Hello,
I need some help with this (Vaultwarden) addon in my environment, please.
Eventually someone here knows what to do or has some hint for me.
I’m running most recent version of HA on a VM in a Proxmox VE. So far so good - works as expected, no issues here.
Now I’d like to use Vaultwarden addon but have my difficulties to make it work fully.
I suspect the reverse proxy (HAProxy) and its config in some way to be the issue but not sure.
In fact, I can connect to HA and Vaultwarden via their respective sub-domains over the internet (https), that’s no problem. also internal connection via http and respective IP is possible. The encryption for external access is handled by the reverse proxy.
The problem is that I cannot configure my Vaultwarden via internal URL that is: http://10.10.30.3:7277/admin
I can access that login page and with the respective admin-token it is possible to get in.
Even using the menu tabs (Settings, Users, …) in top menu is possible, but nothing else in each of these menus.
For example, I cannot open any of the options available under “Settings”.
Clicking on each of them has no effect at all. I already tried different Browsers but that’s not the problem.
The “Diagnostics” tab says the following and I personally suspect the issue to be the mismatching “Domain Configuration” which is present for some reason.
(The “no https” is intentionally because of the reverse proxy in place btw.)
Till now I found no way to make the “Server” URL same with “Browser” URL.
Could that be related to the Reverse Proxy I use? I followed the instructions under https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples and here the guide from RichardMawdsley (last one in the list because this is in accordance with my setup).
I set up Webauth 2fa on my bitwarden account. In the web vault en browser extention i am able to login but the IOS app i can’t.
When i login on the IOS App it tries to open the page https://vault.mydomain.org/webauthn-mobile-connector.html and shows a 404 - Not Found.
Installed this add-on and setup a Proxy Host (ex. mydomain) and SSL certificate (lets encrypt) in the NGnix add-on. I also set the BitWarden server setting to https://mydomain. But when I go to https://mydomain, I get a “502 Bad Gateway” error
Config:
ssl: true
certfile: fullchain.pem
keyfile: privkey.pem
log_level: info
request_size_limit: 10485760
Log:
[19:19:02] FATAL: SSL has been enabled using the 'ssl' option,
[19:19:02] FATAL: this requires a SSL certificate file which is
[19:19:02] FATAL: configured using the 'certfile' option in the
[19:19:02] FATAL: add-on configuration.
[19:19:02] FATAL:
[19:19:02] FATAL: Unfortunately, the file specified in the
[19:19:02] FATAL: 'certfile' option does not exists.
[19:19:02] FATAL:
[19:19:02] FATAL: Please ensure the certificate file exists and
[19:19:02] FATAL: is placed in the '/ssl/' directory.
ssl: true
certfile: /nginxproxymanager/live/npm-12/fullchain.pem
keyfile: /nginxproxymanager/live/npm-12/privkey.pem
log_level: info
request_size_limit: 10485760
Just look in your /ssl/nginxproxymanager/live folder. The subfolder with the highest number is the most recent proxy host you created. Then just update your Bitwarden add-on config as shown above (replacing “npm-12” with your folder name).
Hi, since a few days back I can no longer sync my client with my vaultwarden. This is mostly noticable with i try to add a new entry and it is not being accepted. Has anything changed, do I need to forward any specific ports to vaultwarden, did not need to do it before.
Anyone know if it is possible to use a hardware key (like Yubikey) with the Bitwarden RS Home Assistant add-on? I did a search in the forums and found this thread but no one had responded to it.
But there doesn’t seem to be a way to pass the values into the add-on from the Configuration screen.
When I try to set up the YubiKey as a Two-step login key (by clicking the “Manage” button) it complains:
… likely because I haven’t set up the environment variables. I see that there’s a way to pass in the Configuration in a raw YAML format but I don’t know what it expects, if anything, for setting environment variables.
I am starting a whole new system. Is there a way to export the old instance and import?
The bitwarden site suggests:
Make a full copy of the ./bwdata directory of the old server. This copy will be used to recreate your configuration, database, attachments, etc. on the new server.
I have no experience, but to be on the safe side you should in any case use the functionality in vaultwarden to export all your passwords, then you can still import them again if your idea of copying the directory doesn’t work.
Apologies if I’m stating the obvious (probably I am) and let us know whether your technique worked.
Bitwarden works wonderfully without any hiccups but I am getting errors and warning every 10sec
It is filling up the log.
Does anyone know how to fix these?
[2022-10-26 09:04:58.022][request][INFO] OPTIONS /
[2022-10-26 09:04:58.022][][ERROR] No matching routes for OPTIONS /.
[2022-10-26 09:04:58.022][][WARN] No 404 catcher registered. Using Rocket default.
[2022-10-26 09:04:58.022][response][INFO] 200 OK
Raspberry Pi 4 / 4GB
Home Assistant 2022.10.5
Supervisor 2022.10.0
Operating System 9.2
Frontend 20220907.2 - latest
I am trying to set this up but failing badly, I managed to get to the log in page after entering the token from the log files but when I try to log in to says HTTPS is required.
Reading into this it seems I need to set up a domain using duckdns and then provide a certificate using nginix proxy manager or let’s encrypt, I have tried following a few guides online, but they all seem to be old and do not fit my use case (I currently use Nabu Casa and I am not sure if you can set up duckdns or cloud flare and have both running side by side)
Was wondering if this can be set up using Nabu casa and if there was a guide for it?
If not, I guess the alternative is to continue to try setting up either cloudflare or duckdns, does anyone have a recent guide for this this can do can it be used alongside Nabu Casa?
Deek,
I would be keen to follow what happens here. So many addons and integrations that are supported by HA seem to rely on a duck dns, lets encryot and other security measures.
I also have signed up to nabu Casa. I did so as it was purpose built for HA by the developers. I am slightly dissapointed that so many great integrations and addons have such difficulty in installation. I know Nabu Casa is only $5 month. I would be more than happy to pay $10 month if it means that HA developers assist those users of us who are not programmers to better integrate these addons etc.
That’s my two cents
Pat
after reading many articles online and watching many youtube tutorials, I managed to get everything working using NGINX Proxy manager, I have Nabu Casa running alongside the proxy manager, I used a duck dns account to set up the Nginx proxy manager and managed to set up rules in my router to connect to bitwarden and home assistant using the duckdns domain I created.
Any chance you could provie the steps you used to configure nginx with duckdns and vaultwarden?
I have the vaultwarden addon installed and running, and although I can access things saved in the vault remotely via a duckdns entry and the port, I seem to be having trouble saving new entries in vault warden when used remotely.
I am wondering if this is somehow a type of security or certificate problem, so perhaps nginx would help me, but I have no idea how to setup or configure it
anyone already tried the paswordless authentication feature? I can turn it on in the app settings but when login in via the web vault the option for this login isn’t available
Wanted to login in the webvault. Apps working flawlessly. Browser extensions too. But if I want to login in the webvault i get the https needed notice. But I have deactivated ssh / secure login as I only login in the local network. Any hints?
Is there any way to get the admin key after some time? I didn’t save it and forgot the password for one of the users. I wanted to create a new user, but unfortunately his email is already in use…
I’m facing a similar problem. I do have my “admin token” (also called the “authenticiation key”) but somehow it’s not working.
Maybe because I changed my master password and chose the option to also rotate my “Encryption key”?
I found this article which says to look into config.json
If I look into the home assistant backups file and open the bitwarden tar file I do see a addon.json (so not config.json) file which has an “access_token” and an “ingress_token” but those tokens don’t work. This article says there should be a setting.yml file with an admin_token but I don’t find that in the tar file.
How can I regain access to the admin panel? The only thing I can think of is to make an export of all my passwords, then uninstall the vaultwarden addon and then reinstall it and then reimport the backup of the passwords.