HTTPS nginx config

Hello,

for whatever reason (nothing changed) my bitwarden installation on my local server is not accessable anymore.
I own my domain bitwarden.mydomain.de and this is forwarded to my routers dyndns
all traffice on 443 and 80 are redirected to my server
on this server i have 3 docker container running
1.) SWAG
2.) Nextcloud
3.) bitwarden
each in a seperate container. Nextcloud is accessible but bitwarden not.

here the error log:

2022/12/06 12:01:54 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET /favicon.ico HTTP/2.0”, host: “bitwarden.mydomain”, referrer: “https:/bitwarden.mydomain.de/”
2022/12/06 12:01:54 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET /favicon.ico HTTP/2.0”, host: “bitwarden.mydomain”, referrer: “https:/bitwarden.mydomain.de/”
2022/12/06 12:02:07 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET / HTTP/2.0”, host: “bitwarden.mydomain”
2022/12/06 12:02:07 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET / HTTP/2.0”, host: “bitwarden.mydomain”
2022/12/06 12:02:07 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET /favicon.ico HTTP/2.0”, host: “bitwarden.mydomain”, referrer: “https:/bitwarden.mydomain/”
2022/12/06 12:02:07 [error] 300#300: 1 bitwarden could not be resolved (3: Host not found), client: 92.117.255.219, server: bitwarden., request: “GET /favicon.ico HTTP/2.0”, host: "bitwarden.mydomain, referrer: “https:/bitwarden.mydomain”

and there the nginx conf:

server {
listen 443 ssl;
listen [::]:443 ssl;

server_name bitwarden.*;

include /config/nginx/ssl.conf;

client_max_body_size 128M;

location / {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app bitwarden;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

location /admin {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app bitwarden;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

location /notifications/hub {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app bitwarden;
    set $upstream_port 3012;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

location /notifications/hub/negotiate {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app bitwarden;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

}

Thanks for your help

Hello @Surfer2010,

I’m by no means an expert in nginx (been meaning to learn one day soon) but from what I can gather you are forwarding 443 from nginx to port 80 for web traffic and 3012 for WebSocket notification updates for live sync between supported clients.

From the docker config I can see your Vaultwarden container is set to use the host ports 8743 which forwarding into the container port → 80 and host port 3743 → container port 3012

Perhaps check your docker run command, the docker-compose file, or whatever method used to spin up your Vaultwarden instance.
You may also wish to check if there is a update available for the image you are running.

Hope this helps :slight_smile:

Hi,

Thanks for your reply, but the instance did work for month now with exavtly this setting and all the sudden stopped beeing accessible the question is why since nothing changed at all.
Any other ideas why this could be the caae?

The issue was due to the nginx docker container not being in the same docker network as the vaultwarden container.
Topic can be closed.
Thanks

1 Like

I know networking especially docker network can always be tricky to wrap your head around sometimes.

Glad to hear you got it figured out. :+1: