-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple domains support, per organization #2690
Comments
What i think we should actually do here is have the attachments use the |
Hmm, it looks like there is some checking done already, but it always uses the configured domain by default. Not setting the DOMAIN variable would help for the attachments, but it will break all other items. Still need to work on this though, only looked at it. |
Just courious, any news. It is quite important for me support multiple domains. |
There is no actual work done on this. At least not by me or any other main contributor as far as i can tell (No PR's or something). Also, it makes it more secure in the sense that you split the date between the domains/organizations. |
Sure, but previously it was working fine. I mean there was no issue with attachments. So is there hope to at least allow it work again ? Something simple will work, e.g. list of domains instead of single fqdn name ? |
Well, a well written PR on this is always welcome. |
Heh, one day may be i could do that, little bit issue here - never write line of code in Rust... :) |
Hey blackdex, first i wannt to thank the contributors for vaultwarden, you/dani/ and everyone else :-) Second, you tell to use multiple vaultwarden instances, which is in my opinion not a big deal either, since vaultwarden doesn't consumes any ressources in my opinion. Cheers |
I am also interested in the multiple domains option for this reason. I currently have a Vaultwarden instance running with my personal domain, but I would like to use the domains of some clients, so that they can also register their passwords in my instance and that I can have access to these passwords in my Vaultwarden. I would like this, because today I have 5 clients who have shown interest in using Vaultwarden to manage their IT passwords, but they do not want to use my domain, they would like to use their domain, so that their users have access, without knowing that I am managing them. The idea is for IT to manage the passwords and share passwords and documentation of servers and services with me and share with users some passwords that they need to have access too, such as authentication of shared services among employees in a sector, but in a centralized way, making it easier if I need to change this password, everyone has access to the new password at the same time. If it were possible to do something like Password Federation between multiple Vaultwarden instances, it would work, but in my opinion, this would be much more complex than supporting multiple domains in the same instance as is done in owncloud/nextcloud, where we define in the administrative panel or in the configuration file, all the domains that are allowed to access the application. |
Your scenario has one major issue with mails send by the server in een automatic way. those mails currently will be sent by the main domain. For this to work we would need to somewhere register the last used domain visited/used by this user maybe. But it will make it more complex. |
This wouldn't be a big problem if I used a generic email address if that's
the case. I would use an @gmail.com email address and not put anything that
would make it seem like it was from my company.
Em ter, 5 de nov de 2024 18:20, Mathijs van Veluw ***@***.***>
escreveu:
… Your scenario has one major issue with mails send by the server in een
automatic way. those mails currently will be sent by the main domain. For
this to work we would need to somewhere register the last used domain
visited/used by this user maybe.
But it will make it more complex.
—
Reply to this email directly, view it on GitHub
<#2690 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFILVFYV43PNOCSLYFBKHDZ7EZBDAVCNFSM6AAAAABRHN3GYOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINJYGE3TCNJXHA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
It isn't specifically the from address, but the domain used for links in the emails. |
Got it! I really hadn't thought of that, it really doesn't work that well, thank you very much for that explanation, you are right. |
There is a PR here: |
Which still doesn't solve the domain for the emails in this case. |
My use case is - i have single deployment of VW, but need support different domains (company1.com, company2.com etc) per organization
I configured VW when primary domain is used for organization 1, but organization 2 accounts are configured to use another 2nd level domain. Previously 1.21 or 1.22 it was working fine. After last upgrade 1.25 i cannot download attachments. According dev console in chrome it is restricted by CORS.
I understand security concern and why that's done. But i think use case has a valid point, so i would like to request support in config or admin panel - allow to specify different domains, either
I'm using docker-compose deployment.
VW version is latest at the moment 1.25.2 with web 2.28.1
The text was updated successfully, but these errors were encountered: