Hi,
Although I’ve been able to follow the wiki instructions and have got bitwardenrs and caddy working together using Using Docker Compose · dani-garcia/bitwarden_rs Wiki · GitHub, I’m still at a loss as to how the networking aspects are running behind the scenes.
When I run: docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c086f294b8ec bitwardenrs/server:latest "/usr/bin/dumb-init …" 18 minutes ago Up 18 minutes (healthy) 80/tcp, 3012/tcp bitwarden
9fbb70db95bc caddy:2 "caddy run --config …" 18 minutes ago Up 18 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 2019/tcp caddy
General network:
Ubuntu 20.04LTS on rPi4
/---------------------------------------------------\
| |
/-------------------\ | /---------------\ /---------------\ |
| PC | | | caddy | | bitwarden | |
| | | | Reverse Proxy | | | |
| browse to: | | | | | | |
| http://10.0.0.10 | | | 80 |<--------->| 80 | |
| | | | 443 | | 3012 | |
| | | | 2019 | | | |
\-------------------/ | \---------------/ \---------------/ |
10.0.0.5 | |
^ \---------------------------------------------------/
| 10.0.0.10
| /-------------------\ ^
| | | |
| | | |
\-->| Router |<----------------/
| |
| |
\-------------------/
|
|
Internet
I used the following command as advised here Starting a Container · dani-garcia/bitwarden_rs Wiki · GitHub
docker run -d --name bitwarden -v /bw-data/:/data/ -p 80:80 bitwardenrs/server:latest
bitwardenrs becomes available from my PC using the non-https i.e. http://10.0.0.10
However, the bitwardenrs wiki Enabling HTTPS · dani-garcia/bitwarden_rs Wiki · GitHub states that for proper operation HTTPS is required.
Further, Enabling HTTPS · dani-garcia/bitwarden_rs Wiki · GitHub states: “If you aren’t familiar with reverse proxies and have no preference, consider Caddy first, since it has built-in support for obtaining Let’s Encrypt certs”.
I therefore followed the advice and installed caddy, and am currently trying this Caddyfile:
https://my-domain.com:443 {
log {
level INFO
output file /var/log/caddy {
roll_size 10MB
roll_keep 10
}
}
reverse_proxy localhost:3012
}
I then start caddy with:
sudo systemctl start caddy
And review its status:
sudo systemctl status caddy
Which shows it has failed:
run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
The result being that I still can’t access bitwarden via the desired https://my-domain.com
I’ve tried various ports in the Caddyfile, but to no avail and I don’t know what else to try here.
I appreciate I can just use the (working) docker-compose implementation, but I’d really like to understand what’s going on and to be able to run it without docker-compose.
As it’s been said “if you can’t explain it simply, you don’t understand it well enough” and I really don’t understand it well enough. Help!
I’d really appreciate it if someone could explain it simply to me.
Cheers