server-linux-docker-container-deployment
  # db:
  #   environment:
  #     MSSQL_SA_PASSWORD: "super_strong_password"
  #     ACCEPT_EULA: Y
  #   image: mcr.microsoft.com/mssql/server:2019-latest
  #   restart: always
  #   volumes:
  #     - data:/var/opt/mssql

volumes:
  bitwarden:
  logs:
  data:
  
networks:
  default:
    external: true
    name: chw

my stack.env added as environment variables in portainer:

BW_DOMAIN=sub.domain.com (using outside real fqdn)
BW_DB_PROVIDER=postgresql
BW_DB_SERVER=db
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=bitwarden
BW_DB_PASSWORD=mysuperstrongpass
BW_INSTALLATION_ID=my id got from bitwarden website
BW_INSTALLATION_KEY=my key got from bitwarden website
COMPOSE_PROJECT_NAME=bitwarden
REGISTRY=bitwarden
TAG=dev

Self hosted backup files are being created with a file name which includes the UTC date and time as part of the filename itself, but with a file timestamp (modified time) based on Local time.

This is confusing, and should be corrected. Especially as it may be assumed that the backups are being taken at the local time shown in the filename, when in fact they are not. Additionally, one would assume the backups would be taken at midnight, but in fact they are being taken at midnight UTC which may be quite unexpected in many cases.

Also, some backup files are being created just one minute after the previous backup, while others are created one day after the previous backup. Again, confusing. One backup every 24 hours is what I would suspect most people would assume should happen.

Please see the screen shot below:

While the above is a bug report, it is related to the following feature request:
https://community.bitwarden.com/t/feature-request-self-hosting-respect-for-local-time-zone/53130

After updating to 2022.6.2, I was unable to access the web interface for my self-hosted instance. I checked the nginx error.log and saw the following error flooding the log:

[emerg] 1#1: invalid number of arguments in "server_name" directive in /etc/nginx/conf.d/default.conf:11

Checking bwdata/nginx/default.conf line 11, I saw the server_name directive was blank. Adding in localhost and restarting bitwarden solved the issue.

I did not see any errors during the update and made no other changes when updating.

I know the stable release doesn't officially launch until 6/10/23, and that the self hosted documentation doesn't specifically call out any OS versions, but I wanted to confirm that this is going to be supported on launch day.

Hi. After updating the script to the latest version and then running the update command, I am receiving the following error,

| |__ () |__ ____ _ _ __ _| | ___ _ __
| ' | | \ \ /\ / / | '__/ _ |/ _ \ '
| |) | | | \ V V / (| | | | (| | / | | |
|_./||_| _/_/ _,|| _,_|_|| ||

Open source password management solutions
Copyright 2015-2024, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2024.1.0
Docker version 24.0.7, build afdd53b
Docker Compose version v2.20.3

[+] Running 13/13
✔ Container bitwarden-icons Removed 1.4s
✔ Container bitwarden-notifications Removed 1.4s
✔ Container bitwarden-sso Removed 1.3s
✔ Container bitwarden-events Removed 1.1s
✔ Container bitwarden-attachments Removed 1.0s
✔ Container bitwarden-nginx Removed 1.5s
✔ Container bitwarden-web Removed 0.6s
✔ Container bitwarden-api Removed 1.0s
✔ Container bitwarden-identity Removed 0.9s
✔ Container bitwarden-admin Removed 0.9s
✔ Container bitwarden-mssql Removed 0.8s
✔ Network docker_public Removed 0.2s
✔ Network docker_default Removed 0.3s
2024.1.0: Pulling from bitwarden/setup
b5a0d5c14ba9: Pull complete
633d76141204: Pull complete
1848b362d065: Pull complete
fbe27472c7a1: Pull complete
f1dad1ba8f85: Pull complete
5086debf0418: Pull complete
e092098130a8: Pull complete
0d0f68a904a8: Pull complete
b60aca579b54: Pull complete
ce406edb9606: Pull complete
Digest: sha256:*****
Status: Downloaded newer image for bitwarden/setup:2024.1.0
docker.io/bitwarden/setup:2024.1.0

Unhandled exception. YamlDotNet.Core.YamlException: (Line: 90, Col: 11, Idx: 3822) - (Line: 90, Col: 25, Idx: 3836): Exception during deserialization
---> System.InvalidCastException: Invalid cast from 'System.String' to 'System.Collections.Generic.List1[[System.String, System.Private.CoreLib, Version=6.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]'. at System.Convert.DefaultToType(IConvertible value, Type targetType, IFormatProvider provider) at System.String.System.IConvertible.ToType(Type type, IFormatProvider provider) at System.Convert.ChangeType(Object value, Type conversionType, IFormatProvider provider) at YamlDotNet.Serialization.Utilities.TypeConverter.ChangeType(Object value, Type destinationType, CultureInfo culture) at YamlDotNet.Serialization.Utilities.TypeConverter.ChangeType(Object value, Type destinationType) at YamlDotNet.Serialization.NodeDeserializers.ScalarNodeDeserializer.YamlDotNet.Serialization.INodeDeserializer.Deserialize(IParser parser, Type expectedType, Func3 nestedObjectDeserializer, Object& value)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
--- End of inner exception stack trace ---
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.AliasValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.<>c__DisplayClass3_0.b__0(IParser r, Type t)
at YamlDotNet.Serialization.NodeDeserializers.ObjectNodeDeserializer.YamlDotNet.Serialization.INodeDeserializer.Deserialize(IParser parser, Type expectedType, Func`3 nestedObjectDeserializer, Object& value)
at YamlDotNet.Serialization.ValueDeserializers.NodeValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.ValueDeserializers.AliasValueDeserializer.DeserializeValue(IParser parser, Type expectedType, SerializerState state, IValueDeserializer nestedObjectDeserializer)
at YamlDotNet.Serialization.Deserializer.Deserialize(IParser parser, Type type)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](IParser parser)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](TextReader input)
at YamlDotNet.Serialization.Deserializer.Deserialize[T](String input)
at Bit.Setup.Context.LoadConfiguration() in /home/runner/work/server/server/util/Setup/Context.cs:line 154
at Bit.Setup.Program.RebuildConfigs() in /home/runner/work/server/server/util/Setup/Program.cs:line 312
at Bit.Setup.Program.Update() in /home/runner/work/server/server/util/Setup/Program.cs:line 162
at Bit.Setup.Program.Main(String[] args) in /home/runner/work/server/server/util/Setup/Program.cs:line 56
root@bitwarden:/home/kc#

I have never had an issue updating before. This is on a ubuntu VM. I was able to restore a snapshot and everything is back fine with the previous version. I did try the update again and received the same error. Any suggestions ? Thanks

Hi!

I have been unable to update my Debian 12 selfhosted instance of bitwarden since 2023.10.3: once the update completes my instance becames inaccesible from both web and client. A downgrade back to 2023.10.3 returns full functionality.

When accessing a 2024.1.0 server, the browser console (Chrome and Firefox) returns a 500 error relating to identity connections tokens and the identity logs show the following:

