Vaultwarden restarting

Hello,
I tried to install Vaultwarden, but the Rockon is pemanently restarting as soon as i start the rockon.
Is there any known Error or anything, that I should have a look for while installing?

My Rockstor Version is 4.6.0-0

Hello @Felix
for further understanding your problem the logs of your vaultwarden container may help.
you can find them by
#docker logs
i.e. #docker logs vaultwarden
If you’re unsure about the container’s name, you can look it up via
#docker ps -a

2 Likes

Hello and thanks for your reply, I didn’t know about the easy logs.

It says I have no persistent storage, but it´s configured properly in the rockstor UI

[2023-06-16 07:22:19.383][vaultwarden][ERROR] No persistent volume!
########################################################################################

It looks like you did not configure a persistent volume!

This will result in permanent data loss when the container is removed or updated!

If you really want to use volatile storage set I_REALLY_WANT_VOLATILE_STORAGE=true

########################################################################################

Hey, is it an initial setup or did it already work before?
Maybe you should start over → delete shares (if they’re empty) → create new ones, and install vaultwarden again.

I just tried it myself (on Rockstor 4.6 with kernel backport) and it worked out quite well.
A docker inspect vaultwarden should show something similar to this:

rockstor4:~ # docker inspect vaultwarden
[
    {
        "Id": "0762ac4a1adb5cd6916f43e4d8a743f313c69dfc4d55f0732aab37b0d5298c84",
        "Created": "2023-06-20T10:51:51.091289128Z",
        "Path": "/start.sh",
.....
.....
.....
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/mnt2/vv-test",
                "Destination": "/data",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "/mnt2/vv-test-cert",
                "Destination": "/ssl",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "/etc/localtime",
                "Destination": "/etc/localtime",
                "Mode": "ro",
                "RW": false,
                "Propagation": "rprivate"
            }
        ],

I used shares on my OS partition for this.
The shares need to be different from the main rockon share and for the purpose of TLS encryption you need to different shares - one for the actual vaultwarden installation and one for the TLS cert and key.

2 Likes

sorry for the long time, i tried a fresh install, but it is also not working.
It was a clean install first and is now.

I use separate shares for the installation.

docker instpect shows the following:

[
{
“Id”: “414bf72ca034af91efaee56a062af8604967108f6df03666830c54806e44ae8a”,
“Created”: “2023-06-26T05:27:26.147357109Z”,
“Path”: “/start.sh”,
“Args”: [],
“State”: {
“Status”: “restarting”,
“Running”: true,
“Paused”: false,
“Restarting”: true,
“OOMKilled”: false,
“Dead”: false,
“Pid”: 0,
“ExitCode”: 1,
“Error”: “”,
“StartedAt”: “2023-06-26T05:41:30.229364369Z”,
“FinishedAt”: “2023-06-26T05:41:30.36859461Z”,
“Health”: {
“Status”: “unhealthy”,
“FailingStreak”: 0,
“Log”: []
}
},

“Mounts”: [
{
“Type”: “bind”,
“Source”: “/mnt2/vaultwarden_cert”,
“Destination”: “/ssl”,
“Mode”: “”,
“RW”: true,
“Propagation”: “rprivate”
},
{
“Type”: “bind”,
“Source”: “/mnt2/vaultwarden”,
“Destination”: “/data”,
“Mode”: “”,
“RW”: true,
“Propagation”: “rprivate”
},
{
“Type”: “bind”,
“Source”: “/etc/localtime”,
“Destination”: “/etc/localtime”,
“Mode”: “ro”,
“RW”: false,
“Propagation”: “rprivate”
}
],
“Config”: {
“Hostname”: “414bf72ca034”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“ExposedPorts”: {
“3012/tcp”: {},
“80/tcp”: {}
},

That’s really strange. I tested different things in the last few days and was not able to reproduce your problem.
I’m quite clueless :confused:

1 Like

After a third fresh install, I could choose where to install and now just have the issue, that I need the tls certificate.

Can someone tell me how to make this the easiest way?
All other applications run https via nginx proxy manager and unless the docker is running I don’t have a domain for the certificate

The certificate generation is quite easy.

Basically:

mkcert -install

followed by i.E.

mkcert myrockstor.local "*.myrockstor.local" localhost 127.0.0.1 ::1

(the CN / “name” doesn’t really matter, as you’ll get a browser warning anyway, as the certificate will not be publicly/officially trusted)
As it’s only local, you don’t need to worry about any “real” / public domain.

After the generation of certificate and key, you can copy/move them to the newly generated vaultwarden-certificate share. The must match the names

/mnt2/[share-name]/certs.pem
/mnt2/[share-name]/key.pem
4 Likes

thank you very much, that did the trick

3 Likes