I’m using the Container Manager of DSM 7.2 to build a Vaultwarden instance on my Synology DS. It works until I want to login into the admin site. In the log I see the notice:
[NOTICE] You are using a plain text `ADMIN_TOKEN` which is insecure.
And when I type in my token (why is it called that and not passphrase or something?) I get the message “Error: Invalid admin token, please try again.”
Even though I used the recommended way to create that ADMIN_TOKEN. I tried putting it between ’ and ’ I tried with additional $ but nothing worked. I even removed spaces in the token. There is also no config.json in the vaultwarden folder.
I don’t know how DSM works, but did you redeploy’d the container? Because restarting doesn’t work.
Okay, by completely redeploying the container I got rid of the plain text token warning in the log. But it still says, token invalid when I try to log in.
My compose.yml is currently looks like this.
version: '3'
services:
vaultwarden:
container_name: vaultwarden
image: vaultwarden/server:latest
restart: unless-stopped
volumes:
- /volume1/docker/vaultwarden:/data/
ports:
- 3012:3012
- 8122:80
environment:
DOMAIN: "https://"
LOGIN_RATELIMIT_MAX_BURST: 10
LOGIN_RATELIMIT_SECONDS: 60
ADMIN_RATELIMIT_MAX_BURST: 10
ADMIN_RATELIMIT_SECONDS: 60
ADMIN_TOKEN: "$$argon2id$$v=19$$m=19456,t=2,p=$$"
SENDS_ALLOWED: true
EMERGENCY_ACCESS_ALLOWED: true
WEB_VAULT_ENABLED: true
SIGNUPS_ALLOWED: false
SIGNUPS_VERIFY: true
SIGNUPS_VERIFY_RESEND_TIME: 3600
SIGNUPS_VERIFY_RESEND_LIMIT: 5
SMTP_HOST:
SMTP_FROM:
SMTP_FROM_NAME: Vaultwarden
SMTP_SECURITY: force_tls
SMTP_PORT: 465
SMTP_USERNAME:
SMTP_PASSWORD:
SMTP_AUTH_MECHANISM: "Plain"
How did you generated the token/hash?
I used this command:
echo -n "very secure and long password" | argon2 "$(openssl rand -base64 32)" -e -id -k 19456 -t 2 -p 1
I redid that and included the sed command to add the $$, before I did that in an editor manually. Maybe that did something which shouldn’t happened. Now it works.
Good to hear! Thanks for mentioning.