1
0
Fork 0

Add info about how to fix #176

Dieser Commit ist enthalten in:
Daniel García 2018-11-09 16:24:45 +01:00 committet von GitHub
Ursprung 1e9dd2fd4e
Commit dd00591082
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 4AEE18F83AFDEB23

Datei anzeigen

@ -195,17 +195,19 @@ docker run -d --name bitwarden \
``` ```
Note that you need to mount ssl files and you need to forward appropriate port. Note that you need to mount ssl files and you need to forward appropriate port.
Due to what is likely a certificate validation bug in Android, you need to make sure that your certificate includes the full chain of trust. In the case of certbot, this means using `fullchain.pem` instead of `cert.pem`.
Softwares used for getting certs are often using symlinks. If that is the case, both locations need to be accessible to the docker container. Softwares used for getting certs are often using symlinks. If that is the case, both locations need to be accessible to the docker container.
Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `cert.pem` and `privacy.pem` files in `/etc/letsencrypt/live/mydomain/` Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `fullchain.pem` and `privkey.pem` files in `/etc/letsencrypt/live/mydomain/`
These files are symlinked to `../../archive/mydomain/mykey.pem` These files are symlinked to `../../archive/mydomain/privkey.pem`
So to use from bitwarden container: So to use from bitwarden container:
```sh ```sh
docker run -d --name bitwarden \ docker run -d --name bitwarden \
-e ROCKET_TLS='{certs="/ssl/live/mydomain/cert.pem",key="/ssl/live/mydomain/privkey.pem"}' \ -e ROCKET_TLS='{certs="/ssl/live/mydomain/fullchain.pem",key="/ssl/live/mydomain/privkey.pem"}' \
-v /etc/letsencrypt/:/ssl/ \ -v /etc/letsencrypt/:/ssl/ \
-v /bw-data/:/data/ \ -v /bw-data/:/data/ \
-p 443:80 \ -p 443:80 \