github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-23 08:32:45 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

IPv4 mapping doesn't work #1194

New Issue
Closed
opened 2025-11-07 07:00:26 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-07 07:00:26 -06:00
Owner
Copy Link

Originally created by @nerdius on GitHub (Jan 17, 2022).

Subject of the issue

I'm using Podman and directly fetching the image from docker.io/vaultwarden/server:latest. I'm trying to deploy it using the following command:
podman run -d --userns=keep-id --name vaultwarden -e SIGNUPS_ALLOWED=false -e ROCKET_PORT=3020 -v /home/USERNAME/apps/vaultwarden/vw-data/:/data/:Z -p 3020:3020 vaultwarden/server:latest

The output indicates a successful deployment:

Resolved "vaultwarden/server" as an alias (/home/USERNAME/.cache/containers/short-name-aliases.conf)
Trying to pull docker.io/vaultwarden/server:latest...
Getting image source signatures
Copying blob 8fdbf8c74aad skipped: already exists  
Copying blob 3953aa1aac1b skipped: already exists  
Copying blob ffbb094f4f9e skipped: already exists  
Copying blob f94ad8d4973a skipped: already exists  
Copying blob e436b51dcd0d skipped: already exists  
Copying blob 31d34e7d15a6 skipped: already exists  
Copying blob c79b268f4fca done  
Copying config a0e0193b46 done  
Writing manifest to image destination
Storing signatures
e8712edb5d0703b6376fa41174ba3822822b1ede188feb7e016de9962901ae4a

podman ps indicates that it's running:

CONTAINER ID  IMAGE                                COMMAND     CREATED        STATUS            PORTS                   NAMES
e8712edb5d07  docker.io/vaultwarden/server:latest  /start.sh   5 minutes ago  Up 5 minutes ago  0.0.0.0:3020->3020/tcp  vaultwarden

But when I try to access localhost:3020, nothing loads. Furthermore, the output of netstat -tulpn | grep 3020 indicates that there's an issue with port mapping as only IPv6 gets mapped:

(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp6       0      0 :::3020                 :::*                    LISTEN      641312/containers-r

I since I'm running it in a rootless environment, I tried to add a sysctl rule to enable IPv4 forwarding on the host system by following this tutorial, but to no avail. I also tried different ports and command line parameters, rebooting the server, and setting SELinux to permissive. Nothing worked and the result was identical.

Deployment environment

  • vaultwarden version: Latest from vaultwarden/server:latest.
  • Install method: Docker image, via Podman.
  • Clients used: N/A.
  • Reverse proxy and version: Didn't get to it.
  • MySQL/MariaDB or PostgreSQL version: N/A.
  • Other relevant details: I'm running Rocky Linux 8 on the server. It's fully updated.

Steps to reproduce

  1. Install the following packages on Rocky Linux 8: podman, podman-compose.
  2. Install Vaultwarden using the following command:
    podman run -d --userns=keep-id --name vaultwarden -e SIGNUPS_ALLOWED=false -e ROCKET_PORT=3020 -v /home/USERNAME/apps/vaultwarden/vw-data/:/data/:Z -p 3020:3020 vaultwarden/server:latest
  3. Try to connect to localhost:3020; check if localhost:3020 is listening.

Expected behaviour

IPv4 port should be exposed and I should be able to connect to it.

Actual behaviour

IPv4 mapping doesn't work and you can't connect to it.

Troubleshooting data

N/A.

Originally created by @nerdius on GitHub (Jan 17, 2022). ### Subject of the issue I'm using Podman and directly fetching the image from _docker.io/vaultwarden/server:latest_. I'm trying to deploy it using the following command: `podman run -d --userns=keep-id --name vaultwarden -e SIGNUPS_ALLOWED=false -e ROCKET_PORT=3020 -v /home/USERNAME/apps/vaultwarden/vw-data/:/data/:Z -p 3020:3020 vaultwarden/server:latest` The output indicates a successful deployment: ``` Resolved "vaultwarden/server" as an alias (/home/USERNAME/.cache/containers/short-name-aliases.conf) Trying to pull docker.io/vaultwarden/server:latest... Getting image source signatures Copying blob 8fdbf8c74aad skipped: already exists Copying blob 3953aa1aac1b skipped: already exists Copying blob ffbb094f4f9e skipped: already exists Copying blob f94ad8d4973a skipped: already exists Copying blob e436b51dcd0d skipped: already exists Copying blob 31d34e7d15a6 skipped: already exists Copying blob c79b268f4fca done Copying config a0e0193b46 done Writing manifest to image destination Storing signatures e8712edb5d0703b6376fa41174ba3822822b1ede188feb7e016de9962901ae4a ``` `podman ps` indicates that it's running: ``` CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e8712edb5d07 docker.io/vaultwarden/server:latest /start.sh 5 minutes ago Up 5 minutes ago 0.0.0.0:3020->3020/tcp vaultwarden ``` But when I try to access _localhost:3020_, nothing loads. Furthermore, the output of `netstat -tulpn | grep 3020` indicates that there's an issue with port mapping as only IPv6 gets mapped: ``` (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp6 0 0 :::3020 :::* LISTEN 641312/containers-r ``` I since I'm running it in a rootless environment, I tried to add a sysctl rule to enable IPv4 forwarding on the host system by following [this tutorial](https://linuxcent.com/enabling-ipv4-forwarding-on-docker-server/), but to no avail. I also tried different ports and command line parameters, rebooting the server, and setting SELinux to permissive. Nothing worked and the result was identical. ### Deployment environment * vaultwarden version: Latest from _vaultwarden/server:latest_. * Install method: Docker image, via Podman. * Clients used: N/A. * Reverse proxy and version: Didn't get to it. * MySQL/MariaDB or PostgreSQL version: N/A. * Other relevant details: I'm running Rocky Linux 8 on the server. It's fully updated. ### Steps to reproduce 1. Install the following packages on Rocky Linux 8: _podman_, _podman-compose_. 2. Install Vaultwarden using the following command: `podman run -d --userns=keep-id --name vaultwarden -e SIGNUPS_ALLOWED=false -e ROCKET_PORT=3020 -v /home/USERNAME/apps/vaultwarden/vw-data/:/data/:Z -p 3020:3020 vaultwarden/server:latest` 3. Try to connect to _localhost:3020_; check if _localhost:3020_ is listening. ### Expected behaviour IPv4 port should be exposed and I should be able to connect to it. ### Actual behaviour IPv4 mapping doesn't work and you can't connect to it. ### Troubleshooting data N/A.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#1194
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?