2024-01-13 15:49:17.946 +00:00 [Error] Connection id ""0HN0K9R2L8GSH"", Request id ""0HN0K9R2L8GSH:00000002"": An unhandled exception was thrown by the application.
System.Security.Cryptography.CryptographicException: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information. For more information go to http://aka.ms/dataprotectionwarning
---> System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlReader.MoveToContent()
at System.Xml.Linq.XElement.Load(XmlReader reader, LoadOptions options)
at System.Xml.Linq.XElement.Load(Stream stream, LoadOptions options)
at System.Xml.Linq.XElement.Load(Stream stream)
at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.ReadElementFromFile(String fullPath)
at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElementsCore()+MoveNext()
at System.Collections.Generic.List1..ctor(IEnumerable1 collection)
at System.Linq.Enumerable.ToList[TSource](IEnumerable1 source) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElements() at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.GetAllKeys() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow, Boolean forceRefresh) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRing() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) --- End of inner exception stack trace --- at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Protect(IDataProtector protector, String plaintext) at Duende.IdentityServer.Stores.Serialization.PersistentGrantSerializer.Serialize[T](T value) in /_/src/Storage/Stores/Serialization/PersistentGrantSerializer.cs:line 61 at Duende.IdentityServer.Stores.DefaultGrantStore1.StoreItemByHashedKeyAsync(String hashedKey, T item, String clientId, String subjectId, String sessionId, String description, DateTime created, Nullable1 expiration, Nullable1 consumedTime) in /_/src/IdentityServer/Stores/Default/DefaultGrantStore.cs:line 211
at Duende.IdentityServer.Stores.DefaultGrantStore1.CreateItemAsync(T item, String clientId, String subjectId, String sessionId, String description, DateTime created, Int32 lifetime) in /_/src/IdentityServer/Stores/Default/DefaultGrantStore.cs:line 173 at Duende.IdentityServer.Stores.DefaultRefreshTokenStore.StoreRefreshTokenAsync(RefreshToken refreshToken) in /_/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs:line 43 at Duende.IdentityServer.Services.DefaultRefreshTokenService.CreateRefreshTokenAsync(RefreshTokenCreationRequest request) in /_/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs:line 223 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.CreateAccessTokenAsync(ValidatedTokenRequest request) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 454 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessTokenRequestAsync(TokenRequestValidationResult validationResult) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 336 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessAsync(TokenRequestValidationResult request) in /_/src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 98 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context) in /_/src/IdentityServer/Endpoints/TokenEndpoint.cs:line 128 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context) in /_/src/IdentityServer/Endpoints/TokenEndpoint.cs:line 81 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in /_/src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 101 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in /_/src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 117 at Duende.IdentityServer.Hosting.MutualTlsEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes) in /_/src/IdentityServer/Hosting/MutualTlsEndpointMiddleware.cs:line 95 at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Duende.IdentityServer.Hosting.DynamicProviders.DynamicSchemeAuthenticationMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/DynamicProviders/DynamicSchemes/DynamicSchemeAuthenticationMiddleware.cs:line 50 at Duende.IdentityServer.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in /_/src/IdentityServer/Hosting/BaseUrlMiddleware.cs:line 27 at Bit.Core.Utilities.CurrentContextMiddleware.Invoke(HttpContext httpContext, ICurrentContext currentContext, GlobalSettings globalSettings) in /home/runner/work/server/server/src/Core/Utilities/CurrentContextMiddleware.cs:line 19 at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Bit.SharedWeb.Utilities.ServiceCollectionExtensions.<>c__DisplayClass11_0.<<UseDefaultMiddleware>b__1>d.MoveNext() in /home/runner/work/server/server/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs:line 572 --- End of stack trace from previous location --- at Microsoft.AspNetCore.Builder.Extensions.UsePathBaseMiddleware.InvokeCore(HttpContext context, PathString matchedPath, PathString remainingPath) at Bit.Identity.Startup.<>c__DisplayClass10_1.<<Configure>b__2>d.MoveNext() in /home/runner/work/server/server/src/Identity/Startup.cs:line 180 --- End of stack trace from previous location --- at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication1 application)

I attempted to follow the openssl procedure indicated here (bitwarden/server#1528) (with the -legacy option added due to RC being deprecated) but it lead to no result.

I apologise if my bug statement is incomplete or non-valid, but I received no help in the past 30 days on the forum and the issue has very repeatable for the past two update cycles.

As described at https://bitwarden.com/de-DE/help/updating-on-premise/, I update my self-hosted version of Bitwarden. Unfortunately, the update script does not update because the version from the server itself still contains outdated version numbers. When I look into the bitwarden.sh file, I see this:

COREVERSION="2022.10.0"
WEBVERSION="2022.10.0"
KEYCONNECTORVERSION="2022.5.0"

If I look here https://hub.docker.com/r/bitwarden/server/tags, I see that 2022.11.1 is current.

Steps To Reproduce

1. Follow the instructions provided here: https://bitwarden.com/help/install-on-premise-windows/#install-bitwarden up to step 4.
2. Enter an instance name and database name when prompted.
3. Wait for the installation to proceed to the next step.

Expected Result

The installation process should proceed to the next step after entering the instance name and database name.

Actual Result

After entering the instance name and database name, the installation process hangs and does not proceed to the next step.

Screenshots or Videos

Additional Context

The installation process does not proceed beyond this point, even after waiting for a long time. This issue has been encountered consistently on multiple attempts.

Environment Details

OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
Docker version 20.10.24, build 297e128

Attempting to update Bitwarden with the sudo ./bitwarden.sh update command results in the following output:

 _     _ _                         _
| |__ (_) |___      ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V  V / (_| | | | (_| |  __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_|  \__,_|\___|_| |_|

Open source password management solutions
Copyright 2015-2023, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2023.10.2
Docker version 24.0.7, build afdd53b
docker-compose version 1.25.3, build d4d1b42b

"docker inspect" requires at least 1 argument.
See 'docker inspect --help'.

Usage:  docker inspect [OPTIONS] NAME|ID [NAME|ID...]

Return low-level information on Docker objects
Error response from daemon: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

Attempting to start Bitwarden with the sudo ./bitwarden.sh start command results in the following, similar output:

 _     _ _                         _
| |__ (_) |___      ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V  V / (_| | | | (_| |  __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_|  \__,_|\___|_| |_|

Open source password management solutions
Copyright 2015-2023, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2023.10.2
Docker version 24.0.7, build afdd53b
docker-compose version 1.25.3, build d4d1b42b

Pulling mssql         ... error
Pulling web           ... error
Pulling attachments   ... error
Pulling api           ... error
Pulling identity      ... error
Pulling sso           ... error
Pulling admin         ... error
Pulling icons         ... error
Pulling notifications ... error
Pulling events        ... error
Pulling nginx         ... error

ERROR: for web  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for icons  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for events  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for attachments  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for sso  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for identity  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for nginx  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for mssql  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for notifications  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for admin  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

ERROR: for api  error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
ERROR: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"
error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: "<html><body><h1>408 Request Time-out</h1>\nYour browser didn't send a complete request in time.\n</body></html>\n"

Context

• The host operating system Linux bitwarden 5.15.0-88-generic #98-Ubuntu SMP Mon Oct 2 15:18:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux, with no pending updates.
• The host has unrestricted outbound internet access, curl output provided below for confirmation:

$ curl https://bitwarden.com -I
HTTP/2 200
x-build-fragments: true
cache-control: public, max-age=0, must-revalidate
etag: MjAyMy0xMS0wN1QwNDo1NDozMi41MjZa
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
content-security-policy: default-src 'self'; base-uri 'self'; child-src blob:; connect-src 'self' https: https://*.algolia.net https://*.algolianet.com https://insights.algolia.io https://func.bitwarden.com https://status.bitwarden.com https://us-central1-adaptive-growth.cloudfunctions.net https://pdf-convert.bitwarden.com https://aorta.clickagy.com https://hemsync.clickagy.com https://ws.zoominfo.com https://bitwarden.freshsales.io https://stats.g.doubleclick.net https://www.google-analytics.com https://api.hubapi.com https://forms.hubspot.com https://forms.hsforms.com https://hubspot-forms-static-embed.s3.amazonaws.com https://bat.bing.com https://cdn.linkedin.oribi.io https://i.clarity.ms https://scout.salesloft.com https://script.crazyegg.com https://tattle.api.osano.com; img-src 'self' data: https: https://*.algolia.net https://images.ctfassets.net https://www.google.com https://www.google-analytics.com https://i.ytimg.com https://*.hsforms.com https://track.hubspot.com https://analytics.twitter.com https://t.co https://alb.reddit.com https://aorta.clickagy.com https://bat.bing.com https://i.vimeocdn.com https://id.rlcdn.com https://idsync.rlcdn.com https://insight.adsrvr.org https://px.ads.linkedin.com https://p.adsymptotic.com https://stags.bluekai.com; font-src 'self' data: ; form-action 'self' https://forms.hsforms.com https://www.facebook.com; frame-ancestors 'none'; frame-src https://*.doubleclick.net https://boards.greenhouse.io https://s.company-target.com https://docs.google.com https://forms.hsforms.com https://player.vimeo.com https://preview.widgets.ninetailed.io/ https://us02web.zoom.us https://www.facebook.com/ https://www.googletagmanager.com https://www.youtube.com https://*.hs-sites.com; manifest-src 'self'; object-src 'none'; report-uri https://csp-report.browser-intake-us3-datadoghq.com/api/v2/logs?dd-api-key=pub41b0937554d4ab91e35c9ae62433371b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.hs-analytics.net https://js.hs-banner.com https://js.hs-scripts.com https://js.hsadspixel.net https://js.hscollectedforms.net https://js.hsforms.net https://js.hubspot.com https://amplify.outbrain.com https://tr.outbrain.com https://wave.outbrain.com https://j.6sc.co https://tag.demandbase.com https://a.quora.com https://amplify.outbrain.com https://assets.freshsales.io https://bat.bing.com https://boards.greenhouse.io https://cdn.jsdelivr.net/npm/[email protected] https://cdn.pdst.fm https://cmp.osano.com https://connect.facebook.net https://mountain.com https://*.mountain.com https://extend.vimeocdn.com https://googleads.g.doubleclick.net https://libraries.hund.io https://ml314.com https://*.ml314.com https://player.vimeo.com https://plausible.io https://script.crazyegg.com https://scout-cdn.salesloft.com https://snap.licdn.com https://static.ads-twitter.com https://tag.clearbitscripts.com https://tags.clickagy.com https://ws.zoominfo.com https://www.clarity.ms https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.redditstatic.com https://x.clearbitjs.com; style-src 'self' 'unsafe-inline' https://libraries.hund.io; worker-src 'self' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 09:05:37 GMT
via: 1.1 varnish
age: 3874
x-served-by: cache-lhr7337-LHR
x-cache: HIT
x-cache-hits: 1
x-timer: S1699347937.025829,VS0,VE3
vary: Accept-Encoding
server: GatsbyHosting

Hi,

As of now the current server version is 2022.9.1 but the bitwarden.sh script still downloads the previous version, 8.1 for the web version and 8.4 for the server version.

