I’m trying to get my bitwarden_rs container accessible from outside. On my computer there is traefik installed as a proxy and that runs the way I like. My other docker-containers are accessible from outsite, on the containers that I included for Traefik. The problem is that for the bitwarden_rs container, I’m not able to get the connection working. In my local network the bitwarden container is accessible through port 808 (manual defined), but outside there is nothing to find. I’ve tested a lot of configuration options in my docker-compose file, also compared to for example my home assistant container which is internally accessible at port 8123.
My current docker-compose file looks as follow:
version: "3.3"
services:
bitwarden:
image: bitwardenrs/server
env_file: /home/rogier/docker/bitwarden/bitwarden.env
restart: unless-stopped
ports:
- 808:808
- 3012:3012
volumes:
- /etc/localtime:/etc/localtime:ro
- /home/rogier/docker/bitwarden:/data/:rw
environment:
WEBSOCKET_ENABLED: 'true' # Required to use websockets
SIGNUPS_ALLOWED: 'true' # set to false to disable signups
SMTP_HOST: 'smtp.host.tld'
SMTP_FROM: 'geheim@host.tld'
SMTP_PORT: '25'
SMTP_SSL: 'true'
DOMAIN: 'https://bitwarden.host.tld'
LOG_FILE: '/data/log'
EXTENDED_LOGGING: 'true'
ROCKET_PORT: '808'
WEBSOCKET_PORT: '3012'
labels:
- "traefik.enable=true"
- "traefik.web.frontend.rule=Host:bitwarden.host.tld"
- "traefik.web.port=808"
- "traefik.port=808"
- "traefik.hub.frontend.rule=Host:bitwarden.host.tld;Path:/notifications/hub"
- "traefik.hub.port=3012"
- "traefik.hub.protocol=ws"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=bitwarden.host.tld"
- "traefik.frontend.headers.SSLForceHost=true"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex"
- "traefik.frontend.headers.frameDeny=true"
networks:
- traefik_proxy
networks:
traefik_proxy:
external:
name: traefik_proxy
When looking in the traefik logging, it is clear that the container is marked up, because of the ACME (let’s encrypt) error. All other container do receive a ACME certificate.
The ACME certificate is called by a http-challenge.
Also when trying myself on the https of http port from outside I get a time-out. The dns settings are correct, when I check these, I receive the right IP back.
Is there anyone who can help me? Google didn’t.