@james said in Vaultwarden fails to start after update – DB migration error (SSO):
Hello @archos
I think, I have the same issue.
This is the log:
[2025-12-29 19:23:43.075][panic][ERROR] thread 'main' panicked at 'Error running migrations: QueryError(DieselMigrationName { name: "2024-03-06-170000_add_sso_users", version: MigrationVersion("20240306170000") }, DatabaseError(Unknown, "Referencing column 'user_uuid' and referenced column 'uuid' in foreign key constraint 'sso_users_ibfk_1' are incompatible."))': src/db/mod.rs:505
And seems to be already reported upstream: https://github.com/dani-garcia/vaultwarden/issues/6611
EDIT:
I followed the guided instructions and was able to fix it => https://github.com/dani-garcia/vaultwarden/wiki/Using-the-MariaDB-(MySQL)-Backend#foreign-key-errors-collation-and-charset
be sure to replace "vaultwarden" in the SQL querries with your cloudron database name.
I experienced the exact same issue when upgrading to the latest version. I managed to resolve it following @james's suggestion.
Here is a recap of the step-by-step process I executed, which might help others:
Enter Recovery Mode
Go to the Cloudron dashboard and enable Recovery Mode for your Vaultwarden application.
Access the MySQL Database
Open the application Terminal and click the MySQL button to access the database console..
Identify the Vaultwarden Database Name
Run the following command to see the list of databases:
SHOW DATABASES;
Note the database name that appears (it is usually a random string like 9121d...). You will need this for the next steps.
Change the Database Charset
Replace YourDatabaseVaultwarden in the command below with the actual database name retrieved in Step 3, then run:
ALTER DATABASE `YourDatabaseVaultwarden` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
Generate Table Modification Commands
Run this query to generate the specific ALTER TABLE commands for your existing tables:
SELECT CONCAT('ALTER TABLE `', TABLE_NAME,'` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;')
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA="YourDatabaseVaultwarden"
AND TABLE_TYPE="BASE TABLE";
Copy the output generated by this command. You can paste this list into ChatGPT or Gemini and ask it to format it for the next step (wrapping it between the foreign key check commands).
Execute the Final Fix
The final command block should follow this structure:
SET foreign_key_checks=0;
-- Copy/Paste the output from above here
SET foreign_key_checks=1;
If you are unsure about the formatting, I simply copied the raw table list from the terminal in Step 5 and asked an AI to format it into valid MySQL syntax using the structure above.
Here is an example of what the final command looks like (Note: Do not copy-paste the specific table list below; use the one generated from your own database in Step 5, as your tables might differ):
SET foreign_key_checks=0;
ALTER TABLE `__diesel_schema_migrations` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `attachments` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `ciphers_collections` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `ciphers` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `collections` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `devices` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `emergency_access` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `favorites` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `folders_ciphers` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `folders` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `invitations` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `org_policies` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `organizations` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `sends` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `twofactor_incomplete` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `twofactor` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `users_collections` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `users_organizations` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE `users` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
SET foreign_key_checks=1;
Once you have adapted the command to your specific tables, execute it in the MySQL terminal.
Finally, disable Recovery Mode and restart your Vaultwarden app. Hopefully, this serves as a solution for you as well.
Apologies if there are any technical inaccuracies; I utilized AI to guide me through this solution, and thankfully, it worked perfectly.
Thanks,
Regards