Can you please check?

Is there a reason why ipv6 is commented out?
If not, can it be switched on by default or controlled via an environment variable?
https://github.com/bitwarden/self-host/blob/master/docker-unified/hbs/nginx-config.hbs#L3

it looks like the run.sh file called by bitwarden.sh is broken.

RUN_SCRIPT_URL="https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run"

This file seems to be an error message.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• [deps]: Update docker/build-push-action action to v6

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

• [deps]: Update mariadb Docker tag to v11

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• [deps]: Update docker/dockerfile Docker tag to v1.8
• [deps]: Update gh minor (Azure/login, act10ns/slack, actions/checkout, crazy-max/ghaction-import-gpg, docker/build-push-action, docker/setup-buildx-action, hashicorp/setup-packer)

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

#167 says Core Version and Web Version are upgraded to 2023.10.0
However Web Installed stays at 2023.9.2

vault.MYDOMAIN.com/admin/home/getinstalledwebversion returns: "2023.9.2"

I'm using bitwarden self hosted at home and it's working fine to log in through the URL and browser extension, but in the windows app it pop up an error "failed to fetch", is there any solution for that?

When using the environment variables to set the exposed ports:

- BW_PORT_HTTP=80
- BW_PORT_HTTPS=443

nginx doesn't start with the following error message:

nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)

I'm using a macvlan network so port mapping doesn't work.
Maybe it's possible to grant nginx privileges to bind to lower ports.

I'm unable to add user to a Collection in my Organization after the docker image upgrade. If i add a Group instead it works. The procedure gives a green pop up but the user is not added to the Collection access rules.


Tried with every user role (Owner, Administrator etc etc).

The feature worked until bitwarden 2023.5.0, i'm unable to downgrade to any older version because there's no beta tag that can go further past. I'm stuck with the latest bitwarden/self-host:beta now

I have no error in the browser console or the kubernetes container

Setting up a fresh install my instance no matter how many docker rm and relaunches I do seems to be trying to redirect to the internal port instead of the external SSL port.

Looks to be https://github.com/bitwarden/self-host/blame/master/docker-unified/hbs/nginx-config.hbs on line 7 thats causing the issue.

CLI tests (easier to show):

curl -I http://mybitwardendomain.tld
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 12 Aug 2023 11:06:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://mybitwardendomain.tld:8443/

curl -I https://mybitwardendomain.tld
curl: (7) Failed to connect to mybitwardendomain.tld port 8443 after 15 ms: Couldn't connect to server

curl -I https://mybitwardendomain.tld
HTTP/2 200 server: nginx date: Sat, 12 Aug 2023 11:19:31 GMT content-type: text/html content-length: 1238 last-modified: Tue, 25 Jul 2023 20:03:38 GMT vary: Accept-Encoding etag: "64c02a9a-4d6" strict-transport-security: max-age=15768000 referrer-policy: same-origin x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory; object-src 'self' blob:; x-frame-options: SAMEORIGIN x-robots-tag: noindex, nofollow accept-ranges: bytes

settings.env:
`#####################

Required Settings

#####################

Server hostname

BW_DOMAIN=mybitwardendomain.tld

Database

Available providers are sqlserver, postgresql, mysql/mariadb, or sqlite

BW_DB_PROVIDER=postgresql
BW_DB_SERVER=10.8.96.3
BW_DB_DATABASE=bitwarden_vault
BW_DB_USERNAME=bitwarden
BW_DB_PASSWORD=postgres-password

Installation information

Get your ID and key from https://bitwarden.com/host/

BW_INSTALLATION_ID=generated-install-id
BW_INSTALLATION_KEY=generated-install-key

#####################

Optional Settings

#####################

Learn more here: https://bitwarden.com/help/environment-variables/

Container user ID/group ID

#PUID=1000
#PGID=1000

Webserver ports

BW_PORT_HTTP=8080
BW_PORT_HTTPS=8443

SSL

BW_ENABLE_SSL=true
#BW_ENABLE_SSL_CA=true
BW_SSL_CERT=letsencrypt/live/mybitwardendomain.tld/fullchain.pem
BW_SSL_KEY=letsencrypt/live/mybitwardendomain.tld/privkey.pem
#BW_SSL_CA_CERT=ca.crt

Services

Some services, namely for enterprise use cases, are disabled by default. Defaults shown below.

BW_ENABLE_ADMIN=true
BW_ENABLE_API=true
BW_ENABLE_EVENTS=false
BW_ENABLE_ICONS=true
BW_ENABLE_IDENTITY=true
BW_ENABLE_NOTIFICATIONS=true
BW_ENABLE_SCIM=false
BW_ENABLE_SSO=false

BW_ICONS_PROXY_TO_CLOUD=false

Mail

globalSettings__mail__replyToEmail=[email protected]
globalSettings__mail__smtp__host=smtp.domain.com
globalSettings__mail__smtp__port=465
globalSettings__mail__smtp__ssl=true
globalSettings__mail__smtp__username=emailuser
globalSettings__mail__smtp__password='randomly generated password in marks due to symbols requirement'

Yubikey

#globalSettings__yubico__clientId=REPLACE
#globalSettings__yubico__key=REPLACE

Other

#globalSettings__disableUserRegistration=false
#globalSettings__hibpApiKey=REPLACE
#adminSettings__admins=[email protected],[email protected]`

Hi,

I use bitwarden self-hosted on a Synology NAS with daily update mechanism. Since 29 Mar 2022 05:00 I get errors when trying auto updating.

So I tried to run the scheduled script manually and I get stuck in a user prompt while running bitwarden.sh updateself asking

mv: replace '/volume1/docker/bitwarden.sh', overriding mode 0755 (rwxr-xr-x)?

After accepting question with entering Y, bitwarden.sh updateselfcontinues and ask no prompt anymore.

Please consider use of mv -f instead of mv in line 63.

user@DiskStation:/volume1/docker$ bash bitwarden.sh updateself
 _     _ _                         _
| |__ (_) |___      ____ _ _ __ __| | ___ _ __
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \
| |_) | | |_ \ V  V / (_| | | | (_| |  __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_|  \__,_|\___|_| |_|

Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 1.47.1
Docker version 20.10.3, build b455053
docker-compose version 1.28.5, build 324b023a

mv: replace '/volume1/docker/bitwarden.sh', overriding mode 0755 (rwxr-xr-x)?

Hello,

my Linux Docker installation stalled after update via

./bitwarden.sh updateself
./bitwarden.sh update

The error is

Database is in script upgrade mode. Trying again (attempt #10)...
Migrating database.
Unhandled exception. System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'sa'. Reason: Server is in script upgrade mode. Only administrator can connect at this time.

After waiting several minutes and running the two update script commands again, the update finalizes successfully.

Maybee there should more attempts to wait for successfull database upgrade.

