You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Using portainer I can see that the healthcheck is failing.
This may be a configuration issue on my end but it doesn't feel like it.
In my scenario I have bitwarden installed in a subfolder (https://domain.com/bitwarden) with yubikey authentication enabled.
The only way I could get the yubikey authentication to work correctly was to ensure that DOMAIN in the config,json contained only the domain eg. "domain": "https://domain.com/" and not the subfolder as noted in #925 and fixed in #927
I was able to work out the health check fails if vaultwarden is hosted on a subfolder, the "domain_path" key is set, and the "domain" key does not contain the subfolder.
This causes the health check to fail as /healthcheck.sh will return http://localhost:80/alive as the healthcheck url
I have gotten around this in my installation by taking the domain_path variable from the config.json so my healthcheck url is http://localhost:80/${domain_path}/alive
I can do a PR if you wish, but the healthcheck script could become a mess with having to deal with paths in both domain and domain_path keys 😄 (and I'm not sure if i'd break anything else)
Deployment environment
Your environment (Generated via diagnostics page)
Vaultwarden version: v1.22.2
Web-vault version: v2.21.1
Running within Docker: true
Environment settings overridden: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.35.4
Clients used:
Reverse proxy and version: Nginx
Other relevant information:
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden: SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN
@sataris, i see you mentioned that you modified the config.json manually. This is not the recommend way, and this also causes the issue you have. From the output i see that the DOMAIN variable does not have the path configured, which is what you need to do.
Those other values for the domain are auto generated and non-editable. Since you did this manually, it breaks the config, and thus the health check.
Either use env variables, or change the config via the admin interface.
@sataris, i see you mentioned that you modified the config.json manually. This is not the recommend way, and this also causes the issue you have. From the output i see that the DOMAIN variable does not have the path configured, which is what you need to do.
Those other values for the domain are auto generated and non-editable. Since you did this manually, it breaks the config, and thus the health check.
Either use env variables, or change the config via the admin interface.
At the moment I need the webauthn to function more than I need the healthcheck to pass.
I'll wait for the fix in #1950 and then reconfigure bitwarden.
Subject of the issue
Using portainer I can see that the healthcheck is failing.
This may be a configuration issue on my end but it doesn't feel like it.
In my scenario I have bitwarden installed in a subfolder (https://domain.com/bitwarden) with yubikey authentication enabled.
The only way I could get the yubikey authentication to work correctly was to ensure that DOMAIN in the config,json contained only the domain eg. "domain": "https://domain.com/" and not the subfolder as noted in #925 and fixed in #927
I was able to work out the health check fails if vaultwarden is hosted on a subfolder, the "domain_path" key is set, and the "domain" key does not contain the subfolder.
This causes the health check to fail as /healthcheck.sh will return
http://localhost:80/alive
as the healthcheck urlI have gotten around this in my installation by taking the domain_path variable from the config.json so my healthcheck url is
http://localhost:80/${domain_path}/alive
I can do a PR if you wish, but the healthcheck script could become a mess with having to deal with paths in both domain and domain_path keys 😄 (and I'm not sure if i'd break anything else)
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden: SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN
Steps to reproduce
Install vaultwarden on a subfolder
enable yubikey on an account
set DOMAIN to a FQDN without a subfolder (http://abc.com/)
set DOMAIN_PATH to the subfolder (/bitwarden)
Healthcheck.sh will return http://localhost:80/alive (and fail) and Yubikey will authenticate
I'm raising this because I don't want to choose between yubikey authentication and the healthcheck
Expected behaviour
Healthcheck.sh should build the correct healthcheck url when domain and domain_path are specified in config.json
Actual behaviour
Healthcheck sh returns 404 not found and completely disregards the setting of domain_path.
Troubleshooting data
The text was updated successfully, but these errors were encountered: