Invitation link mail

1

Hello to everyone,

I’ve been using Vaultwarden on my synology for over a year just for myself and it works perfectly, but I like it so much that I thought about using it for the whole family.

I use it under a reverse proxy and I have been able to send invitations, but the link they receive in the email does not work, chrome says that this website cannot be accessed and the error DNS_PROBE_FINISHED_NXDOMAIN, but I do not see any error in the logs of my nginx, in addition, I see in the link that these 2 parameters are all zeros organizationId=00000000-0000-0000-0000-000000000000&organizationUserId=00000000-0000-0000-0000-000000000000.

I’ve searched the forum and haven’t seen anything that helps me.

I attach my email link (removing domain and email):
https://vw.MyPersonalDomine.com/#/accept-organization/?email=myPersonalMail%40gmail.com&organizationName=Vaultwarden_Personal&organizationId=00000000-0000-0000-0000-000000000000&organizationUserId=00000000-0000-0000-0000-000000000000&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE3Mzk3NzI0NjcsImV4cCI6MTc0MDIwNDQ2NywiaXNzIjoiaHR0cHM6Ly92dy5sb3N1cGVybmFzLmR1Y2tkbnMub3JnfGludml0ZSIsInN1YiI6ImVhNTkwMmZmLTA0NjMtNDBlOS1iMDVkLTc5MThkYjM1NjVmOSIsImVtYWlsIjoiY2FybG9zLmJvbmV0LnZlbnR1cmFAZ21haWwuY29tIiwib3JnX2lkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwibWVtYmVyX2lkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwiaW52aXRlZF9ieV9lbWFpbCI6bnVsbH0.Q_sWcQQXJLn0etQAjKLQW9GELjvyxF_XfBDml3wlyJskiEA1ggV9-B2KnvzEioOrzqlx-GqMYIQMpJrtluIdXnRq7dGMmTlYYoyrXHAmYbOnQ_XRyWEj8JFj2h-Xvz26wnwbqrxy9a2MDbrjU3ArcsyaXlgYunb-ZyDT7Sh4aQeidRvBYB0cJUAmwl5x1zW68K3AU3mWSt18cbAjDtq3a1k8NrM-wexzw2UECVjZjcZIcTuRnGJ05bGwI6YFz05vyIT65jTPrJwwunGPliNqvey_-eJMipYS7-s-YlRoOAkeU7ap1e6v6VcSKkl1ggjCWzXImGfgn9Btc4SHnNbd7g

I attach my diagnostic link

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.33.2
  • Web-vault version: v2025.1.1
  • OS/Arch: linux/x86_64
  • Running within a container: true (Base: Debian)
  • Database type: SQLite
  • Database version: 3.48.0
  • Environment settings overridden!: true
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: false
  • HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN

Config:

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://**********************",
  "domain_origin": "*****://*************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden_LoSuper",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": true,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "******************",
  "smtp_from_name": "Carlos Bonet",
  "smtp_host": "**************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "******************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Thanks in advance

2

That error the browser returns states something is wrong with the domain, or resolving the domain. It can’t even reach the server, which is why you see nothing in the logs.

3

I understand what you’re telling me, but I have many websites hosted on my server, both on my nginx server and applications in dockers that have their own website like vaultwarden and none of them are giving me problems.

I have validated the domain resolutions with nslookup and all the network tools I have found and I don’t see any problem at all, in fact I think that if it were a domain resolution issue, I wouldn’t be able to access the vaultwarden page of my server (yes I can) and I wouldn’t be able to have a certificate (https) associated with the domain (yes I have).

Since my intention was to be able to create users and I have seen that by sending the invitation and then entering vaultwarden I can also create users, I will continue down this path.

But I’m pretty sure that the problem is caused by some incompatibility issue between vaultwarden and the nginx server that comes by default in synology (6.2) and whose configuration synology doesn’t allow you to modify (nginx.conf) or synology’s reverse proxy redirection that doesn’t give many configuration options either (I’ve tried them all).

Although I have another path to follow, I continue with the problem.

Whether it is a problem with my server or the vaultwarden docker, do you have any other ideas that do not involve modifying nginx or synology reverse proxy to determine the cause of the problem?

Thank you so much.

4

If it was an nginx vs Vaultwarden issue, i would have expected a 500 error, which is not what they browser shows.

Steps to figure out are.

  1. Check the developer console of the browser (F12) and look at the request and response
  2. Check the nginx logs
  3. Check the Vaultwarden logs, maybe set LOG_LEVEL to either debug or trace which would show connection attempts even if they end up in not working.
5

thanks a lot i will do that.

6

There is a tutorial here on how to create config file based (not GUI based) nginx setup in DSM allowing use of the full nginx feature set. I tried it last month here and it worked like a charm.