[vaultwarden::api::notifications][ERROR] when trying to enable websocket

Help
1

Subject of the issue

[vaultwarden::api::notifications][ERROR] when trying to enable websocket
I couldn’t find the same error documented before.

Deployment environment

Deployed on docker (vaultwarden/server:latest)

WEBSOCKET_ENABLED is set to “true”

Expected behaviour

Expect websocket to work. For example, for a security note to sync immediately between web vault and extensions.

Actual behaviour

Doesn’t work.

Troubleshooting data

When I go to (for test) http://my_local_ip/3012] or https://mydomain.com/notifications/hub, it shows the message on a html page:

WebSocket Protocol Error: Unable to parse WebSocket key.

Here is the vaultwarden log

[2021-08-29 18:39:07.648][parity_ws][INFO] Listening for new connections on 0.0.0.0:3012.
[2021-08-29 18:39:07.661][start][INFO] Rocket has launched from http://0.0.0.0:80
[2021-08-29 18:39:33.946][vaultwarden::api::notifications][ERROR]
###########################################################
‘/notifications/hub’ should be proxied to the websocket server or notifications won’t work.
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
###########################################################################################

Anyone can help me?

2

Are you using a reverse proxy for Websockets to work? If so what reverse proxy and possibly the config would be beneficial here, thanks.

See more related in the Wiki

3

I’ve already read the wiki, and this is my ngnix reverse proxy config.

All works fine excepet the live sync via web socket

location / {
    proxy_pass http://my_local_ip:80;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

location /notifications/hub {
    proxy_pass http://my_local_ip:3012;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
  
  location /notifications/hub/negotiate {
    proxy_pass http://my_local_ip:8080;
  }
4

I use docker exec command into the contain

$ docker exec -i -t bitwarden curl 127.0.0.1:3012

WebSocket Protocol Error: Unable to parse WebSocket key

that seem like contain does not start wss server

5

8080 should be 80.

1 Like
6

Hello,
When I do what you said in mu quote, I’ve got the same message as you.
But my websocket is working fine. When I modify a secure note or whatever, the changes are automaticaly synchronised in my browsers extensions.

My reversproxy config has some more lines…
And the Location /notifications/hub { and location /notifications/hub/negotiate { blocs are after the
location / { bloc…
My location / { bloc looks like :

    location / {

        proxy_connect_timeout 300;

        proxy_read_timeout 300;

        proxy_send_timeout 300;

        proxy_intercept_errors off;

        proxy_http_version 1.1;

        proxy_set_header        Upgrade            $http_upgrade;

        proxy_set_header        Connection            $connection_upgrade;

        proxy_set_header        X-Real-IP            $remote_addr;

        proxy_set_header        Host            $http_host;

        proxy_set_header        X-Forwarded-For            $proxy_add_x_forwarded_for;

        proxy_set_header        X-Forwarded-Proto            $scheme;

        proxy_pass http://local_IP:port;

    }

PS : I have Vaultwarden installed in Docker on a Synology NAS (with DSM7).
See this post : [SOLVED] Websocket setup on Synology - #16 by MilesTEG1