Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Bitwarden - Self-hosted password manager

Scheduled Pinned Locked Moved Solved App Wishlist
218 Posts 20 Posters 43.5k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    replied to girish on last edited by
    #61

    @girish Hmm... it doesn't seem to be working correctly.

    I'm getting:

    Jun 26 17:55:25 thread 'main' panicked at 'Could not authenticate with http://8e50545e-6293-459d-8aa8-5abdb13695dc-ldap_sync:3000. Error { kind: Hyper(Error { kind: Connect, cause: Os { code: 111, kind: ConnectionRefused, message: "Connection refused" } }), url: Some("http://8e50545e-6293-459d-8aa8-5abdb13695dc-ldap_sync:3000/admin/") }', src/bw_admin.rs:62:17
    

    It appears that the hostname is the hostname of the ldap_sync container that the cron job spawned? Is that correct? When I open a terminal for the app, it just gives the first part without ldap_sync, which seems right.

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #62

    @iamthefij This is indeed a bug 🤦 CLOUDRON_APP_HOSTNAME is meant to be a constant and should be set to 8e50545e-6293-459d-8aa8-5abdb13695dc. For cron jobs, it is setting the env var as the hostname by mistake.

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #63

    @iamthefij In /home/yellowtent/box/src/docker.js at line 190,

    `CLOUDRON_APP_HOSTNAME=${name}`,
    

    Replace the above as:

    `CLOUDRON_APP_HOSTNAME=${app.id}`,
    

    Then systemctl restart box. Does that fix the problem?

    1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to iamthefij on last edited by
    #64

    @iamthefij do you mean https://git.cloudron.io/fbartels/bitwardenrs-app/blob/master/Dockerfile#L1 ?

    That was so that just a single line needs to be changed when bitwarden is updated.

    iamthefijI 2 Replies Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    replied to fbartels on last edited by
    #65

    @girish roger. That worked! Now I'm getting some new error from within Bitwarden_rs, which is good and means that it's actually hitting the server!

    @fbartels got it. That could also be facilitated using an ARG.

    It doesn't matter too much. The difference is really just in caching, but it doesn't look like the Cloudron build servers do caching.

    1 Reply Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    replied to fbartels on last edited by
    #66

    @fbartels I'm not sure if something is different in my configuration... but if I visit my site at bitwarden.example.com/admin from a private window with no cookies, I'm not getting a basic auth prompt.

    Is that working for you?

    fbartelsF 1 Reply Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    wrote on last edited by iamthefij
    #67

    @girish is there anything that might prevent this container from querying LDAP?

    I'm getting the following error:

    Jun 27 18:30:57 thread 'main' panicked at 'rc=1 (operationsError), dn: "ou=users, dc=cloudron", text: "No such app"', src/main.rs:21:9
    

    To verify that it's something to do with the cron container, I generate the config file and cat it to the log in the main application as well as the schedule container. I diffed the two configs and they are identical.

    However, when I run the sync script from the terminal attached to the main container, it works correctly. From the scheduled container, I get this error.

    Any ideas? I'm actually unable to find out where the "No such app" comes from. It is a pretty generic term, so searching online isn't much help. I did check the bitwarden_ldap_sync codebase, the Rust ldap3 codebase, and the box codebase, but no luck.

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #68

    @iamthefij I think that's the LDAP server not allowing scheduler containers from accessing it. Can you try this - https://git.cloudron.io/cloudron/box/commit/22d731f06da98af196c43e6713bf0ce551107fa6 ?

    iamthefijI 1 Reply Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    replied to girish on last edited by
    #69

    @girish woo!!! That did it! I'll just clean up all the stuff I did for debugging and I can publish it after the next Cloudron update.

    1 Reply Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    wrote on last edited by
    #70

    @fbartels in addition to the admin page issue described above, I'm running into email sending issues again.

    This time I'm not having success with any setting.

