Question about updating and Environment variables

I’m currently testing Vaultwarden on my VPS and everything works as expected. I set up the admin panel und I did configure fail2ban. Also, fail2ban works without any issues.

I then wanted to test the updating process. I deleted the old container and image and pulled the latest one. I gave it the same port and same volume. After booting up, I was able to reach my vault, plus I was also able to login into my account.

BUT: It seems like the environment variables get deleted. So that’s really not that great because I’ll lose access to my admin account but more importantly fail2ban will not work anymore because the log is also gone.

Is there a workaround to keep the environment variables after an update so I still have access to my admin panel and don’t have to set fail2ban ( environment variables for logging) again?

How are you passing the environment variables?
I use a script (run via a systemd unit) to start the vaultwarden container which essentially does:

docker run --rm \
  -p 127.0.0.1:30317:80 -p 127.0.0.1:3012:3012 \
  --env-file $CONFIG -v $STATE:/data/ \
  --name $CONTAINER $IMAGE 1> /dev/null

where CONTAINER=vaultwarden, IMAGE=vaultwarden/server, STATE=/data/vaultwarden (local directory where the database is stored, etc.), and CONFIG=/data/.vaultwarden.env, which is the file where the config/vars are stored (including LOG_FILE, etc.)

To update vaultwarden, I docker stop & docker rm it, then docker pull vaultwarden/server, and then start with the above command. The state (accounts, etc.) is preserved.

1 Like

Thanks. Could you explan this process by using Portainer?

I’ve never used portainer, so I have no idea ¯\(ツ)