This is the end of my logged run of the two update commands above

Creating network "docker_default" with the default driver
Creating network "docker_public" with the default driver
Creating bitwarden-notifications ...
Creating bitwarden-identity ...
Creating bitwarden-mssql ...
Creating bitwarden-web ...
Creating bitwarden-events ...
Creating bitwarden-attachments ...
Creating bitwarden-api ...
Creating bitwarden-sso ...
Creating bitwarden-icons ...
Creating bitwarden-web ... done
Creating bitwarden-mssql ... done
Creating bitwarden-admin ...
Creating bitwarden-notifications ... done
Creating bitwarden-attachments ... done
Creating bitwarden-identity ... done
Creating bitwarden-icons ... done
Creating bitwarden-api ... done
Creating bitwarden-sso ... done
Creating bitwarden-events ... done
Creating bitwarden-admin ... done
Creating bitwarden-nginx ...
Creating bitwarden-nginx ... done
2022.10.0: Pulling from bitwarden/setup
Digest: sha256:b20826e60e6084ed5a727eea998433ae37ff7baa3b7dea05e6432fb6c65eb182
Status: Image is up to date for bitwarden/setup:2022.10.0
docker.io/bitwarden/setup:2022.10.0


Bitwarden is up and running!
===================================================

visit https://xxx/
to update, run `./bitwarden.sh updateself` and then `./bitwarden.sh update`

Deleted Images:
untagged: bitwarden/api:2022.9.1
untagged: bitwarden/api@sha256:cfb8a16e6a0fa25377fd032c292a76c758c2051357b263358de1cf513a72e828
deleted: sha256:925de309736ed558eaf4af1976ecfd1e019dc4cea20484dd5194c0c60c5a23ca
deleted: sha256:928abc6578c8f859d74657ec19b26fb830d3627e53e1f6df29f56b654dd7a4e4
deleted: sha256:e31f7d6155e115973ebf44f84d4a29cac28054d00f7efa453cd225ade01b1c5b
deleted: sha256:031aacd1791427ce1a940813a68252aab29e0341d73ef94d5728c04ab2d028da
deleted: sha256:9a8dc7587739226badf483f1e1bc9d20f4bf9f8e0ac7ac1d704970989ef7a52f
deleted: sha256:0867ecd4946de0962d7b426c17020a1518a66bdf9957aac54635b71cbc97b395
deleted:
deleted:
deleted:
deleted:
untagged: bitwarden/mssql:2022.9.1
untagged: bitwarden/mssql@sha256:d38d299eb9155993965c1c4947e9b8a90d4a95917644e2157a4e9bb312941ef6
deleted: sha256:773e91dfa3ab5c4a28894b0f3007ea378919c536fa19870531b77ed27a54248c
deleted: sha256:acfdbb8ae0b55f00d2baae31326cad54b4b80a000e5e2ef22277b5afebcf108f
deleted: sha256:737e83203504229a0ff0afbf382d438daee5eb1514021f7024efd4de3669e8a3
deleted: sha256:2b6c8367b125d38bc8de9a56b4a85b4223b5ec6f39a1b9472f1cc69f625522c3
deleted: sha256:8cad2e4d24541d45364fe59a8160593b30eceadbaecb2f07511058874bfda51c
deleted: sha256:72e2c563dbd0a63a13eaebe6f3f4426ed8d847b02889cdfb976fd4bd6d1af162
deleted: sha256:025522b71cfe4f0c83f82b6870065d9c7b6574c7539b307585d9f0d4fa87bca6
deleted: sha256:8c29a31bd900d07ae2e6f16163e8667291ff83bb4d344facc14c2ed2f6a4e8a2
deleted: sha256:bfd45a4b249a45a22429adcd8c58845747e5c971d1683127ed68e1d4e0b09959
deleted: sha256:6a0e6bf8055ade83f0e1a811778801da594b6b2d0f0559513cfa3ab09cc44687
deleted: sha256:91e4318a5f8d6a9aead4e9e0dbf6eaf425f84b761bcf4d8f8380c918340bebfc
deleted: sha256:ef572e1ba2ecca900f0ec3db00e997de12dd380ce3e360b5813fd75920232359
deleted: sha256:98fc4d5421178c7be7d5718d2d44abba8053dc5c712e51658fe5b872675b4f7a
deleted: sha256:7b2cc05dfd889e28234f8831c80ac20cf299d5bbebbbac013f8f7d2b7abc0d65
deleted: sha256:6b0187d1cdff63eb5966ac72bf4ccd96150586c1409eb858bb98783f02018ee7
deleted: sha256:644879075e24394efef8a7dddefbc133aad42002df6223cacf98bd1e3d5ddde2
deleted:
deleted:
untagged: bitwarden/web:2022.9.1
untagged: bitwarden/web@sha256:a183fe841a3269a5a49f0787f4341126d4f25041adf185b368af2bb7bbcf1fae
deleted: sha256:3b112ddf352c1d4a95bbbb8192e11e257722d18b7a0f2ac43253578be8f1f963
deleted: sha256:f3e013b2b6773bfcbb4280022b6dedaf3d4b5473f8ec4813e4c0ff38f762906b
deleted: sha256:b05337c3dba36affe50117decdc83f53c1f755639b687e2d07461352cd99c4a7
deleted: sha256:933405b6737dd184f75bf434621d696fde28ab26c92987d144f9800e405d0459
deleted: sha256:a44df38e4b63f57e7d0293e12934c9c89f0e49aef86899342f1807de886f6466
deleted: sha256:c0a4025569d41dae98e302b85bc81a91bcddfdbf4b314ce28598fa272958220b
deleted: sha256:45dde847e0eefe2957f1190383623762fd7d00d0ef6c3308cd8047de524aa2df
deleted: sha256:1aec719198fd7343aa3d572cf2ab609cdf86a3afcc56e058ac536d2f4ac06b94
deleted: sha256:b264cff4e083c2b28fa7dd83b9c405755af14ac8e7ca9bb00e57a64792931fe0
deleted: sha256:77fca1f8661c068c1e3eab1e688e924fbfdeb2bee13db116e33ceeecd412929f
deleted: sha256:dc46ee02ad38a8aa20fe9258d772c6c3a2518c3ac655834cd8b5aba0460f5956
untagged: bitwarden/events:2022.9.1
untagged: bitwarden/events@sha256:3ac03e470430c292878000e939ecb67a4c886a5e1c7b454da65f6c5ad873dfd5
deleted: sha256:951bebd465f1fd537918fb069600145cfbd724f3a91463944581b881d17f8e40
deleted: sha256:43e2a3998210074fbec17486c15f46ccd21076445bc16a855f724e41ef22a0f6
deleted: sha256:089517a4f4961c0f901282f2ad544f4dac1665b2a52ece62f06b0a88beea38ff
deleted: sha256:1514d1bcc396695796cd22d76c9aa3b24e1c565680273a77cafb379d1b27a99f
deleted: sha256:3e9f57b7c249a4e3d2c590be3ad6f6db4434c341a3cd83756739cee927db2e82
deleted: sha256:e455200fe80739839e2ee0792d1e0686bebe05103e9e612d188eb7d75e82d87f
untagged: bitwarden/admin:2022.9.1
untagged: bitwarden/admin@sha256:c38e47c46dc675debb46fc2598006fd5380fe86c8817fc57f00e50fac4504762
deleted: sha256:a535f05fbb98b78a2e9396b3abaca28952ac3ed377e9400f1963370c567c65be
deleted: sha256:7e6bb22af9788eee0dd7638a80199652b76d07ab453b449bf556452769d09310
deleted: sha256:e2df6b55a1601a3e0bb2f1a894eb257dafefba828691ef8e0ba17568b7cc0f1c
deleted: sha256:00873ca4ecdf58efe7a0b73bb5dc122ad0e9527d763d62229047774480a95f8d
deleted: sha256:c34b2101fc3c93eb8c611b7a89937eafc5661eedd323d4acda1c66200f501f60
deleted: sha256:120d0c80f61a9e2f62baf748d759c89b2ae4092a628bd18abc00d2d378f4ade5
untagged: bitwarden/attachments:2022.9.1
untagged: bitwarden/attachments@sha256:7bc300775614bb3292a2a8fdbf15747ba616bc68fc15463bd1b6c058be05f6e2
deleted: sha256:8cb7c3d1917ed1fab0ea991681edfb4b1b7e3ee805eeb0b5720b2783a87d4e48
deleted: sha256:5514acad792c8346055a9a7ea9815f276e194f4a61f29e8f1064f11e1033eaa3
deleted: sha256:19296bc1ddd58e2d02a5c7133f531ff8972d14c8d7f52964c4f04776c8c19677
deleted: sha256:1b326a4692e99d1198218b6c965e27a215f9b66ae11b08783a1383f9709aa730
deleted: sha256:b39192df4eee844a1b4453c95dc0bca14271921cd24c5cd83b8b92449cd6da0a
untagged: bitwarden/nginx:2022.9.1
untagged: bitwarden/nginx@sha256:24e01d5fb26daf2c0674738c86baa82ef20046a814e4c592061d336260db9a8d
deleted: sha256:2fc32efe65881ea595ac9977c3555c8275ca11d11ef57da5c3fcd9150a8f68fd
deleted: sha256:f6368f15071c455264c019ca1a1356079f53ff2877c51362880bb9f2919b822a
deleted: sha256:a196afcf3d7882a05491529f947a22806c7436a709f3104cf25a31987ad1a2fc
deleted: sha256:1279c6420f845360dc4a67e7eba95370e19e6f4d15a99c286e346f05ee0f4fe4
deleted: sha256:2b04477b51e8e97dabc68a1a5396a4eb479b50c872684a645581b6815cca3b77
deleted: sha256:6455851996279fe7f4d0dbe4269da84c33a76efa104e3bccf96cf6bdef432245
deleted: sha256:0245d94e4637f6be6a275c4af7ecb716089865e9e86f7e1e391efb9e6b27b805
deleted: sha256:decb740c10b8d0b9a3e921e9d91a9a87b3dcafca5f783deee7a778395590a38c
deleted: sha256:c927dcf2cd3697f86d6c4c729e689f175ea10ab967e77eab8f35447e7748e599
deleted: sha256:37a4f8d71046d3d484f730140e355ab2ca224e2a36889e615ed8865bb423d7e0
deleted: sha256:59716a71cea879143c86425b10986e2f28b1f4e6f6ecfff7a6bdc469a5e29486
deleted: sha256:34bdfbf02b3bbb46879c29769150eeb7cf5151b0addb86e5ac626bd8813ef99b
deleted: sha256:0333123f731a60ef626adca3670129136871cb3d0a70c0154196028d6b2405e3
deleted: sha256:4e41d535a6361e4c9760d5f2b37782a6a7e460d5dd187c4e3d1685efb4b24ce3
deleted: sha256:73757063f2c178000cbff9abd5a10f71932fb24f51fff4b87dba216f7ce8ad52
untagged: bitwarden/identity:2022.9.1
untagged: bitwarden/identity@sha256:80d3cd02baa811e45e8e85d7bf366e6bb37da7b618d6622f32378b6445fd215c
deleted: sha256:5d28235aa023ea328708236b07b13a5d59ceaed7f2165cb25b2cb0faf0523a07
deleted: sha256:b1e464eeb412ca8157c7effbbd955aab82600a64d42d1f322f25b8c8500adb6a
deleted: sha256:af56dc562a3a34ad13547d9bec71e36be0cc7e4cf06cecb5ad431f354c319233
deleted: sha256:4fab89a21f1af917902c7a3ad2507ce9637a72cb64b6d2abdb844be68c3da595
deleted: sha256:fb1470229bd547bfd0d291eea809314f742fe42bf06d6fe70d8525c3f169e67c
deleted: sha256:b695fd4960680f45b90384637169d5bfe3e77dffdd4240e2c336928e4bcbb8cf
deleted:
deleted:
untagged: bitwarden/notifications:2022.9.1
untagged: bitwarden/notifications@sha256:f728d114412e17ed77d256fd58a5b938000669a137fcb3b93d9671c8b8a90b02
deleted: sha256:d9e8152e31716876b2b6217ce5f57e5154eca121d8d411da44d9cbd7e434364b
deleted: sha256:22d935cd2703b4fa92070413f6f921efb203fe5a8243d254b89ea2f46a818ff4
deleted: sha256:2ae044d9af3a275b87d1502090ad5e028a000fa2f2c99fd3d0b67d677a05a5ea
deleted: sha256:6774ec82e3d4e209ac0e68acce78a344225257b3c1b4a2ad1b0f831f8b82f675
deleted: sha256:6eef464cc09381826a90532179891721591bf5c283e2c47344395e104b444ea4
deleted: sha256:d757db22a8a1c3047516b232de64dbf0d47e2c852be90633b9fa09cc3eeee5d9
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
untagged: bitwarden/icons:2022.9.1
untagged: bitwarden/icons@sha256:f03005b186658322359432d57d1349c0db5668f4e16fe4b8375088e48ecb14c3
deleted: sha256:340ef1d632f7962b519d8a7c0cf1556f8c5d3816f8a70d6e5f54cd4d74d80351
deleted: sha256:b5777e3fbfc305e0954ca182efe39c3cb431fb333fb0dca32dcd601e8906ee92
deleted: sha256:3bd5f4b9018f32f495bc7f90bb81b10b129883bd4664d1d114f22e79faba8969
deleted: sha256:1b6cb0012215cd8940931aefe5d8701ad1a388b708a48e32958595f027a35677
deleted: sha256:f3bc98e133aaae78954dea41675c6e42ed0db6cab9d6cafa67403e8e8a8b5d7b
deleted: sha256:19789059efeea7b2c76e1e76041f4b8efa006fda78940355506f6b5e309062a5
untagged: bitwarden/sso:2022.9.1
untagged: bitwarden/sso@sha256:d1fb1a78282f2aef2eadbc43cd098ecfcad23213789b75cc6d1b1e8651f4388a
deleted: sha256:dfc27543d3dfd9afe6a7b757c56da6f7c6d10c18227fa298325b7009d2fe1c84
deleted: sha256:c1a1fc139938ec0b469accba8c0d3ab34566a421dd7e463da37290d4084f0572
deleted: sha256:379170e1b6af2fc95057218e53bd2f3fa4309d255d9fc6f1b1a6a21f05130c95
deleted: sha256:465bafd7e80cf37549afeac43aa87aaa60ad357f3e146816f36c198c34137695
deleted: sha256:2526515a1045ea8e63a80407e1ae78ab65a8b6daa1e12a05dc76c378eade369b
deleted: sha256:f2a7df6cb062da6533659af582aa639cf8af805c5c895f7aff907113eaadf189
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:
deleted:

