Hi, I have a similar issue. I now used Traefik and Nginx Proxy Manager and I could not log in to my Bitwarden RS server. But if I directly connect to the open port in my local network I can log in. I am guessing there is a problem with the reverse proxy. I’m not sure what the problem is. Could there be an Issue with Bitwarden RS not letting some connections enter? Since I have already tried 2 different Reverse Proxies.
Thanks for any help!
Hi @SkipTam, in my case I’m able to sync normally with the Bitwarden browser and the desktop app. I only have issues with the CLI tool and the Android app which use HTTP1.1 connections.
Please check above. I’ve posted my Nginx configuration. You could use that as a starting point to be able to connect to Bitwarden_rs.
Following up this topic, I’ve setup a new machine running Arch Linux and installed Bitwarden_rs.
Nginx is running under exact same configuration as the server object of this topic, and I’m able to reproduce the HTTP/1.1 sync error.
Do you have any proven Nginx configuration files that sync fine over HTTP/1.1?
If so, I’d appreciate if you could share them with me so I could try them and see if that fixes the sync issue.
I’d need the content for:
- /etc/nginx/nginx.conf : Main configuration file
- And for the specific Vhost file that redirects towards Bitwarden service
Thanks for your support!
@iamb, i have installed nginx on my dev system and used the default nginx.conf
from Ubuntu 20.04 and your config (with some small mod’s like the user and the ports, but that is about it).
When using the default Ubuntu nginx.conf
all works fine, i’m using bw sync && bw sync --force && bw sync --last && bw list items
to make sure it does a sync.
Now when i’m using your nginx config it breaks. I get a 400 on the nginx side, and nothing on the bitwarden_rs side.
So, i did a diff (using Meld) between the default config and yours.
Then i disabled all the changes you made regarding my default Ubuntu config.
It kept broken until i disabled large_client_header_buffers
.
I also tried to enable that option again and disabled all the added headers, but it still was broken unless i commented out large_client_header_buffers
.
So, i suggest that you try to do the same and test again :).
Many thanks @BlackDex, that was super-helpful!!! Commenting out that line fixed the issue
For reference, I’ve been doing some more testing and found out that setting the header buffer size to 2k let the sync go through HTTP/1.1. Therefore I set that clause as follows:
large_client_header_buffers) 2 2k;
Now I can properly sync Bitwarden_rs in all devices. Thanks again!
PS: Not sure how to mark the topic as [SOLVED]
If there’s a lesson to be learned here, I think it’s to not change default settings when you don’t have a good understanding of the consequences…
Sure thing. The point is that this Nginx server runs many websites, some of which had Ddos issues in the past. And that clause is there to mitigate its effects.
Therefore, it’s not always possible to run bitwarden_rs on a default nginx configuration.