No more thoughts on how to get it working?
After re-installing portainer all my docker containers are not there
-
You had to know this wouldn't go without a hitch. The steps below are from a previous session that I am following to re-create nextcloud. I have the containers up and running. I ran into trouble at step 2 below. When I first did it I got the correct page where you accept security risk and proceed. When I select my IP to proceed it errors out and I notice that chrome tries to default to my duck dns (photovandoe) so I thought maybe this was a cache problem. Tried it again with Microsoft edge and got the same problem. I have skipped ahead and fixed the nextcloud.subdomain file and the config.PHP file
None of this should be needed if you are using your old config folders. All the information are in those folders and will be picked up once you deploy the containers with the yaml file.
-
None of this should be needed if you are using your old config folders.
Looking back I can see that now. It did seem like I had to change the nextcloud.subdomain.conf and I was surprised that the config.php file was already correct so I went back and compared the nextcloud.dubdomain.conf with back up file and they appear to be the same. Here is the log from the swag container.
Code
Alles anzeigenIMPORTANT NOTES: - The following errors were reported by the server: Domain: duckdns.org Type: connection Detail: Fetching http://duckdns.org/.well-known/acme-challenge/OQdhw0ioSRIe50LZnwPjupIwnojXOvOf7enkRYl3hV8: Timeout during connect (likely firewall problem) To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the containerAny thoughts on this error. I made no configuration changes to the router prior to this.
-
-
No we did not. We also did not set up port forwarding for the the ports in the compose file. Below are the ports for nextcloud in the compose file. I also just tried to add port forwarding for 450 but it made no difference.
Codeports: - 450:443 -
External port 443 should be mapped to internal port 450 to be in line with your docker-compose yaml file. Is the port mapping in the code box from the swag/letsencrypt container? Port 80 mapping is missing
And there should be only one mapping for any port in your router. You have several.
-
You have to edit the ports:
you're portforwarding 3x port 80 to different ports on the same IP: (some analogy to the Immortals="""THERE CAN BE ONLY ONE""")
same goes for port 443.
Remove/delete the last 3 entries. snce that will conflict with the one's above.
For eg.: SWAG receives a call from external on port 80 (for cert approval) and the router must forward it to port 81 (port where SWAG is listening on IP 192.168.0.23)
But the router also has forwards from 80 external to internal ports (2 in your setting), It will clash.
You can only have TCP Ext:80 to Int:81 (for SWAG) and TCP Ext:443 to Int:450 (also SWAG and according to what you have --^^^)
-
You are using the swag container as reverse proxy for nextcloud. You can add bitwarden to this setup. Either by adding it to the same stack or as separate stack. If you set up a separate stack you need to join the same network so that swag and bitwarden can talk to each other.
See the picture here:
-
Post your docker-compose.yml here in full (hide sensible data) and I'm sure we can edit it to use bitwarden with either subdomain or subfolder.
Nice to see at least some is sorted,
-
Please, edit/hide/mask your SUBDOMAIN and your email on the post above
-
I've found this: bitwarden website but it's only available for x64 (NOT arm as the RPi) so the only one that runs on arm7vl+ (armhf) that I'm aware of is located here on github and is referenced here on this site.
If this is what you want, then we can create a compose for it and run it along side SWAG.
-
-
Acording to this source:
Codedocker run \ -p 8005:80 \ -v bitwarden:/config \ --name bitwarden \ --restart always \ bitwardenrs/server:latestWould become a "docker-compose" to integrate to an existing docker-compose.yml:
Codebitwarden: image: bitwardenrs/server:latest # raspberry container_name: bitwarden volumes: - /srv/dev-disk-by-label-DATA/appdata/bitwarden:/config # <<<--- This has to be adjusted!!! ports: - 8005:80 restart: unless-stoppedOr as a stand alone service, would be like this:
Codeversion: "2.1" services: bitwarden: image: bitwardenrs/server:latest # raspberry container_name: bitwarden volumes: - /srv/dev-disk-by-label-DATA/appdata/bitwarden:/config ports: - 8005:80 restart: unless-stopped -
Acording to this source:
Reviewing this source it appears that it is a setup not using HTTPS. I 've gotten Bitwarden to work multiple times without https but most of the setups recommend using self-signed certs or let's encrypt. I've tried both but couldn't get either to work. Nextcloud is already running with nginx and let's encrypt so I was hoping to be able to build off that setup to run Bitwarden as well.
You also mentioned before that you can't use the port twice?
current swag is mapping 81:80
and the bitwarden you proposed is mapping 8005:80
-
EDIT#2 Idents corrected and everything is running as it should, Good to go,
EDIT NOTE: For some reason, my docker-compose is spitting errors after I added the bitwarden part. Not parsing (prolly ident errors)
Working on it so don't do this just yet.
But I managed to run bitwarden straight via CLI with the docker command (just copy/paste in the terminal, it will start and show on portainer but only access via LAN).
First things first, I don't run neither root nor sudo since my user as "docker" privileges.
You have to do as you did the previous round of the stack. (either on root or with sudo and an unprivileged user)
You need to create a SUBDOMAIN for bitwarden on the duckdns.org (for instance: vandoebitwarden)
Go to duckdns.org and register what you want/need and use it for the rest of the instructions.
Edit you docker-compose.yml with:
- DNSPLUGIN=duckdns
- URL=duckdns.org
- DUCKDNSTOKEN=my token
- SUBDOMAINS=theonesyoualreadyhave,vandoebitwarden # <<-- there's a comma and then name without any spacesNow, let's assume that you have your docker-compose.yml in "/home/pi/" folder).
cd /home/pi/ to go to the folder and then ls and confirm that the "docker-compose.yml" is there.
VERY-IMPORTANT: DO NOT SKIP THIS
Make a copy of the "docker-compose.yml" in case something goes wrong. That way you're safe:
cp docker-compose.yml docker-compose.yml.NO.BITWARDEN
BACKUP DONE: YES. Ok continue.
nano docker-compose.yml and add the sample above --^^^^ for existing stack (adding to what you posted above:[LAN_ACCESS]
Now you can go to Portainer--> Containers and "bitwarden" should be there running.
Open it's logs and see if there's any errors (I never used it so don't really know what it should say).
At this time, your bitwarden should open on the browser with "http://RaspberryIP:8005".
[/LAN_ACCESS]
[WAN_ACCESS]
And now, you should be able to go to "https://vandoebitwarden.duckdns.org" and profit,
[/WAN_ACCESS]
-
current swag is mapping 81:80
and the bitwarden you proposed is mapping 8005:80
Swag is using port 81 on the host while bitwarden will use 8005,
Ports on the right are for the containers themselfs.
Please read carefully my previous post, I'm still trying to clean the docker-compose.yml due to errors on some idents, It's not parsing properly.
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!