    Explicit TLS only: Bitwarden hangs and times out when trying to invite/send with a panic:

    Jun 28 03:35:56 thread 'main' panicked at 'Could not call with http://90859b46-d863-4609-a83a-79c5f010254c:3000/admin/invite. Error { kind: Io(Custom { kind: TimedOut, error: StringError("timed out") }), url: Some("http://90859b46-d863-4609-a83a-79c5f010254c:3000/admin/invite") }', src/bw_admin.rs:134:21
    Jun 28 03:35:56 stack backtrace:
    Jun 28 03:35:56 0: std::sys::unix::backtrace::tracing::imp::unwind_backtrace
    Jun 28 03:35:56 at src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:39
    Jun 28 03:35:56 1: std::sys_common::backtrace::_print
    Jun 28 03:35:56 at src/libstd/sys_common/backtrace.rs:70
    Jun 28 03:35:56 2: std::panicking::default_hook::{{closure}}
    Jun 28 03:35:56 at src/libstd/sys_common/backtrace.rs:58
    Jun 28 03:35:56 at src/libstd/panicking.rs:200
    Jun 28 03:35:56 3: std::panicking::default_hook
    Jun 28 03:35:56 at src/libstd/panicking.rs:215
    Jun 28 03:35:56 4: std::panicking::rust_panic_with_hook
    Jun 28 03:35:56 at src/libstd/panicking.rs:478
    Jun 28 03:35:56 5: std::panicking::continue_panic_fmt
    Jun 28 03:35:56 at src/libstd/panicking.rs:385
    Jun 28 03:35:56 6: std::panicking::begin_panic_fmt
    Jun 28 03:35:56 at src/libstd/panicking.rs:340
    Jun 28 03:35:56 7: bitwarden_rs_ldap::bw_admin::Client::invite
    Jun 28 03:35:56 8: bitwarden_rs_ldap::invite_from_ldap
    Jun 28 03:35:56 9: bitwarden_rs_ldap::main
    Jun 28 03:35:56 10: std::rt::lang_start::{{closure}}
    Jun 28 03:35:56 11: std::panicking::try::do_call
    Jun 28 03:35:56 at src/libstd/rt.rs:49
    Jun 28 03:35:56 at src/libstd/panicking.rs:297
    Jun 28 03:35:56 12: __rust_maybe_catch_panic
    Jun 28 03:35:56 at src/libpanic_unwind/lib.rs:87
    Jun 28 03:35:56 13: std::rt::lang_start_internal
    Jun 28 03:35:56 at src/libstd/panicking.rs:276
    Jun 28 03:35:56 at src/libstd/panic.rs:388
    Jun 28 03:35:56 at src/libstd/rt.rs:48
    Jun 28 03:35:56 14: main
    

    Enable SSL only: Bitwarden hangs and times out when trying to invite/send

    Jun 28 03:37:54 [Fri Jun 28 03:37:54.553168 2019] [proxy_http:error] [pid 34] (70007)The timeout specified has expired: [client 172.18.0.1:36626] AH01102: error reading status line from remote server 127.0.0.1:3000, referer: https://bitwarden.iamthefij.com/admin
    

    With both enabled: I get the handshake error.

    Jun 28 03:40:52 [2019-06-28 03:40:52][bitwarden_rs::error][ERROR] Error sending email. handshake error
    
    1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to iamthefij on last edited by
    #71

    @iamthefij yes, http auth is working in my branch.

    I think I should add that I am not using the app for my production bitwarden install. This is still running on a different system.

    I have also seen quite some weird behaviour in regards to the mail integration, but did not yet have the time or interest in really digging into it.

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #72

    Given that the email error is Timeout, could it be that the mail server hostname or port configuration is not set correctly?

    1 Reply Last reply
    0
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    wrote on last edited by
    #73

    Sorry if this is a newbie question (somewhat new to Cloudron) but how does one install this as a community app? I have the option for unstable apps showing enabled, but I do not see Bitwarden in the list of apps I can install. Am I missing something?

    --
    Dustin Dauncey
    www.d19.ca

    1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #74

    @d19dotca Apps that are not published yet have to be built by hand. It's easy to build though:

    git clone <app repo>
    npm install -g cloudron-cli
    cloudron build # this will ask your cloudron.io login
    cloudron install # this will ask you for your cloudron's login
    
    murgeroM 1 Reply Last reply
    1
  • murgeroM Offline
    murgeroM Offline
    murgero App Dev
    replied to girish on last edited by
    #75

    @girish Is the cloudron build command usable to all users or just developers right now?

