vaultwarden docker niet te benaderen

Pagina: 1
Acties:

Vraag


Acties:
  • 0 Henk 'm!

  • Jurre-r
  • Registratie: Juni 2009
  • Laatst online: 11-07 21:07
Mijn vraag
Ik probeer een private vaultwarden instance te maken op mijn rasberrry pi. Ik probeer dit aan de hand van de volgende tutorial gedaan: https://github.com/dani-g...wiki/Using-Docker-Compose.
Helaas als ik naar mijn gekozen url gaat krijg ik connection refused. kan iemand mij verder helpen wat ik fout aan het doen ben?

Relevante software en hardware die ik gebruik
Het volgende staat in mijn docker-compose.yml
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
                                                                                                                                                                      version: '3'
services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    environment:
      WEBSOCKET_ENABLED: "true"  # Enable WebSocket notifications.
    volumes:
      - ./vw-data:/data

  caddy:
    image: caddy:2
    container_name: caddy
    restart: always
    ports:
      - 8090:80
      - 8091:443
    volumes:
      - ./caddy:/usr/local/bin/caddy  # Your custom build of Caddy.
      - ./Caddyfile:/usr/local/bin/caddyfile:ro
      - ./caddy-config:/config
      - ./caddy-data:/data
    environment:
      DOMAIN: "https://vaultwardenej.duckdns.org"  # Your domain.
      EMAIL: "mijn email"                 # The email address to use for ACME registration.
      DUCKDNS_TOKEN: "mijn token"                   # Your Duck DNS token.
      LOG_FILE: "/data/access.log"


Het volgende staat in mijn caddyfile
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{$DOMAIN}:443 {
  log {
    level INFO
    output file {$LOG_FILE} {
      roll_size 10MB
      roll_keep 10
    }
  }

  # Use the ACME DNS-01 challenge to get a cert for the configured domain.
  tls {
    dns duckdns {$DUCKDNS_TOKEN}
  }

  # This setting may have compatibility issues with some browsers
  # (e.g., attachment downloading on Firefox). Try disabling this
  # if you encounter issues.
  # encode gzip

  # Notifications redirected to the WebSocket server
  reverse_proxy /notifications/hub vaultwarden:3012

  # Proxy everything else to Rocket
  reverse_proxy vaultwarden:80
}


Wat ik al gevonden of geprobeerd heb
Het valt me op dat als ik de logs van caddy de melding geeft "server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server", maar het is mij duister waarom hij dit doet.

code:
1
2
3
4
5
6
7
8
9
10
docker logs caddy
{"level":"info","ts":1676639411.486231,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1676639411.4925659,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1676639411.4938316,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1676639411.4940162,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x40005c62a0"}
{"level":"info","ts":1676639411.4945936,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
{"level":"info","ts":1676639411.4947722,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1676639411.4950266,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1676639411.495498,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1676639411.4956012,"msg":"serving initial configuration"}


Ik kan wel verbinding maken met poort8090 en krijg dan netjes de landing page van Caddy met de melding dat caddy actief is.

code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
curl -v http://vaultwardenej.duckdns.org:8090
*   Trying 192.168.178.6:8090...
* Connected to vaultwardenej.duckdns.org (192.168.178.6) port 8090 (#0)
> GET / HTTP/1.1
> Host: vaultwardenej.duckdns.org:8090
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Content-Length: 18677
< Content-Type: text/html; charset=utf-8
< Etag: "rpvx50eet"
< Last-Modified: Fri, 10 Feb 2023 22:00:36 GMT
< Server: Caddy
< Date: Fri, 17 Feb 2023 13:25:57 GMT
<
<!DOCTYPE html>
<html>
        <head>
                <title>Caddy works!</title>


Maar als ik naar poort 8091 verbind met https krijg ik een connection refused.

code:
1
2
3
4
5
6
curl -v https://vaultwardenej.duckdns.org:8091
*   Trying 192.168.178.6:8091...
* connect to 192.168.178.6 port 8091 failed: Connection refused
* Failed to connect to vaultwardenej.duckdns.org port 8091: Connection refused
* Closing connection 0
curl: (7) Failed to connect to vaultwardenej.duckdns.org port 8091: Connection refused


de dockers draaien wel
code:
1
2
3
4
 docker ps -a
CONTAINER ID   IMAGE                                          COMMAND                  CREATED          STATUS                    PORTS                                                                                               NAMES
8bf14fec315a   caddy:2                                        "caddy run --config …"   38 minutes ago   Up 38 minutes             443/udp, 2019/tcp, 0.0.0.0:8090->80/tcp, :::8090->80/tcp, 0.0.0.0:8091->443/tcp, :::8091->443/tcp   caddy
af8ab21a4907   vaultwarden/server:latest                      "/usr/bin/entry.sh /…"   38 minutes ago   Up 38 minutes (healthy)   80/tcp, 3012/tcp                                                                                    vaultwarden

[ Voor 8% gewijzigd door Jurre-r op 17-02-2023 15:12 ]

Alle reacties


Acties:
  • +1 Henk 'm!

  • Jurre-r
  • Registratie: Juni 2009
  • Laatst online: 11-07 21:07
Hierbij een update en mijn eigen oplossing.
Heb het gebruik van Caddy los gelaten en nginx reverse proxy manager geïnstalleerd, hierbij gebruik gemaakt van de duckdns en de let's encrypt integratie, alles werkt nu als een zonnetje.