I changed my token don't worry
You let bitwarden-secure listen on web (80), not websecure (443).
And I don't understand why you setup two routers for bw.dalmatheo.duckdns.org and one uses stripPrefix. Isn't that a regular application that should accept all requests (regular HTTP/S and Websocket) on the same root path?
Okay so i tried to do what you said and here is how i made it
Vaultwarden docker-compose.yml
version: '3.7'
services:
bitwarden:
image: vaultwarden/server:latest
container_name: bitwarden
restart: always
volumes:
- ./bw-data:/data
environment:
- ADMIN_TOKEN=
- WEBSOCKET_ENABLED=true
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
# Entry Point for https
- "traefik.http.routers.bitwarden-secure.entrypoints=websecure"
- "traefik.http.routers.bitwarden-secure.rule=Host(`bw.dalmatheo.duckdns.org`)"
- "traefik.http.routers.bitwarden-secure.service=bitwarden-service"
- "traefik.http.services.bitwarden-service.loadbalancer.server.port=80"
networks:
proxy:
external: true
But when i tried to connect to https://bw.dalmatheo.duckdns.org/ it says 404 page not found.
This needs to go to Traefik command:
--providers.docker.network=proxy
so when Docker Service Discovery is used Traefik uses the right network (if your target has multiple Docker networks)
You are missing your TLS
- "traefik.http.routers.bitwarden-secure.tls.certresolver=myresolver"
Service line is not required (I think it comes automatically from Service Discovery), you can remove it. The port line you should keep.
- "traefik.http.routers.bitwarden-secure.service=bitwarden-service"
If it still not works next step is to enable debug log and access log. Both go in Traefik static config in command.
Also enable and check the Traefik dashboard if your routers are listed.
Thanks guys, it works. This was really helpful.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.