mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-12-10 17:23:04 +03:00
Vaultwarden no longer shows entries in the Webvault; Sync with Android app works #385
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @update-freak on GitHub.
Vaultwarden Support String
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden: DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_FROM, SMTP_FROM_NAME, SMTP_USERNAME, SMTP_PASSWORD
Vaultwarden Build Version
v1.32.0
Deployment method
Official Container Image
Custom deployment method
No response
Reverse Proxy
buildin in DSM
Host/Server Operating System
NAS/SAN
Operating System Version
Synology DSM 7.2
Clients
Web Vault
Client Version
v2024.6.2
Steps To Reproduce
Expected Result
After a few seconds the items are shown
Actual Result
The items are not shown after several minutes
Logs
Screenshots or Videos
No response
Additional Context
I also use AdGuard Home and Unbound on Synology NAS.
Reverse Proxy is used to direct to a domain like: https://vaultwarden.beispiel.dynv6.net
The Sync to Android App or Chrome Extension works successfully.
Docker compose (Passwords are modified)
version: "3.9"
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: Vaultwarden
hostname: vaultwarden
mem_limit: 512m
mem_reservation: 256m
cpu_shares: 1024
security_opt:
- no-new-privileges=true
ports:
- 1058:80
volumes:
- /volume1/docker/vaultwarden:/data:rw
environment:
- ADMIN_TOKEN=PASSWORT
- DOMAIN=https://vaultwarden.beispiel.dynv6.net
- SIGNUPS_ALLOWED=false
- SMTP_HOST=geheim
- SMTP_FROM=geheim
- SMTP_FROM_NAME=Vaultwarden
- SMTP_USERNAME=geheim
- SMTP_PASSWORD=PASSWORT
restart: always
@stefan0xC commented on GitHub:
Can you check your web console what the browser says when this doesn't load? E.g. if there are blocked resources or exceptions thrown? If it's a blocked resource you might want to check your reverse proxy settings if you are overriding the content security policy. I mean this could potentially also be caused by browser extensions.
@update-freak commented on GitHub:
With the developer tool I got 6 errors in Chrome:
WebSocketTransport.ts:81 WebSocket connection to ... failed
Error: Failed to start the connection: Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
Unhandled Promise rejection: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled. ; Zone: ; Task: null ; Value: Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
zone.umd.js:1097 Unhandled Promise rejection: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled. ; Zone: ; Task: null ; Value: Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
Uncaught (in promise) TypeError: Failed to execute 'digest' on 'SubtleCrypto': The provided value is not of type '(ArrayBuffer or ArrayBufferView)'.
Is it necessary to create WebSocket (as shown in Step 7 here: https://mariushosting.com/synology-install-vaultwarden-with-portainer/) ?
@Gerardv514 commented on GitHub:
yes, I have this and no issues.
@stefan0xC commented on GitHub:
That the websocket fails is a different issue. I am not familiar enough with Synology to know if the steps in the linked tutorial are correct but they should not be necessary for the entries to be displayed. (But it wouldn't hurt if you manage to make the upgrade of the Websocket work.)
So to me this seems the most likely indication of what could be wrong but I am not sure what exactly that would be.
@BlackDex commented on GitHub:
Also, try a different browser and private or incognito mode to see what that does.
@mj084 commented on GitHub:
Try it without Adguard before testing it with new Container and copied DB...
Whats the timestamp of the DB-file after sync from app?
Is the server reachable from external? Then you could simple test it from another browser outside...
@update-freak commented on GitHub:
Yes it worked previously.
Good questions what happened afterwards since its quite some time ago (I think at least 3 years). Whats changed: Adguard home, Unbound and other services added. DSM Updates etc. Don't know everything unfortunately. Also I normally not use the Web vault.
I have to check what's the root cause:
dynv6, reverse proxy, adguard, Unbound etc.
So delete everything except the password-db and start with a clean container does not make sense right? The db is not defect when the sync with Android App works?
@BlackDex commented on GitHub:
It might be your reverse proxy or something else in between which is maybe caching or block or some Javascript.
It is not something we can fix on the server side i think.
Just be sure there is nothing cached or altered in between.
I do no know how Synology works in regards to all of this so not sure how to help there.
@Gerardv514 commented on GitHub:
Has this ever worked? And what has changed since last working?
@update-freak commented on GitHub:
Tried it again with Firefox v130 (without plugins) on Win11 and got the same problem:
TypeError: SubtleCrypto.digest: Argument 2 could not be converted to any of: ArrayBufferView, ArrayBuffer.
What I also saw now is that after around 3min of loading circle I got 9 of 107 items on the list.
The other remaining items are not shown.
Also not the first 9 are shown, more a random pick of 9 items -> but this can be repeated and it's always these 9 items.
@update-freak commented on GitHub:
@Gerardv514 commented on GitHub:
But what made the issue break? What if this has a bigger consequence next time where it’s not recoverable at all.
Also did you have any attachments in any entries? These are not part of the export if so.
@Gerardv514 commented on GitHub:
I wouldn’t delete everything just yet, it would be beneficial to find what the root cause is.
What you could do is copy your data folder into a new one and call it bwtest or whatever. Create a new container and same call it test.
See if the problem is resolved. Also could try using the testing image.
Another test would be to setup a clean test BW instance/container. Export data from existing (if you can using a client) and import into the clean test, what’s the result with that?
@update-freak commented on GitHub:
I exported the items as json, created a clean new instance of the container and imported the json.
The result was that all items are displayed.
I also noticed while creating the new account that my previous passwort was not long enough -> not sure if this causes any problems.
But now it's fixed with export, clean new docker container and reimport.
So Issue can be closed.
@mj084 commented on GitHub:
So the problem still exists from external access with different browsers?
@aheath70 commented on GitHub:
+1 with this issue. Apps on iPhone works, Google extension works, but no items are showing in my personal vault in the Webvault. I suspect it is definitely something in the actual vault, as I have 2 vaults. One works and displays everything, but my personal vault displays no items.
If I extract the vault out to a JSON or CSV file, all the entries are there.
It is nothing to do with the internet cache - problem still exists in Incognito window and across multiple computers and multiple browsers. I use Cloudflare tunnels, and the connection is not going through a local web proxy. If it was a proxy, then I would expect that all vaults I have would be experiencing the same issue, and they are not - one works, one doesn't.
@update-freak commented on GitHub:
Thats the big question. For me it's not clear what caused this problem.
No, I did not have any attachments linked
@aheath70 commented on GitHub:
I get the following error in developer tools console - not sure if it is related or not.
Should this issue be re-opened, as the root cause is clearly not fixed?
I am not a programmer, but I did find this related to the above error - not sure if it is relevant or not, or might help someone who knows more than I to track down the issues.
https://www.reddit.com/r/node/comments/1bbrcyt/using_cryptosubtle_in_nodejs/
@interunivers commented on GitHub:
same issue for me. my personal vault laods very slowly but entries that are in an organisation dont load at all. I also cant export them from the webvault but the admin pannel still says the organization contains 78 entries. i also created a test organization which worked fine and i was able to creat entries in that. i am really a bit desperate no and really dont know where i should keep looking.
@BlackDex commented on GitHub:
It must be an entry in the vault, possibly recently added via a new client maybe?
Check the developer console of the browser to see if something useful is shown there.
@BlackDex commented on GitHub:
@aheath70 which version of Vaultwarden are you using? Did you recently updated, if so, what was your previous version.
What happens in a new browser, one never used to visit the web-vault.
@BlackDex commented on GitHub:
@interunivers, I'm afraid it will be very hard to tackle this. Maybe having the sync response will help me find what could be the issue. But I'm not sure. If you want then see my previous comment and the link there on how to extract that data if you want to share it with me.
@interunivers commented on GitHub:
this is what the consol spits out as errors repeatedly and at the end just loads nothing
The following is my support string. I run everything on unraid behind a swag/nginx reverse proxy.
@interunivers commented on GitHub:
@BlackDex thank you for offering help. But which link are you reffering to?
And a littel extra note. I cant export itmes either from the organization it just loads shortly and then does nothing.
@BlackDex commented on GitHub:
Ah yes i just saw it was an other post haha. All those different items kinda similar but then not.
Here is the link:
https://github.com/dani-garcia/vaultwarden/issues/4870#issuecomment-2306749481
@interunivers commented on GitHub:
@BlackDex Thank you for your efforts.
Concerning the reverse proxy_headers, i already tried disabling them all (they are in place becasue nextcloud is runnig behind swag aswell) and it didn't change anything. And I might not have explained it but my personal vault is loading the only thing that isn't, is my organization that i use to share passwords with my family. And the most annoying thing is i cant clone or export the items out of the organization because that feature only exists on the web. I'll try the downgrading if you could tell me how? Do i have have to modify the repository link slightly and if yes how?
@BlackDex commented on GitHub:
@interunivers i have not yet received anything.
You sent it to the mail address in the image? starting with
security@?And ending in
vaultwarden.org?@interunivers commented on GitHub:
@BlackDex I emailed the .har to you at hopefully the right email adress. It would interessest me very much if you can read something out of that. I hope the german parts aren't a problem.
@BlackDex commented on GitHub:
@interunivers, I'm not really seeing why it would behave like this actually.
The requests and responses look the same on my server. The only difference i can see is that my server has compression enabled (gzip, brotli, zstd) and it looks like your reverse proxy is adding some headers which Vaultwarden already did.
Now i do not think that causes any issues, but it is probably better to let Vaultwarden handle most of these headers instead of the reverse proxy.
Since there are a lot of ciphers i also tried to detect something using some grep commands, but was not able to see anything which shouldn't be there in this form.
Might i suggest to try the following steps to see if you can pinpoint the specific issue.
With the above, if all keeps working, without any issue, then it most likely is located in your personal vault, but then we have to figure out where and which item.
One way would be to export your personal vault, and import that into the new empty account (maybe first remove the test entries you created there). If then the test account still has no issues, we would need to compare both accounts sync output and see what the difference is there.
It's very strange this is causing an issue.
Also, i do wonder what happens if you revert to v1.32.0 and if that does solve all the issues or not?
That would be very strange though.
@BlackDex commented on GitHub:
Ow, i have it now :) @dani-garcia forwarded it to me.
@BlackDex commented on GitHub:
I'm not sure where, but you probably have the text
latestsomewhere as a tag for Vaultwarden. If you change that to1.32.0it should be fixed to that version. I would recommend to create a backup first if you do not already have it.And, you could still try the collection steps i mentioned.
If it is one specific collection, that also makes it easier for me to narrow it down maybe.
@aheath70 commented on GitHub:
I am running 1.32.0. I am a little nervous to update to the latest version, and it appears as though this is still happening for a few others on 1.32.1, so likely it is not version dependent and more likely an issue with an entry in the database somewhere.
No recent upgrades - this has been happening for a while.
New browser window, new incognito window,, even different browser (tried Chrome and Edge) makes no difference. The issue persists regardless.
@BlackDex commented on GitHub:
If the sqlite is corrupt then more stuff would be strange i think.
You can check the sqlite database of course https://www.sqlite.org/pragma.html#pragma_integrity_check
I would also check the logs and maybe even enable debug logs. Because if you can invite someone into the org, the mail should just be sent. That is nothing to do with the web-vault not loading.
@interunivers commented on GitHub:
@BlackDex There is a new interesseting behaviour, that my organisation doesnt send out invite emails. I could easily create a new user that work absolutley fine but the invitation email never arrives. I also tried the downgrading, that didnt change anything. Could it be that my sqllite is corrupt in some way?