Total reclaimed space: 2.249GB
Pausing 60 seconds for database to come online. Please wait...
2022.10.0: Pulling from bitwarden/setup
Digest: sha256:b20826e60e6084ed5a727eea998433ae37ff7baa3b7dea05e6432fb6c65eb182
Status: Image is up to date for bitwarden/setup:2022.10.0
docker.io/bitwarden/setup:2022.10.0

Migrating database.
Database is in script upgrade mode. Trying again (attempt #2)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #3)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #4)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #5)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #6)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #7)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #8)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #9)...
Migrating database.
Database is in script upgrade mode. Trying again (attempt #10)...
Migrating database.
Unhandled exception. System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'sa'. Reason: Server is in script upgrade mode. Only administrator can connect at this time.
  at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
  at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
  at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
  at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
  at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
  at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
  at System.Data.SqlClient.SqlConnection.Open()
  at Bit.Migrator.DbMigrator.MigrateMsSqlDatabase(Boolean enableLogging, CancellationToken cancellationToken) in /home/runner/work/server/server/util/Migrator/DbMigrator.cs:line 47
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 196
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.MigrateDatabase(Int32 attempt) in /home/runner/work/server/server/util/Setup/Program.cs:line 214
  at Bit.Setup.Program.Update() in /home/runner/work/server/server/util/Setup/Program.cs:line 158
  at Bit.Setup.Program.Main(String[] args) in /home/runner/work/server/server/util/Setup/Program.cs:line 56
ClientConnectionId:a8a71078-ded4-4c3b-9c88-93ae9f34ce27
Error Number:18401,State:1,Class:14

It seems that the beta tag on https://hub.docker.com/r/bitwarden/self-host is not getting updated automatically by the release process. This makes pulling the latest self-host beta version a little bit more tricky than it could be.

Would it make sense to change https://github.com/bitwarden/self-host/blob/master/.github/workflows/release.yml#L282 and currently tag beta instead of latest and make a corresponding comment that after GA that should be changed to latest?

I don't know when this stopped working I know for a fact it worked at some point but I had just noticed recently the container IP address is shown in the identity logs rather than the real client IP address. The container IP address is also prepended with "::ffff:" which appears to be "an IPv4 address placed inside an IPv6 space" according to what I've found online. This is not my post but closely describes the problem I am seeing: https://community.bitwarden.com/t/identity-log-still-showing-container-ip-instead-of-real-ip/12836

I've configured the real_ips parameter in config.yml correctly (has not changed since it stopped working).

real_ips:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16

I've verified they are added to the nginx default.conf and that the header "X-Forwarded-For" is set (I assume this is done when you perform a rebuild).

root@bitwarden:/opt/bitwarden/bwdata/nginx# grep real_ip default.conf 
  set_real_ip_from 10.0.0.0/8;
  set_real_ip_from 172.16.0.0/12;
  set_real_ip_from 192.168.0.0/16;
  real_ip_header X-Forwarded-For;
  real_ip_recursive on;
root@bitwarden:/opt/bitwarden/bwdata/nginx#

172.16.0.0/12 should cover any IP address the container gets assigned (172.16.0.0 - 172.31.255.255).

When I trigger a failed login this is what I see in the identity logs.

2023-05-16 12:06:45.345 -04:00 [Warning] Failed login attempt. ::ffff:172.20.0.9

And this is what I see in the nginx access.log which shows the real IPv4 address of the client.

