From afe057c5432a3e39a43aa6957abc3b831fdf954c Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 12 Jan 2026 03:49:06 +0000
Subject: [PATCH] Fix Vaultwarden SSO - disable for browser extension and
 mobile app compatibility
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Remove Authelia middleware from Vaultwarden
- Add comment explaining SSO bypass for app compatibility
- Update services-reference.md to show SSO disabled (✗)

Vaultwarden requires direct access for browser extensions and mobile apps to function properly, similar to Jellyfin and Plex.

Co-authored-by: kelinfoxy <67766943+kelinfoxy@users.noreply.github.com>
---
 docker-compose/utilities.yml | 4 +++-
 docs/services-reference.md   | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/docker-compose/utilities.yml b/docker-compose/utilities.yml
index 1eea30a..0ba3b32 100644
--- a/docker-compose/utilities.yml
+++ b/docker-compose/utilities.yml
@@ -128,6 +128,7 @@ services:
 
   # Bitwarden (Vaultwarden) - Password manager
   # Access at: https://bitwarden.${DOMAIN}
+  # Note: SSO disabled for browser extension and mobile app compatibility
   vaultwarden:
     image: vaultwarden/server:latest
     container_name: vaultwarden
@@ -155,7 +156,8 @@ services:
       - "traefik.http.routers.vaultwarden.rule=Host(`bitwarden.${DOMAIN}`)"
       - "traefik.http.routers.vaultwarden.entrypoints=websecure"
       - "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.vaultwarden.middlewares=authelia@docker"
+      # SSO disabled for browser extension and mobile app compatibility
+      # - "traefik.http.routers.vaultwarden.middlewares=authelia@docker"
       - "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
 
   # Authelia Redis - Session storage for Authelia
diff --git a/docs/services-reference.md b/docs/services-reference.md
index 9eb0113..a2dcd9c 100644
--- a/docs/services-reference.md
+++ b/docs/services-reference.md
@@ -68,7 +68,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
 | └─ Form.io | Form builder | ✓ | /opt/stacks/productivity | forms.${DOMAIN} |
 |    └─ formio-mongo | MongoDB | - | /opt/stacks/productivity | No UI |
 | **🛠️ utilities** (7) | | | | |
-| ├─ Vaultwarden | Password manager | ✓ | /opt/stacks/utilities | bitwarden.${DOMAIN} |
+| ├─ Vaultwarden | Password manager | ✗ | /opt/stacks/utilities | bitwarden.${DOMAIN} |
 | ├─ Backrest | Backup (restic) | ✓ | /opt/stacks/utilities, /mnt/backups | backrest.${DOMAIN} |
 | ├─ Duplicati | Encrypted backups | ✓ | /opt/stacks/utilities, /mnt/backups | duplicati.${DOMAIN} |
 | ├─ Code Server | VS Code in browser | ✓ | /opt/stacks/utilities | code.${DOMAIN} |