Docker BitwardenRS proxified for Synology NAS A docker-compose ready package to run BitwardenRS proxified with Caddy server. This setup provides a BitwardenRS server with support of websocket notifications. The goal is to keep the Synology NAS system untouched to be upgrade-proof.
This update will focus on the 'LiveSync' feature that offers BW users instant sync of any updates across platforms. So for example, if you add a new entry using the web UI that same entry will be visible in any web browser extension as well as your app. The process works in all directions and its really instant.
This is possible using the websocket protocol. Considering that the official version (paid) method will not work with this custom one, developers have offered an alternative that works just as well.
In the default setup of this image, you can see that the web ui is using one port (port 80 by default) and that there is also a port 3012. This is the port that can be used for all websocket needs.
There is a prerequisite for this to work and that's a reverse proxy (more info here: dani-garcia/bitwarden_rs). Now I will assume that you already are using it (there is also a resource on that) but keep in mind that in order to make this work, setting up a reverse proxy entry via DSM UI will NOT give you the desired effect.
Bitwardenrs: image: bitwardenrs/server:latest. Containername: bitwardenrs. Volumes: - /volume1/docker/BitWardenRS/config:/data/. Ports: - 8100:80. Restart: unless-stopped. The setup is working fine on Docker Synology NAS, but having trouble to configure the SMTP settings for the instance. Hello Everyone, I’ve installed Bitwarden as self-hosted on my SYNOLOGY via docker. It’s almost working so far, but I’ve problem logging as an Admin & confirm mail addresses. Problem is following, the link I receive per mail has this format: xxxxx.xxxx.xxxx 4892239. When self-hosting Bitwarden, you are responsible for implementing your own backup procedures in order to keep data safe. About Hosted Data. Bitwarden’s Docker containers use volume mapping to persist all important data on the host machine, meaning stopping your containers will not delete any data. Updating a container using Docker Compose is slightly different than running Synology’s GUI. When we use Synology’s GUI and duplicate the settings, we are technically creating an entirely new container and keeping our old one as well. Since Docker Compose uses our configuration file to create the container, it’s not easy to do that.
As you can see in the link above there are 2 application paths that need to be set via reverse proxy. This is not possible using the UI and needs to be done by hand.
Now I will assume also that you have had your BW setup so far via the built-in reverse proxy, so the next steps need to be followed (if you haven't then just skip to step 3).
01. Stop your BW container
NOTE: Make sure to add WEBSOCKET_ENABLED=true to your BW instance
02. Delete the existing reverse proxy BW entry from Control Panel > Application Portal > Reverse proxy
03. Using a text editor create a .conf file with the name of your choice (custom_rp.conf for example)
04. Paste the following content inside it and change the following elements!
- server_name > enter your bw public domain name
- ssl_certificate > path to your SSL certificate (full chain would be preferred)
- ssl_certificate_key > path to your ssl certficate private key
- proxy_pass > change the URL to point to your NAS ip address as well the port that you are using with your BW docker.
Keep in mind to use port numbers that you have mapped to the OUTSIDE of your container (host side, not inside the container)
04. Copy the file to your NAS (a temp location)
05. Log in your NAS via SSH and elevate to root permission (sudo -i)
06. Copy the file to this location: /usr/local/etc/nginx/sites-enabled using cp
command
07. Restart nginx service with the following command: synoservice -restart nginx
Thats it! This revers entry will not be visible inside your RP or Certificates dialog so keep this in mind. Test out your BW LiveSync and never again click the 'sync now' button!
Just another note on this matter. These steps WILL NOT provide you with a live sync feature on your devices that use the push method
In the last post, I wrote about installing bitwarden_rs per Docker on Synology and how to activate live sync. Now I’ll show you how to backup the data. I’ll use bruceforce/bw_backup docker to dump the sqlite database automatically, since just copying the sqlite3 file is not really backing up the database. I also found out, that the created dump file won’t be automatically uploaded to cloud by the Cloud Sync. Some how Cloud Sync doesn’t notice that there’s a new file.
Install Bitwarden On Docker
Setting up backup container
In the Docker app, let’s search for bruceforce/bw_backup container. Just search for bw_backup.
After downloading the image, we’ll just run it. During the initialisation, we need to adjust some settings.
In the volume tab, we mount the bitwarden folder, in which the bitwarden files are stored. My Bitwarden data are saved in docker/bitwardenrs. This folder must be mount as /data.
In the environment tab, we need to adjust the UID and GID. I set them to 0 (root).
Crontime can be set to how often the Bitwarden data should be backed up. If you don’t familiar with crontab format, you can use crontab.guru to check the time.
A useful parameter is DELETE_AFTER. I set this parameter to 7, so older than 7 backup files will be removed automatically. The complete documentation on the image can be found on the Github page.
Backup to cloud storage
When the backup script in the container is finished, you’ll find the dump file in the db_backup folder. Adding this folder to a Cloud Sync task to automatically upload the file to a cloud provider (Google Drive, Dropbox, etc.) won’t work. Somehow Cloud Sync ignores the files.
The only way to upload the files to a cloud storage per Cloud Sync is to manually copy them. After manual copying the files, Cloud Sync notices the files and sync these with cloud storage. To automate the copying process, we set a “User-defined script” task in Task Scheduler to copy the files.
As script/command I just simply run a rsync to sync the bitwarden folder to a cloud storage folder in Synology.
Synology Bitwarden Docker Ssl