169.150.197.121 - - [16/May/2023:16:23:37 +0000] "POST /identity/accounts/prelogin HTTP/2.0" 200 72 "-" "Mozilla/5.0 (Windows NT 10.0; rv:115.0) Gecko/20100101 Firefox/115.0" "-"
169.150.197.121 - - [16/May/2023:16:23:41 +0000] "POST /identity/connect/token HTTP/2.0" 400 166 "-" "Mozilla/5.0 (Windows NT 10.0; rv:115.0) Gecko/20100101 Firefox/115.0" "-"

I have a hunch this is due to the "::ffff:" prefix I'm not sure if that was present when I first set up fail2ban I have IPv6 disabled on my host that's running bitwarden. I've tried commenting out the IPv6 listeners in the nginx config but I still get the same result.

Looking for some guidance I've tried to investigate this myself for the past couple weeks and have not made any progress. Perhaps there's some config parameter I can change to get the real IP address again. I found an email generated by fail2ban back in November 2022 banning an IP for Bitwarden failed login so I know this worked and I have not changed anything on my end so I assume something with Bitwarden/docker/etc changed.

In Settings-> Options -> Enable Full Width Layout when enabled will not maintain (even though checked) in Google Chrome and MS Edge regardless of theme (dark or light) when using SSO. Checks were completed via both incognito and history/cookie purge browser sessions with fresh SSO logons.

I am trying to install a self-hosted bitwarden-server on my local machine (Ubuntu 20.4). I have docker and docker-compose installed. I have downloaded bitwarden.sh from this repo, made it executable and then run it. The output is as follows:-

 _     _ _                         _            
| |__ (_) |___      ____ _ _ __ __| | ___ _ __  
| '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ 
| |_) | | |_ \ V  V / (_| | | | (_| |  __/ | | |
|_.__/|_|\__| \_/\_/ \__,_|_|  \__,_|\___|_| |_|

Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2022.6.2
Docker version 20.10.17, build 100c701
docker-compose version 1.25.0, build unknown

~/bitwarden/bwdata/scripts/run.sh: line 1: error: command not found

Upon investigation the contents of ~/bitwarden/bwdata/scripts/run.sh are:

error code: 1005

Please advise how I should proceed, thanks.

Docker Compose defaults to the basename of the project directory if no project name is set. Here, that means the project is simply called docker. This shows up in, for example, the output of docker compose ls and the name of the networks created. This should be set to bitwarden instead.

I am trying to run a self hosted docker container. When my docker-compose boots bitwarden/self-host:beta using podman:

podman create --name=bitwarden_bitwarden_1 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=bitwarden --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=bitwarden --label com.docker.compose.project.working_dir=/REDACTED --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=bitwarden --env-file /REDACTED/settings.env -v /REDACTED/data:/etc/bitwarden --net bitwarden_default --network-alias bitwarden -p 2000:8080 --restart always docker.io/bitwarden/self-host:beta
fd7a2181f92c523b68ca65cd9fcf6e04c31fa01cac52840784b24e9aa9bd8c6a

I get this output

2023-01-28 22:15:18,347 INFO Included extra file "/etc/supervisor.d/admin.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/api.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/events.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/icons.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/identity.ini" during parsing
2023-01-28 22:15:18,348 INFO Included extra file "/etc/supervisor.d/nginx.ini" during parsing
2023-01-28 22:15:18,351 INFO Included extra file "/etc/supervisor.d/notifications.ini" during parsing
2023-01-28 22:15:18,353 INFO Included extra file "/etc/supervisor.d/scim.ini" during parsing
2023-01-28 22:15:18,354 INFO Included extra file "/etc/supervisor.d/sso.ini" during parsing
2023-01-28 22:15:18,359 INFO RPC interface 'supervisor' initialized
2023-01-28 22:15:18,359 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2023-01-28 22:15:18,360 INFO supervisord started with pid 40
2023-01-28 22:15:19,363 INFO spawned: 'identity' with pid 41
2023-01-28 22:15:19,367 INFO spawned: 'admin' with pid 42
2023-01-28 22:15:19,375 INFO spawned: 'api' with pid 43
2023-01-28 22:15:19,377 INFO spawned: 'icons' with pid 44
2023-01-28 22:15:19,381 INFO spawned: 'nginx' with pid 45
2023-01-28 22:15:19,406 INFO spawned: 'notifications' with pid 46
2023-01-28 22:15:20,913 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,010 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,011 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,016 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:21,026 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:22,031 INFO spawned: 'identity' with pid 83
2023-01-28 22:15:22,034 INFO spawned: 'admin' with pid 84
2023-01-28 22:15:22,044 INFO spawned: 'api' with pid 85
2023-01-28 22:15:22,047 INFO spawned: 'icons' with pid 86
2023-01-28 22:15:22,054 INFO spawned: 'notifications' with pid 87
2023-01-28 22:15:23,460 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,476 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,476 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,503 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:23,513 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:25,517 INFO spawned: 'identity' with pid 123
2023-01-28 22:15:25,520 INFO spawned: 'admin' with pid 124
2023-01-28 22:15:25,526 INFO spawned: 'api' with pid 125
2023-01-28 22:15:25,530 INFO spawned: 'icons' with pid 126
2023-01-28 22:15:25,534 INFO spawned: 'notifications' with pid 127
2023-01-28 22:15:27,016 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,019 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,070 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,090 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:27,090 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:30,097 INFO spawned: 'identity' with pid 163
2023-01-28 22:15:30,102 INFO spawned: 'admin' with pid 164
2023-01-28 22:15:30,108 INFO spawned: 'api' with pid 165
2023-01-28 22:15:30,114 INFO spawned: 'icons' with pid 166
2023-01-28 22:15:30,130 INFO spawned: 'notifications' with pid 167
2023-01-28 22:15:31,490 INFO exited: icons (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,536 INFO gave up: icons entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,537 INFO exited: api (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,537 INFO exited: notifications (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,544 INFO gave up: api entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,545 INFO gave up: notifications entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,545 INFO exited: identity (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:31,549 INFO gave up: identity entered FATAL state, too many start retries too quickly
2023-01-28 22:15:31,549 INFO exited: admin (terminated by SIGSEGV (core dumped); not expected)
2023-01-28 22:15:32,551 INFO gave up: admin entered FATAL state, too many start retries too quickly
2023-01-28 22:15:34,554 INFO success: nginx entered RUNNING state, process has stayed up for > than 15 seconds (startsecs)

and the container stays open, supervisord doesn't exit but all the sub processes (icons, api etc) are not running.

I discovered this because I could visit the login page and enter an email address but upon submitting the form the /api request 502s becuase the internal nginx proxy cannot speak to the its upstream

2023/01/28 22:19:53 [error] 50#50: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://[::1]:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [warn] 50#50: *5 upstream server temporarily disabled while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://[::1]:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [error] 50#50: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://127.0.0.1:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"
2023/01/28 22:19:53 [warn] 50#50: *5 upstream server temporarily disabled while connecting to upstream, client: 10.89.1.19, server: bitwarden.redacted.com, request: "GET /api/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772 HTTP/1.1", upstream: "http://127.0.0.1:5001/devices/knowndevice/[email protected]/5d9c19bb-14d0-4774-8cc0-f4759b65c772", host: "bitwarden.redacted.com", referrer: "https://bitwarden.redacted.com/"

Can anyone recommend a next step to debugging this?

Thank you!

Would it be possible to run multiple Docker instances (multiple installations) for different domains?
How can I setup it up?

Thank you

Setting parameter globalSettings__disableUserRegistration=true in the ./bwdata/env/global.override.env
After ./bitwarden.sh rebuild && ./bitwarden.sh restart

bitwarden.sh version 2022.9.1
Docker version 20.10.3, build 55f0773
docker-compose version 1.28.5, build 24fb474e

I see the register button and it works - registration of new users occurs without errors.

What am I doing wrong?

Would it be possible to use docker compose version 2?
As of right now, the script uses the old version 1, which is no longer supported.

After upgrade to latest beta, bitwarden could not autheticate user and mariadb is full of log as this:

2024-01-22 13:51:10 441 [Warning] Aborted connection 441 to db: 'xxxxx' user: 'yyyyyyy' host: 'zzzzzzzzz' (Got an error reading communication packets)

Note: i tried to use also the dev image, but it's the same.

Since this feature was implemented I have not been able to get it to work with my self hosted install. When I open the browser extension and select "Log in with device" I can see the 5 word string, I then open the Bitwarden app on my phone which has "Approve login requests" enabled and select "Pending login requests" from the settings menu. I can see the request initiated from the browser extension and it has the same word string but when I click "Approve" nothing happens. The only thing I can see in the logs is from the identity container but it doesn't align with when I attempt to perform the device login.

2023-06-02 11:08:01.841 -04:00 [Error] Request to "https://push.bitwarden.com/push/register" is unsuccessful with status of BadRequest-"Bad Request"

I just updated my self-hosted docker to the latest version 2023.2.1 and now I am unable to manage collections in my family organization. The vault overview shows all entries just fine including the display if it is my own entry or from the family organization. When I open the organization tab it just shows all entries without the collections and the left pane where the collections should be displayed is only showing the rotating circles trying to load the collection list I suppose. I cannot add a new collection as the popup only shows the same loading indicator. In the entry table all entries are shown but instead of the collection names it just shows some small grey boxes.

The docker uses a maria-db database for data storage.
The api.log contains the following message:

fail[39m[22m[49m:` Bit.Api.Utilities.ExceptionHandlerFilterAttribute[0]
      => SpanId:8de51beafea0925d, TraceId:89ce70322580ad6bb13c9e4618aaeb44, ParentId:0000000000000000 => ConnectionId:0HMONBQUKRF78 => RequestPath:/organizations/2c1ac356-be09-422c-b4fe-af8f01695194/collections/details RequestId:0HMONBQUKRF78:00000002 => Bit.Api.Controllers.CollectionsController.GetManyWithDetails (Api)
      The LINQ expression 'DbSet<CollectionGroup>()
          .Where(cg => cg.Collection.OrganizationId == __organizationId_0 && __Select_1
              .Contains(cg.Collection.Id))
          .GroupBy(cg => cg.CollectionId)
          .Select(g => g)' could not be translated. Additional information: Translation of 'Select' which contains grouping parameter without composition is not supported. Either rewrite the query in a form that can be translated, or switch to client evaluation explicitly by inserting a call to 'AsEnumerable', 'AsAsyncEnumerable', 'ToList', or 'ToListAsync'. See https://go.microsoft.com/fwlink/?linkid=2101038 for more information.
      System.InvalidOperationException: The LINQ expression 'DbSet<CollectionGroup>()
          .Where(cg => cg.Collection.OrganizationId == __organizationId_0 && __Select_1
              .Contains(cg.Collection.Id))
          .GroupBy(cg => cg.CollectionId)
          .Select(g => g)' could not be translated. Additional information: Translation of 'Select' which contains grouping parameter without composition is not supported. Either rewrite the query in a form that can be translated, or switch to client evaluation explicitly by inserting a call to 'AsEnumerable', 'AsAsyncEnumerable', 'ToList', or 'ToListAsync'. See https://go.microsoft.com/fwlink/?linkid=2101038 for more information.
         at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.VisitMethodCall(MethodCallExpression methodCallExpression)
         at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.VisitMethodCall(MethodCallExpression methodCallExpression)
         at Microsoft.EntityFrameworkCore.Query.Internal.NavigationExpandingExpressionVisitor.Expand(Expression query)
         at Microsoft.EntityFrameworkCore.Query.QueryTranslationPreprocessor.Process(Expression query)
         at Microsoft.EntityFrameworkCore.Query.QueryCompilationContext.CreateQueryExecutor[TResult](Expression query)
         at Microsoft.EntityFrameworkCore.Storage.Database.CompileQuery[TResult](Expression query, Boolean async)
         at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.CompileQueryCore[TResult](IDatabase database, Expression query, IModel model, Boolean async)
         at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.<>c__DisplayClass9_0`1.<Execute>b__0()
         at Microsoft.EntityFrameworkCore.Query.Internal.CompiledQueryCache.GetOrAddQuery[TResult](Object cacheKey, Func`1 compiler)
         at Microsoft.EntityFrameworkCore.Query.Internal.QueryCompiler.Execute[TResult](Expression query)
         at Microsoft.EntityFrameworkCore.Query.Internal.EntityQueryProvider.Execute[TResult](Expression expression)
         at System.Linq.Queryable.FirstOrDefault[TSource](IQueryable`1 source, Expression`1 predicate)
         at Bit.Infrastructure.EntityFramework.Repositories.CollectionRepository.<>c__DisplayClass10_1.<GetManyByUserIdWithAccessAsync>b__7(CollectionDetails collection) in /source/src/Infrastructure.EntityFramework/Repositories/CollectionRepository.cs:line 247
         at System.Linq.Enumerable.SelectListIterator`2.ToList()
         at Bit.Infrastructure.EntityFramework.Repositories.CollectionRepository.GetManyByUserIdWithAccessAsync(Guid userId, Guid organizationId) in /source/src/Infrastructure.EntityFramework/Repositories/CollectionRepository.cs:line 246
         at Bit.Api.Controllers.CollectionsController.GetManyWithDetails(Guid orgId) in /source/src/Api/Controllers/CollectionsController.cs:line 88
         at lambda_method1059(Closure , Object )
         at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
         at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)

Until version 2023.8.2 arm64 and arm/v7 arch images where published to the 'bitwarden/self-host:beta' tag on dockerhub. However, these tags are no longer updated on dockerhub and the version-specific tags have no support for ARM-platforms.

Could you please fix the publication of the ARM versions? A lot of users run Bitwarden on RPI's or NAS hardware with ARM processors.

Opening a new issue here since bitwarden/server#2644 was closed and I'm not sure if my last comment will be noticed.

My instance just broke again after a failed download of run.sh:

Unable to download run script from https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run. Received status code: 502
http response:
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

As stated in my comment on the other issue, the problem is that the file is still not downloaded to a temporary location, overwriting any existing file:

The addition to the downloadRunFile function that checks the HTTP return code still breaks instances on failure, because it still downloads directly to the "final" destination of run.sh instead of downloading to a temporary location and only moving the file on success.
In the case I just experienced, the API sent an HTTP 400 response upon executing bitwarden.sh update, resulting in the following message:

Unable to download run script from https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run. Received status code: 400
http response:
{"message": "Traffic from your network looks unusual. Connect to a different network or try again later. [Error Code 2]"}

The run.sh file was missing afterwards since the function removes it on failure.

Just updated my APP container to 2023.9.3-beta and Bitwarden now is sitting on +- 50% of VM CPU Usage:

As the base image is a very lightweigh Debian, i cannot check processes. Can someone help me with this?

On my test container all seems fine, only 5 users which are using the service as before. My docker-compose file:

version: "3.8"

services:
  bitwarden:
    container_name: Bitwarden-PRO
    depends_on:
      - db
    env_file:
      - ./env/bw-settings.env
    image: bitwarden/self-host:2023.9.3-beta
    restart: unless-stopped
    ports:
      - "8085:8080"
    volumes:
      - ./bitwarden:/etc/bitwarden

  db:
    container_name: BitwardenDB-PRO
    env_file:
      - ./env/db-settings.env
    image: mariadb:10
    restart: always
    volumes:
      - ./db:/var/lib/mysql

Thanks in advance.

Edit 1: Is even getting worse:

Hey, when trying to self-host on version 2023.9.1, I get this issue:

fail: Bit.Admin.HostedServices.DatabaseMigrationHostedService[0]
bitwarden-admin          |       Database unavailable for migration.
bitwarden-admin          |       Microsoft.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 35 - An internal exception was caught)

I followed everything here: https://bitwarden.com/help/install-on-premise-linux/

What am I doing incorrectly?

Hello,

After update to 2022.6.2 i get Error response from daemon: network docker_default not found and not running.

bitwarden@srv:/opt/bitwarden$ ./bitwarden.sh start

Open source password management solutions
Copyright 2015-2022, 8bit Solutions LLC
https://bitwarden.com, https://github.com/bitwarden

===================================================

bitwarden.sh version 2022.6.2
Docker version 20.10.17, build 100c701
Docker Compose version v2.6.1

[+] Running 13/13
⠿ Container bitwarden-attachments Removed 0.0s
⠿ Container bitwarden-icons Removed 0.0s
⠿ Container bitwarden-events Removed 0.0s
⠿ Container bitwarden-sso Removed 0.0s
⠿ Container bitwarden-notifications Removed 0.0s
⠿ Container bitwarden-nginx Removed 0.0s
⠿ Container bitwarden-api Removed 0.0s
⠿ Container bitwarden-admin Removed 0.0s
⠿ Container bitwarden-identity Removed 0.0s
⠿ Container bitwarden-web Removed 0.0s
⠿ Container bitwarden-mssql Removed 0.0s
⠿ Network docker_public Removed 0.2s
⠿ Network docker_default Removed 0.1s
[+] Running 11/11
⠿ identity Pulled 1.5s
⠿ icons Pulled 1.5s
⠿ events Pulled 1.5s
⠿ mssql Pulled 1.5s
⠿ admin Pulled 1.4s
⠿ attachments Pulled 1.5s
⠿ sso Pulled 1.4s
⠿ nginx Pulled 1.4s
⠿ api Pulled 1.4s
⠿ web Pulled 1.5s
⠿ notifications Pulled 1.5s
[+] Running 3/120
⠿ Network docker_public Created 0.0s
⠿ Container bitwarden-identity Starting 0.3s
⠿ Container bitwarden-api Starting 0.3s
⠿ Container bitwarden-mssql Starting 0.3s
⠿ Container bitwarden-sso Starting 0.3s
⠿ Container bitwarden-events Starting 0.3s
⠿ Container bitwarden-web Starting 0.3s
⠿ Container bitwarden-notifications Starting 0.3s
⠿ Container bitwarden-attachments Starting 0.3s
⠿ Container bitwarden-icons Starting 0.3s
⠿ Container bitwarden-admin Created 0.1s
⠿ Container bitwarden-nginx Created 0.1s
Error response from daemon: network docker_default not found

Please help to fix this.

Thank you.

I may have missed it. But I can’t see in the code where one can specify dns-01 with a wait time for a Let’s Encrypt challenge on ./bitwarden install.

Self-hosters running in VMs behind proxies will have real issues using other, non pause-able LE challenges.

Without this capability one has to run certbot on the VM and arrange to have certs renewed, copied to ./bwdata/ssl and restart the nginx container on a cron schedule.

Not hard but not convenient.

On the admin page I have the follow image, that the version locally is out of date.

While if I do the updateself and update of the script it will say "no update needed".
When running docker ps, I do see the version at 2023.4.1

I assume that there is a fault in the display, or version in the code that makes the admin page thinking there is an update available while it is up-to-date

It looks like there is an issue with updating self-hosted bitwarden instances. After some troubleshooting it looks like the source of the issue is the run script url in the bitwarden script. See below:

RUN_SCRIPT_URL="https://func.bitwarden.com/api/dl/?app=self-host&platform=linux&variant=run"

This URL as of 2022-08-22T17:18:55Z UTC returns the following data:
StackExchange.Redis.RedisConnectionException: No connection is active/available to service this operation: GET self-host/run.sh; It was not possible to connect to the redis server(s). ConnectTimeout, mc: 1/1/0, mgr: 10 of 10 available, clientName: appfunctions-9dcc4d77c-l2ksx, IOCP: (Busy=0,Free=1000,Min=24,Max=1000), WORKER: (Busy=2,Free=32765,Min=24,Max=32767), v: 2.1.58.34321
---> StackExchange.Redis.RedisConnectionException: It was not possible to connect to the redis server(s). ConnectTimeout
--- End of inner exception stack trace ---
at StackExchange.Redis.ConnectionMultiplexer.ThrowFailed[T](TaskCompletionSource1 source, Exception unthrownException) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 2769 --- End of stack trace from previous location --- at Proxies.Downloads.GetDownloadUrlAsync(ValueTuple4 valueTuple) in /home/runner/work/misc/misc/AzureFunctions/prod/AppFunctions/Downloads.cs:line 192
at Proxies.Downloads.Run(HttpRequest req, ILogger log) in /home/runner/work/misc/misc/AzureFunctions/prod/AppFunctions/Downloads.cs:line 174

It looks like it is probably an issue for both linux and windows users.

I've got a brand new instance of Bitwarden up and running.

The host VM is Ubuntu 22.10 if that matters.

All containers are healthy except sso when I issue docker ps command. When I look at the log files I see in the SSO directory there are endless repeating entries of the following:

2023-02-18 01:08:47.224 +00:00 [Information] SSO started.
2023-02-18 01:09:27.829 +00:00 [Error] An unhandled exception has occurred while executing the request.
Microsoft.Data.SqlClient.SqlException (0x80131904): Cannot open database "vault" requested by the login. The login failed.
Login failed for user 'sa'.

--- End of stack trace from previous location ---
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
at Dapper.SqlMapper.QueryAsync[T](IDbConnection cnn, Type effectiveType, CommandDefinition command) in /_/Dapper/SqlMapper.Async.cs>
at Bit.Infrastructure.Dapper.Repositories.SsoConfigRepository.GetManyByRevisionNotBeforeDate(Nullable1 notBefore) in /home/runner/> at Bit.Core.Business.Sso.DynamicAuthenticationSchemeProvider.LoadAllDynamicSchemesIntoCacheAsync() in /home/runner/work/server/serv> at Bit.Core.Business.Sso.DynamicAuthenticationSchemeProvider.GetRequestHandlerSchemesAsync() in /home/runner/work/server/server/bit> at Bit.Sso.Utilities.SsoAuthenticationMiddleware.Invoke(HttpContext context) in /home/runner/work/server/server/bitwarden_license/s> at IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) at Bit.Core.Utilities.CurrentContextMiddleware.Invoke(HttpContext httpContext, ICurrentContext currentContext, GlobalSettings globa> at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpCo> ClientConnectionId:ca7d6b27-c42e-49bf-8e70-2755fea41d60 Error Number:2812,State:62,Class:162023-02-20 00:00:05.537 +00:00 [Error] An unhandled exception has occurred while executing the request. Microsoft.Data.SqlClient.SqlException (0x80131904): Could not find stored procedure 'dbo.SsoConfig_ReadManyByNotBeforeRevisionDate'. at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__208_0(Task1 result)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)

This is not an exhaustive copy and paste of the log but it is most of the major blocks.

I haven't made any changes or updates to any of the configuration files other than the necessary ones such as the port numbers in config.yml and the entries in the global environment file.

Thanks in advance.

Disclaimer: This is a copy of bitwarden/server#2989, since the Docker part moved to this repo

Steps To Reproduce

1. Install according to official documentation
2. Use an external storage mount for the data directory /etc/bitwarden. Examples:
   i. Official Docker docs for NFS: https://docs.docker.com/storage/volumes/#create-a-service-which-creates-an-nfs-volume
   ii. EFS Volume on AWS Fargate: https://docs.aws.amazon.com/AmazonECS/latest/userguide/efs-volumes.html
   Expected Result
   Regular working Service with a highly available and easy to backup storage solution in the background.

Actual Result

The logs show a "permission denied" error when trying to set the permissions for /etc/bitwarden. This happens in the unified and the regular containers.
The exact line of code producing the error is for the regular installation this https://github.com/bitwarden/server/blob/master/src/Admin/entrypoint.sh#L33 and for the unified this https://github.com/bitwarden/server/blob/master/docker-unified/entrypoint.sh#L97.

After some investiagation the underlying problem seems to be that the application user is created in the entrypoint.sh script and thus the /etc/bitwarden directory is owned by root:root during the container creation when the mount is happening. Changing permissions to a mounted directory is not possible afterwards, thus the application does not have permissions to /etc/bitwarden during runtime and does not work.

Screenshots or Videos

No response

Additional Context

Best practice by Docker seems to be to create the user with an explicit UID/GID during the image creation and not during container startup. Source: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
A change of this explicit UID/GID should then not be done in the entrypoint script but utilizing a remap as suggested by Docker: https://docs.docker.com/engine/security/userns-remap/

Build Version

bitwarden/server@8d9ca424a1ec2079cc2508be5c23a4883987ea69-dirty and 2023.4.3

Environment

Self-Hosted

Environment Details

Tested on various Setups including:

• Server installation on Ubuntu LTS 22.04 and 20.04 using an external NFS storage mount.
• AWS ECS Fargate installation with and EFS share

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

Hi,

I have successfully setup Bitwarden in an Alpine machine on my tiny ESXi server. Created account, imported passwords - setup Browser clients, All works fine!

Now I shut down this VM1 and copied it with VMware vCenter Converter Standalone Client to another datastore on the same ESXi server with a different name.

This was reported as successful I started The VM2 and called it with IP in the browser I can see the login screen BUT I cannot log in with email and master password which I used in the VM1 which is still working fine.

What have I done wrong?

Are there some commands to repair or update Bitwarden in the VM2 so that I con login there.

Pls. Advice

Many THX

Just upgraded bitwarden.sh to 2022.6.0. Server is now reporting as 2022.6.2, but web is reporting as 2022.6.1 while the release info for this version indicates that web should be updated to 2022.6.2.

I'm running version 2022.12.0 of Bitwarden self-hosted on a Ubuntu 22.04 Live Server host.

I can browse my vault on my local network but when I enter all my details and click the "Create account" button, nothing happens. The screen stays on the page where I have filled all the fields.

There doesn't appear to be an update that I'm missing. I've completely removed my Ubuntu host and started from the beginning. After the new install of Bitwarden is up and running the same thing is happening.

I've tried multiple browsers.

Thanks in advance.