    --
    https://urgero.org
    ~ Professional Nerd. Freelance Programmer. ~
    Matrix: @murgero:urgero.org

    necrevistonnezrN 1 Reply Last reply
    0
  • necrevistonnezrN Away
    necrevistonnezrN Away
    necrevistonnezr
    replied to murgero on last edited by
    #76

    @murgero It's available to anyone, using the cli tool (https://cloudron.io/blog/2017-03-08-cli-part2.html)

    murgeroM 1 Reply Last reply
    0
  • murgeroM Offline
    murgeroM Offline
    murgero App Dev
    replied to necrevistonnezr on last edited by
    #77

    @necrevistonnezr in theory sure, but last I tried (about a month ago) it said my user account was denied access (error 503)

    --
    https://urgero.org
    ~ Professional Nerd. Freelance Programmer. ~
    Matrix: @murgero:urgero.org

    1 Reply Last reply
    0
  • iamthefijI Offline
    iamthefijI Offline
    iamthefij App Dev
    wrote on last edited by
    #78

    Started digging back into email sending and got closer.

    I just noticed that the Cloudron docs say that the STARTLS uses a self signed cert, which makes sense given that the host I'm using is mail and not my.example.com.

    So I switched back to unencrypted and enabled more verbose logging. Ended up with:

    Jul 25 16:34:22 [2019-07-25 16:34:22][rocket::rocket][INFO] POST /admin//invite/ application/json:
    Jul 25 16:34:22 [2019-07-25 16:34:22][_][INFO] Matched: POST /admin/invite (invite_user)
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] connecting to 172.18.0.6:2525
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Read: 220 my.example.com ESMTP Haraka/2.8.23 ready<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp][INFO] connection established to 172.18.0.6:2525
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Wrote: EHLO 90859b46-d863-4609-a83a-79c5f010254c<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Read: 250-my.example.com Hello 90859b46-d863-4609-a83a-79c5f010254c.cloudron [172.18.0.12]Haraka is at your service.<CRLF>250-PIPELINING<CRLF>250-8BITMIME<CRLF>250-SMTPUTF8<CRLF>250-SIZE 26214400<CRLF>250 AUTH LOGIN PLAIN<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp][DEBUG] server my.example.com with {Authentication(Login), Authentication(Plain), SmtpUtfEight, EightBitMime}
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp][INFO] No supported authentication mechanisms available
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Wrote: MAIL FROM:<bitwarden.app@example.com> BODY=8BITMIME SMTPUTF8<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Read: 550 Mail from domain 'example.com' is not allowed from your host<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Wrote: QUIT<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][lettre::smtp::client][DEBUG] Read: 221 my.example.com closing connection. Have a jolly good day.<CRLF>
    Jul 25 16:34:22 [2019-07-25 16:34:22][bitwarden_rs::error][ERROR] Error sending email. Mail from domain 'example.com' is not allowed from your host
    Jul 25 16:34:22 [2019-07-25 16:34:22][_][INFO] Outcome: Success
    Jul 25 16:34:22 172.18.0.1 - User [25/Jul/2019:16:34:22 +0000] "POST /admin/invite/ HTTP/1.1" 400 990 "https://bitwarden.example.com/admin" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Firefox/68.0"
    Jul 25 16:34:22 [2019-07-25 16:34:22][_][INFO] Response succeeded.
    Jul 25 16:34:24 [Thu Jul 25 16:34:24.254775 2019] [access_compat:error] [pid 32] [client 172.18.0.1:37122] AH01797: client denied by server configuration: proxy:http://127.0.0.1:3000/admin/
    

    So this is definitely more descriptive. Seems like the server is rejecting the request.

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #79

    : 550 Mail from domain 'example.com' is not allowed from your host<CRLF>

    Can you check if the email for example.com is not set to Disabled under the outbound relay email settings?

    1 Reply Last reply
    0
  • necrevistonnezrN Away
    necrevistonnezrN Away
    necrevistonnezr
    wrote on last edited by
    #80

    Tried updating the bitwardenrs-app today to its current domain; usually it would just install (and upgrade) the app. Today I got the following error:

    ➜ cloudron install
    ERROR (node:9463) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification. [ internal/process/warning.js:27:3 ]
    Location: bit
    ERROR Failed to install app. Domain 'bitwarden.domain.com' is in use [ /Users/user/.nvm/versions/node/v12.7.0/lib/node_modules/cloudron/src/helper.js:68:29 ]
    
    necrevistonnezrN 1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.