I have Vaultwarden installed on a shared hosting account with Dreamhost following these instructions: GitHub - jjlin/vaultwarden-shared-hosting: Sample config for running Vaultwarden (formerly bitwarden_rs) on a shared hosting service. It has been running for almost a year without problems. I have a hourly cron job running that updates the installation and fixes the “502 Bad Gateway” that very rarely raises its ugly head. But since this morning, it keeps on giving this error. The output of the job does not show any errors, so it should work but it doesn’t.
[aumsville]$ pkill vaultwarden
[aumsville]$ rm -rf vaultwarden web-vault
[aumsville]$ ./docker-image-extract vaultwarden/server:alpine
Getting API token...
Getting image manifest for vaultwarden/server:alpine...
Fetching and extracting layer df9b9388f04ad6279a7410b85cedfdcb2208c0a003da7ab5613af71079148139...
Fetching and extracting layer e4988b8ce82614e4487f0722e65d1a4d2b0e4953b768b7db883941c5ef43edbf...
Fetching and extracting layer 71e9d7bc4b1bf828969d1bb1b8dcc5daa1c36df8119c692460b5207bcc2c7502...
Fetching and extracting layer 780a6d390db6862fdfd0915504565c4b75f450e68be5ed5ee946b28f59043f41...
Fetching and extracting layer 3cb34073528373d5216bf59f1edc3a8f8b791148cb3f6b84724cc061433602dd...
Fetching and extracting layer 80518a92a05733cd8d348cdb249cf4bc2b98cfe0ee84c30eafc37f8a7216de4d...
Image contents extracted into ./output.
[aumsville]$ mv output/vaultwarden output/web-vault .
[aumsville]$ rm -rf output
[aumsville]$ ./start.sh
Started vaultwarden.
Is anyone else experiencing this? What am I doing wrong?
Not sure, but i think it never starts vaultwarden it self actually.
Can you verify that the vaultwarden binary is located in the same folder as the start.sh and the same goes for the web-vault directory?
And also, what happens if you run ./vaultwarden instead of ./start.sh
[aumsville]$ ./vaultwarden
/--------------------------------------------------------------------\
| Starting Vaultwarden |
| Version 1.25.0 |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the |
| official channels to report bugs/features, regardless of client. |
| Send usage/configuration questions or feature requests to: |
| https://vaultwarden.discourse.group/ |
| Report suspected bugs/issues in the software itself at: |
| https://github.com/dani-garcia/vaultwarden/issues/new |
\--------------------------------------------------------------------/
[INFO] No .env file found.
[DEPRECATED]: `SMTP_SSL` or `SMTP_EXPLICIT_TLS` is set. Please use `SMTP_SECURITY` instead.
[2022-05-24 09:31:38.186][start][INFO] Rocket has launched from http://127.0.0.1:8000
The container is started using 127.0.0.1 as its address. This is probably the issue and causes the reverse proxy to not being able to connect to the container.
Please remove any ROCKET_ADDRESS you configured manually or maybe ROCKET_ENV. or set the address to 0.0.0.0. that should probably fix your issues.
I think you are right. This is in the vaultwarden.log from the last time it worked:
[2022-05-23 08:00:16.994][start][INFO] Rocket has launched from http://localhost:28973
[2022-05-23 08:28:22.751][request][INFO] POST /identity/connect/token
[2022-05-23 08:28:22.756][response][INFO] POST /identity/connect/token (login) => 200 OK
Now I see this:
[2022-05-23 10:00:14.165][start][INFO] Rocket has launched from http://localhost:28973
[2022-05-23 10:29:02.262][request][INFO] POST /identity/connect/token
[2022-05-23 10:29:02.604][response][INFO] POST /identity/connect/token (login) => 200 OK
Error: Rocket configuration extraction from provider failed.
>> invalid IP address syntax
>> for key ADDRESS
>> in `ROCKET_` environment variable(s)
thread 'main' panicked at 'aborting due to configuration error(s)', /root/.cargo/registry/src/github.com-1ecc6299db9ec823/rocket-0.5.0-rc.2/src/config/config.rs:293:13
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
I am not sure how to fix this, or even if I can. I am fairly new at this, but it seems to me something changed in the docker image that broke my poarticular setup.
The 502 (Bad Gateway) status code indicates that the server while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request. The “proxy server” is a system or router that acts as a gateway between your computer and the internet.
How to fix?
Perform a hard-refresh in your browser. On Macs, this is done by pressing Cmd + Shift + R.
If you are surfing the Web and see this problem for all Web sites you try to visit, then either 1) your ISP has a major equipment failure/overload or 2) there is something wrong with your internal Internet connection e.g. your firewall is not functioning correctly. In the first case, only your ISP can help you. In the second case, you need to fix whatever it is that is preventing you reaching the Internet.
This problem is due to poor IP communication between back-end computers, possibly including the Web server at the site you are trying to visit. Before analysing this problem, you should clear your browser cache completely.
Finally, restart your computer/networking equipment. Some temporary issues with your computer and how it’s connecting to your network could be causing 502 Bad gateway errors, especially if you’re seeing the error on more than one website. In these cases, a restart would help.
I found “ROCKET_ADDRESS=localhost” in env.sh and changed it to “ROCKET_ADDRESS=0.0.0.0” and now it works again.