LinusTor@feddit.org to

HomelabEnglish · 1 day ago

How do I block Vaultwarden's Web UI from outside my LAN via Caddy?

3

6

How do I block Vaultwarden's Web UI from outside my LAN via Caddy?

LinusTor@feddit.org to

HomelabEnglish · 1 day ago

3

Hi, I’m working on improving the security of my home server.
I want to use the Bitwarden app and the Chrome/Firefox extensions outside my LAN, but I don’t need Web Vault at all. How do I block access to Web Vault from outside the LAN in the Caddyfile?

pass.my-domain {
    @block_webvault_outside {
        not remote_ip 192.168.1.0/24 10.8.0.0/24
        
        # What should be there?
        # path /admin* will lock only admin options
    }

    respond @block_webvault_outside 403
    reverse_proxy vaultwarden:80
}

Chat

relaymoth@sh.itjust.works
link
fedilink
English
arrow-up
3·
10 hours ago
If you’re deploying Vaultwarden via docker, there’s an ENV to disable web vault

WEB_VAULT_ENABLED=true

Set to false and redeploy.
- LinusTor@feddit.orgOP
  link
  fedilink
  English
  arrow-up
  1·
  9 hours ago
  But that will also block my access to WebVault within the LAN

Homelab

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !homelab@selfhosted.forum

Rules

Be Civil.
Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
No memes or potato images.
We love detailed homelab builds, especially network diagrams!
Report any posts that you feel should be brought to our attention.
Please no shitposting or blogspam.
No Referral Linking.
Keep piracy discussion off of this community

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

22 users / day
29 users / week
307 users / month
675 users / 6 months
1 local subscriber
2.24K subscribers
1.74K Posts
7.45K Comments
Modlog