Invalid TOTP code after latest pull?

Hello all.

I have been using bitwarden_rs/vaultwarden docker image through a reverse proxy (npm) since 2018.

Some hours ago, I guess due to the latest pull (1.30.2), I was locked out of the vault, as the 2FA code I was introducing is always incorrect:

[ERROR] Invalid TOTP code! Server time: 2024-01-31 12:30:12 UTC IP: 192.168.13.1

12:30 UTC is 13:30 GMT+1 in my area (Madrid, Spain) so time is synced.

I have checked and synced all my machines with NTP servers and right timezones (desktop pc where I try to access the vault, server with docker image running, router, etc.). I have checked environment variables of both reverse proxy and vaultwarden image, even forcing localtime to host:

environment:
  TZ: 'Europe/Madrid'
volumes:
  - /etc/localtime:/etc/localtime:ro

But nothing works.

Rest of 2FA codes I have work like a charm, even from the same server which is hosting the docker images apart from the vaultwarden one (plex, homeassistant, uptime-kuma, etc.).

Where could be the error?

Thanks in advance.

This is the desynchronization (1 hour) on the server part, as shown in /admin/diagnostics.

Recreating the container does not fix it.

How could I force it to match the correct hour/timezone?

Captura de pantalla 2024-01-31 1532351061×698 26.2 KB

I would perhaps check to see if you have the proper tz docker variable set for your local time zone possibly.

I believe you may be also able to disable your user 2FA from the /admin interface as a means to gain access, though that doesn’t fix the root issue.

Thank you for the inputs.

I finally rebooted the system, and now it is synced again.

I guess it could have been some system update which messed the server timezone.