Hi!
I use DietPi and installed Vaultwarden through dietpi-software. Runs smoothly. Now I wanted to use Vaultwarden’s webauthn feature. But when trying to active it, vaultwarden displays an error “domain variable not set”.
I looked for a solution and found this article:
https://github.com/dani-garcia/vaultwarden/wiki/Enabling-U2F-(and-FIDO2-WebAuthn)-authentication
But how does that relate to DietpI installed by dietpi-software? What do I have to do?
I own a domain if that is of use?!
Going off the solution you listed, your domain needs to added to the vaultwarden config file.
Since you’ve installed though dietpi-software, you can modify the vaultwarden.env from in /mnt/dietpi_userdata/vaultwarden
The line you need to uncomment called DOMAIN= & add you domain next to it. Restart, & it should work.
A verified certificate from Let’s Encrypt should be used as well.
Oh thank you very much for that hint. I didn’t know that file.
Can ‘domain’ also be a local IP like domain=https://192.168.1.20:8001? Because that’s how I access vaultwarden, it’s runs locally.
I imported the locally signed HTTPS certificate to my browser, so it doesnt show a warning.
How can I add a Let’s Encrypt certificate to my local vaultwarden??
Unfortunately, you cannot have a signed certificate for a local IP address AFAIK.
You’ll need add the LetsEncrypt Cert to you webserver config file for the vaultwarden website/reverse proxy.
The Vaultwarden docs have a bunch of reverse proxy examples you can use.
Finally for the ‘domain’ part, a local IP address method is the default way to access, adding it to domain won’t help unfortunately.
is there a plan to access Vaultwarden from outside of your network? if not, what is the purpose of having 2FA activated?