[SOLVED] Websocket setup on Synology

I have installed Bitwarden on my Synology into Docker, It’s working well. What I want to add there is Websocket notification. I have added the new option to the wariables “websocket_enabled=true” and also in reverse proxy on NAS i added to the “custom header” feature “websocket”, but it still doesn’t work. I can see the message in bitwarden’s log: ‘/notifications/hub’ should be proxied to the websocket server or notifications won’t work. Can you please help me to fix this? In the Bitwarden’s read only config list I see: websocket address: 0.0.0.0. Maybe this is the problem? Shouldn’t there be 127.0.0.1? But how to add it if so… Thank you

You need to include details on your reverse proxy config…

Oh really? Such an information :slight_smile:
Can you share a secret with me and tell me what I should adjust there (where)? I’ll be so appreciated.
Jan

@honza: I am not sure why you are reacted like this to @jjlin comment ?

Since your traffic goes through a web proxy and you do not know why the ws: fails, it may be because your web proxy setup is incorrect.

It just simplifies the troubleshooting and avoids a back and forth exchange of “do you have this?”, “and what about that” + there may be some configuration which is simply incorrect.

Hi, I still don’t understand what you mean.
I an not linux guru, I am not using SSH or so much. i don’t want to make some setups through it. I was just politely asking if somebody can help with my situation. I have allowed websocket on synology nas reverse proxy because they said it must be on for notifications. I have running bitwarden instance inside synology docker. I add variables to the docker bitwarden instance: websocket_enabled:true and websocket_address: 127.0.0.1 (I donť know if it’s correct). In bitwarden setup I see websocket port 3012. Honestly I don’t know what and where setup and I am asking here. If somebody is willing to advice and doesn’t feel offended with my linux unknowledge. I would like to make it work, I need not know to the detail why some setups are like they are…

The thing is that in order to help you, best is to provide the configuration file of your reverse proxy (you mention “(…) in reverse proxy on NAS i added to the “custom header” feature “websocket (…)”).

Without this information it is hard to tell which part of the configuration of the reverse proxy is correct and which one is wrong, or missing.

It has nothnig to do with your linux skills, everyone of us learn everyday.

Ok, I got it, thank you! My Proxy reverse record is bellow. Just to know, ports in docker are set this way: local 32776 to container’s 3012 and local 8123 to docker’s 80.

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bw.mydomain.com;

ssl_certificate /usr/syno/etc/certificate/ReverseProxy/73646661-c0ae-1234-b9cd-1b80c12cd7e2/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/ReverseProxy/73646661-c0ae-1234-b9cd-1b80c12cd7e2/privkey.pem;

location / {
    proxy_connect_timeout 60;
    proxy_read_timeout 60;
    proxy_send_timeout 60;
    proxy_intercept_errors off;
    proxy_http_version 1.1;
    proxy_set_header        Upgrade            $http_upgrade;
    proxy_set_header        Connection            $connection_upgrade;
    proxy_set_header        Host            $http_host;
    proxy_set_header        X-Real-IP            $remote_addr;
    proxy_set_header        X-Forwarded-For            $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto            $scheme;
    proxy_pass http://localhost:8123;
}

Hello

It is working fine on Synology both docker containers which I tested: BitwardenRS standard or mysql edition (with mariaDB on Synology). See bellow the screen capture on my settings for reverse proxy and websocket active. Port 32772 is port of docker container. It works with localhost or ip of you NAS or 127.0.0.1. All are fine.

I hope it helps,
G

Capture2

Thanks, means your live sync through websocket are working? Please, what is your port setup then? Mine is here:

Thank you.

Hello

I am using ssl from cloudflare (not the one from synology), I have not tried in other configuration (without ssl or other ssl providers), but it should work.
The email settings you can add later, there are not necessary from first time.
Admin_token it is the admin password for respectiv access panel, also not necessary from first time.
Network is bridge setup in docker.

If you know how to work with docker compose you can use the following configuration. Folder “bit” you need to create it under the coresponding path in synology.

version: ‘3’
services:
bitwarden:
image: bitwardenrs/server
container_name: bitwardenrs-server
ports:
- “32771:3012”
- “32772:80”
environment:
ADMIN_TOKEN: “your_ADMIN_pass”
SMTP_HOST: “your_server”
SMTP_PORT: 587
SMTP_FROM: “your_email”
SMTP_FROM_NAME: “Bitwarden_RS”
SMTP_USERNAME : “email_user”
SMTP_PASSWORD: “your_password”
volumes:
- /volume1/docker/bit:/data
network_mode: bridge

Anyway, the docker confirguration for bitwardenrs works straight away from docker in synolgy.

Note: the docker configuration layout is altered by the forum page. I cannot attach txt files, nor zips.

Thank you,
I found the solution yet and it’s working now well… :slight_smile:
I made all these steps…

Thank you for your willing to help

Jan

Hello,
Live sync works with this simple configuration?
For me, I had to configure Nginx myself…
Are you sure, live sync is enable on your side?!

Hi everyone,

I had trouble getting Websocket support on my Bitwarden_rs Docker + Reverse Proxy Synology setup to work but in the end was able to build a working solution without having to use SSH.

I’m not sure if my steps will work for everyone but I’ve put them into a note below. Please let me know if you have any feedback or suggestions:

-Norman

1 Like

Hello,
This script make possible websocket notification when using synology DSM Reverse-proxy.
Thanks for your work.
I slightly modified the script by setting the ip address instead of localhost to have it working. And add a \ before " for this : “upgrade”.
(I also add some comments, and echo to have a trace in the log)