Lost access to my server..?

hello all
i’ve been using Bitwarden/Vaultwarden for a little over a year now. (i’m still a Docker/self-hosting n00b)
in January i seem to have lost the ability to login/sync my vault with my server. i didn’t realize this as i mainly use the iOS app & haven’t been forced to log out but recently tried to log into the Mac app & was unable to. when trying to access via the local website i’m greeted with ERR_CONNECTION_REFUSED in the Brave/Chrome browser.
i don’t believe anything has changed in my config. here is my docker-compose.yaml:

  bw:
    image: vaultwarden/server
    container_name: bitwarden
    volumes:
      - './bitwarden_rs/data:/data'
    environment:
      - SIGNUPS_ALLOWED=false
      - SMTP_HOST=smtp.gmail.com
      - SMTP_FROM=*****
      - SMTP_PORT=587
      - SMTP_SSL=true          
      - SMTP_USERNAME=*****
      - SMTP_PASSWORD=*****
      - WEBSOCKET_ENABLED=true
    restart: always

i believe everything is starting up & running fine in the docker container but i’m unable to find any logs. (n00b)
if i run docker-compose up bw from the cli, i get the following:

Starting bitwarden ... done
Attaching to bitwarden
bitwarden        | /--------------------------------------------------------------------\
bitwarden        | |                        Starting Vaultwarden                        |
bitwarden        | |                           Version 1.27.0                           |
bitwarden        | |--------------------------------------------------------------------|
bitwarden        | | This is an *unofficial* Bitwarden implementation, DO NOT use the   |
bitwarden        | | official channels to report bugs/features, regardless of client.   |
bitwarden        | | Send usage/configuration questions or feature requests to:         |
bitwarden        | |   https://vaultwarden.discourse.group/                             |
bitwarden        | | Report suspected bugs/issues in the software itself at:            |
bitwarden        | |   https://github.com/dani-garcia/vaultwarden/issues/new            |
bitwarden        | \--------------------------------------------------------------------/
bitwarden        | 
bitwarden        | [INFO] No .env file found.
bitwarden        | 
bitwarden        | [2023-03-05 21:18:37.630][vaultwarden::api::notifications][INFO] Starting WebSockets server on 0.0.0.0:3012
bitwarden        | [2023-03-05 21:18:37.631][start][INFO] Rocket has launched from http://0.0.0.0:80

and then nothing…
any suggestions?
thank you!

Edit: i should note that i was previously able to access my Vaultwarden instance through DuckDNS but am no longer able to access it externally or internally. DuckDNS still seems to be working fine as i can still access other services.

Any other info i can provide to help someone help me?

it doesnt look like you have any ports exposed in your compose. do you have another container that is or was acting as a reverse proxy that was in the compose file as well? thats likely the only way you were ever able to actually connect to the container.

@disgustipated, thanks for the reply. you’re right, i didn’t post anything about the reverse proxy because i forgot that i had configured one.
i’m using SWAG with the vaultwarden.subdomain.conf. i updated the the listen ports in the server section of the conf to 28443:

server {
    listen 28443 ssl;
    listen [::]:28443 ssl;

    server_name vaultwarden.*;

the rest of the file is the same as the sample.

here is my updated VaultWarden service from docker-compose:

  bw:
    image: vaultwarden/server
    container_name: vaultwarden
    volumes:
      - './vaultwarden/data:/data'
    environment:
      - SIGNUPS_ALLOWED=false
      - SMTP_HOST=smtp.gmail.com
      - SMTP_FROM=<email>
      - SMTP_PORT=587
      - SMTP_SSL=true
      - SMTP_USERNAME=<user>
      - SMTP_PASSWORD=<password>
      - WEBSOCKET_ENABLED=true
    restart: always

my router is set up to port forward 28443 → 443:

here is the Swag service in my docker-compose file:

  swag:
    image: lscr.io/linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/
      - URL=<domain>.duckdns.org
      - SUBDOMAINS=wildcard
      - VALIDATION=duckdns
#      - DNSPLUGIN=cloudflare #optional
#      - PROPAGATION= #optional
      - DUCKDNSTOKEN=<token>
      - EMAIL=<email>
      - ONLY_SUBDOMAINS=false #optional
#      - EXTRA_DOMAINS= #optional
      - STAGING=false #optional
    volumes:
      - ./swag/config:/config
    ports:
      - 443:443
    restart: unless-stopped

DuckDNS is also in the chain:

  duckdns:
    container_name: duckdns
    image: lscr.io/linuxserver/duckdns
    restart: always
    volumes:
      - './duckdns/config:/config'
    environment:
      - TZ=America/
      - TOKEN=<token>
      - SUBDOMAINS=XXX

i’m attempting to access the VaultWarden web client at:

https://vaultwarden.<mydomain>.duckdns.org:28443

DuckDNS is still working fine as i can access a couple other services that i’m hosting through it without issue. i’m thinking my issue may be because provider is blocking 443, which is what i was using to access VaultWarden previously. but that’s just a guess. like i said previously, everything had been working fine for over a year & then my VaultWarden client stopped syncing with the server sometime in Jan 2023.

any other info i can provide?