this post was submitted on 12 Aug 2023
15 points (100.0% liked)

Selfhosted

40645 readers
316 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
15
submitted 1 year ago* (last edited 1 year ago) by PriorProject to c/selfhosted
 

Hey Vaultwarden users... I was turned on to Vaultwarden by this community and have a new installation up and running. I've recently imported a pretty substantial keeypass DB and have been manually validating the import and tidying up my folder organization as I go, including selectively moving some credentials to an organization with the future intention of adding family members to that org to access shared accounts.

By and large it's all going swimmingly with one concerning exception. Every now and again, a bunch of credentials forget their folder and get moved into "no folder".

  • I don't have a reliable reproduction yet, but it seems vaguely correlated with bulk moves. In the web-ui, I'll check a bunch of entries to move from my vault to the org, and OTHER entries I didn't touch get moved to "no folder" in my vault as a side-effect.
  • Once I had a folder disappear like this as well
  • I think I understand the basics around how collections, folders, and nesting of those containers work. I'm fairly confident that I'm not getting tripped up by just failing to understand the implications of the operation I'm doing.
  • I'm using sqlite for my db backend. I'm perfectly comfortable running a Postgres instance, I just thought the no-maintenance and no-dependencies approach of sqlite felt like a good match for this tiny but critical dataset. Could it be that the sqlite backend is under baked and I"m hitting some persistence bug?
  • Fwiw I've also seen issues where I get an encryption key error saving an entry or I see tons of missing entries.In each case logging out and logging in works around the issue. I had assumed this was browser/web buglets, but now I wonder if it's more signs of storage layer problems.

Have others seen similar issues? What db backend are you using?

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 1 year ago (1 children)

I use postgres for my install and had a similar thing happen to me. I tried moving an org credential to a folder, which moved the folder to the org, and kicked all other credentials to "no folder".

Also, this support thread points out that folders aren't actually folders in the backend. Maybe batch moving credentials to an org breaks the connections to a folder?

[–] PriorProject 2 points 1 year ago

I use postgres for my install and had a similar thing happen to me. I tried moving an org credential to a folder, which moved the folder to the org, and kicked all other credentials to "no folder".

Thanks for confirming with your DB. That saves me sweating whether I should rebuild on PG at least, and also makes me feel better that it's a folder bug and not generalized database corruption.

Having finished the heavy organizing, my rate of big org transfers has slowed and I haven't reproduced again yet. Hopefully this will be uncommon enough to be a non-issue. Thanks again for the info.

[–] marsokod 2 points 1 year ago (1 children)

One thing to keep in mind is that the websocket sync is not straightforward to set up with vaultwarden and the proxy. If you don't have it working, then your client does not necessarily sync on every change.

Maybe this is related to this, with sync not being performed by the client you were using for modification?

[–] PriorProject 1 points 1 year ago* (last edited 1 year ago)

Thanks for the suggestion, but sync seems to be working ok... at least on the read side. I was able to verify the pre-existing good state and the bad state afterward from multiple clients. If sync played into it, it must have been on a write somehow.