Apache reverse proxy 503 error

zoof · January 13, 2021, 8:50pm

Any ideas for what I’m doing wrong? I can get to http://bw.example.com:5080 but https://bw.example.com fails with a 503 error. Thanks in advance!

My docker-compose file is:

# docker-compose.yml
version: '3'

services:
  bitwarden:
    image: bitwardenrs/server
    container_name: bitwardenrs-server
    ports:
      - "3012:3012"
      - "5080:80"
    network_mode: bridge
    restart: always
    volumes:
      - ./bw-data:/data
    environment:
      WEBSOCKET_ENABLED: 'true' # Required to use websockets
      SIGNUPS_ALLOWED: 'false'   # set to false to disable signups
      ADMIN_TOKEN: 'secret'
      DOMAIN: 'http://bw.example.com'

and my Apache configuration is:

<VirtualHost *:443>
    SSLEngine on
    ServerName bw.example.com

    SSLCertificateFile /etc/letsencrypt/live/bw.example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/bw.example.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/bw.example.com/chain.pem

    #ErrorLog /var/log/httpd/bitwarden-error.log
    #CustomLog /var/log/httpd/bitwarden-access.log combined

    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /notifications/hub(.*) ws://127.0.0.1:3012/$1 [P,L]
    ProxyPass / http://127.0.0.1:5080/

    ProxyPreserveHost On
    ProxyRequests Off
    RequestHeader set X-Real-IP %{REMOTE_ADDR}s
</VirtualHost>

WpJ · January 15, 2021, 9:28am

Do you have any logs on the Bitwarden side (from within the container (docker logs bw)?

5xx usually means there is a problem upstream.

zoof · January 15, 2021, 1:49pm

Yes, here it is.

[INFO] No .env file found.

[WARNING] The following environment variables are being overriden by the config file,
[WARNING] please use the admin panel to make changes to them:
[WARNING] DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_PORT, SMTP_FROM, SMTP_FROM_NAME, SMTP_USERNAME, SMTP_PASSWORD

[2021-01-15 02:30:51.231][start][INFO] Rocket has launched from http://0.0.0.0:80
[2021-01-15 02:30:51.232][parity_ws][INFO] Listening for new connections on 0.0.0.0:3012.
[2021-01-15 02:30:54.461][request][INFO] GET /admin
[2021-01-15 02:30:54.462][response][INFO] GET /admin [2] (admin_login) => 200 OK

The latter two lines come from accessing the admin page with http at port 5080.

zoof · January 17, 2021, 3:16am

There was an Apache configuration error of some sort although I can’t figure it out. I installed on my usual VPS and it worked fine…

Antergosgeek · January 17, 2021, 2:57pm

What about copying the functioning config from the usual VPS and use that as a basis for adjustments?

zoof · January 17, 2021, 3:26pm

My usual VPS was actually my intended eventual target! I have 2 months free from Digital Ocean through Destination Linux and wanted to get it working there first.

BowenMarmot · January 23, 2021, 4:43am

My apache config looks pretty much the same as yours with the exception that you are missing the ProxyPassReverse line. Mine is right below the ProxyPass line as below:

ProxyPass / http://127.0.0.1:5080/
ProxyPassReverse / http://127.0.0.1:5080/

Topic		Replies	Views
Apache Reverse Proxy Problems Help	7	1922	December 21, 2020
Server Proxy Via Apache Third Party Help	1	678	November 20, 2020
Firewall rules, apache proxy and docker Third Party Help	2	1526	October 6, 2020
Change Port from 443 Help	6	5067	April 17, 2020
Fail2ban on apache with reverse proxy Third Party Help	2	1535	March 17, 2021

Apache reverse proxy 503 error

Related Topics