Hey all,
i have an issue (for a long time) that my Firefox browser never keeps me logged in.
If I do my first ever initial login, i enter my Email and Password. And then 2FA.
When I refresh my browser session (F5), it brings me to the Vault Lock:
If I close the session, and reopen a new tab right after, it brings me here:
As you see, it asks for my email and then my password. I DO NOT need to reenter my 2FA. 2FA is only being asked once.
But every new tab i open, im back at the Email Screen. It doesnt even remember the Email.
About my Configuration:
- Running on Raspberry Pi 4GB 64-bit Raspbian Bullseye
- Running vaultwarden:latest/testing
- My docker compose for Vaultwarden (updated it recently, but the old version i had had the same issue):
version: '2'
services:
bitwarden:
image: vaultwarden/server:testing
container_name: bitwarden
hostname: bitwarden
ports:
- "8080:80"
- "3012:3012"
volumes:
- Bitwarden:/data
environment:
LOG_FILE: '/data/vaultwarden.log'
TZ: 'Europe/Berlin'
INVITATIONS_ALLOWED: 'false'
SIGNUPS_ALLOWED: 'false'
ADMIN_TOKEN: '$$argon2idXXXXXXXXXXXXXXX
PUSH_ENABLED: 'true'
PUSH_INSTALLATION_ID: 'e8e44e47-XXXXXXXXX'
PUSH_INSTALLATION_KEY: 'ZurXXXXXXXXXXXXX'
SHOW_PASSWORD_HINT: 'false'
restart: always
volumes:
Bitwarden:
external: true
Also here my nginx conf:
# The `upstream` directives ensure that you have a http/1.1 connection
# This enables the keepalive option and better performance
# Define the server IP and ports here.
upstream vaultwarden-default {
zone vaultwarden-default 64k;
server 127.0.0.1:8080;
keepalive 2;
}
# Needed to support websocket connections
# See: https://nginx.org/en/docs/http/websocket.html
# Instead of "close" as stated in the above link we send an empty value.
# Else all keepalive connections will not work.
map $http_upgrade $connection_upgrade {
default upgrade;
'' "";
}
# Redirect HTTP to HTTPS
server {
listen 80;
listen [::]:80;
server_name bitwarden.furrkan.de;
if ($host = bitwarden.furrkan.de) {
return 301 https://$host$request_uri;
}
return 404;
}
server {
# For older versions of nginx appened http2 to the listen line after ssl and remove `http2 on`
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bitwarden.furrkan.de;
ssl_certificate /etc/letsencrypt/live/bitwarden.furrkan.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/bitwarden.furrkan.de/privkey.pem; # managed by Certbot
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_trusted_certificate /etc/letsencrypt/live/bitwarden.furrkan.de/fullchain.pem;
client_max_body_size 525M;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://vaultwarden-default;
}
# Optionally add extra authentication besides the ADMIN_TOKEN
# Remove the comments below `#` and create the htpasswd_file to have it active
#
#location /admin {
# # See: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
# auth_basic "Private";
# auth_basic_user_file /path/to/htpasswd_file;
#
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection $connection_upgrade;
#
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
#
# proxy_pass http://vaultwarden-default;
#}
}
As final thing, i have checked also via F12 in Firefox the Console for any Errors. These Errors come when open a new firefox tab (after initial login with 2FA, the screen popos up with enter email (See above):
I dont think anything really in here related to my issue (Cloudflare and font ones are imo not related to this, i switched to cloudflare recently and the issue was existing before it too)
Im open for any ideas, thanks!
PS: I tried Edge in Incognito too, same issue.