Possible migration failure using SQLite DB backend

[tokyovigilante]

Steps To Reproduce

Upgrade from dev Docker image from ~2 weeks ago to current dev or beta Docker image.
Start bitwarden image using podman run

Expected Result

Bitwarden server and web client is available

Actual Result

Login using web API fails, with identity.log suggesting DB schema has changed and either migration was not performed or failed:

2023-02-26 20:28:43.987 +00:00 [INF] Identity started.
2023-02-26 20:29:09.635 +00:00 [ERR] Failed executing DbCommand (106ms) [Parameters=[@__email_0='?' (Size = 18)], CommandType='"Text"', CommandTimeout='30']
SELECT "u"."Kdf", "u"."KdfIterations", "u"."KdfMemory", "u"."KdfParallelism"
FROM "User" AS "u"
WHERE "u"."Email" = @__email_0
LIMIT 2
2023-02-26 20:29:09.665 +00:00 [ERR] An exception occurred while iterating over the results of a query for context type 'Bit.Infrastructure.EntityFramework.Repositories.DatabaseContext'.
Microsoft.Data.Sqlite.SqliteException (0x80004005): SQLite Error 1: 'no such column: u.KdfMemory'.
   at Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRC(Int32 rc, sqlite3 db)
   at Microsoft.Data.Sqlite.SqliteCommand.PrepareAndEnumerateStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteCommand.GetStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteDataReader.NextResult()
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteDbDataReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
Microsoft.Data.Sqlite.SqliteException (0x80004005): SQLite Error 1: 'no such column: u.KdfMemory'.
   at Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRC(Int32 rc, sqlite3 db)
   at Microsoft.Data.Sqlite.SqliteCommand.PrepareAndEnumerateStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteCommand.GetStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteDataReader.NextResult()
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteDbDataReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
2023-02-26 20:29:09.682 +00:00 [ERR] SQLite Error 1: 'no such column: u.KdfMemory'.
Microsoft.Data.Sqlite.SqliteException (0x80004005): SQLite Error 1: 'no such column: u.KdfMemory'.
   at Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRC(Int32 rc, sqlite3 db)
   at Microsoft.Data.Sqlite.SqliteCommand.PrepareAndEnumerateStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteCommand.GetStatements(Stopwatch timer)+MoveNext()
   at Microsoft.Data.Sqlite.SqliteDataReader.NextResult()
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteDbDataReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
   at Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.SingleOrDefaultAsync[TSource](IAsyncEnumerable`1 asyncEnumerable, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.SingleOrDefaultAsync[TSource](IAsyncEnumerable`1 asyncEnumerable, CancellationToken cancellationToken)
   at Bit.Infrastructure.EntityFramework.Repositories.UserRepository.GetKdfInformationByEmailAsync(String email) in /source/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs:line 31
   at Bit.Identity.Controllers.AccountsController.PostPrelogin(PreloginRequestModel model) in /source/src/Identity/Controllers/AccountsController.cs:line 62
   at lambda_method9(Closure , Object )
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)

Screenshots or Videos

No response

Additional Context

Fedora 38 server, running Podman, with pods behind an nginx proxy.

podman run command: podman run -d --name bitwarden -v /home/ryan/docker/bitwarden-unified/bwdata/:/etc/bitwarden:Z -p 8082:8082 --env-file settings.env bitwarden/self-host:dev

settings.env:

BW_DOMAIN=[REDACTED]
BW_PORT_HTTP=8082
BW_PORT_HTTPS=
BW_DB_PROVIDER=sqlite
BW_INSTALLATION_ID=[REDACTED]
BW_INSTALLATION_KEY=[REDACTED]
globalSettings__mail__*=[REDACTED]
globalSettings__disableUserRegistration=true
adminSettings__admins=[REDACTED]

Githash Version

3cedc0c-dirty

Environment Details

Fedora 38 Server
Podman (run command above)
Intel Xeon D-1518, 32 GB RAM

Database Image

SQLite

Issue-Link

#2480

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

[keithhubner]

Hi there,

Thank you for your report!

I was able to reproduce this issue, and have flagged this to our engineering team.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these.

Thanks once again!

[justindbaur]

@tokyovigilante Could you look into your admin logs and see if there are any errors? (/var/log/bitwarden/admin.log).

[tokyovigilante]

Thanks, attached is the result of cat bwdata/logs/admin.log | grep -v INF:

I note most of these errors are a bit historic and seem to relate to when I was setting up the container and hadn't got my config and keys etc quite right, and it has worked well with sqlite and podman prior to the latest updates. I note the last two lines in the unfiltered log are:

2023-02-26 21:15:57.577 +00:00 [INF] Migrating database.
2023-02-26 21:15:59.561 +00:00 [INF] Migration successful.

which would have been about when I updated the container.

cat bwdata/logs/admin.log | grep -v INF

Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
 ---> System.Security.Cryptography.CryptographicException: The key {cb75432a-8e70-4111-8214-660d7baf917c} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
2023-02-12 01:06:54.378 +00:00 [ERR] Error encountered while sending GET request to http://localhost:80/version.json
System.Net.Http.HttpRequestException: Connection refused (localhost:80)
 ---> System.Net.Sockets.SocketException (111): Connection refused
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
   at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Bit.Admin.Controllers.HomeController.GetInstalledWebVersion(CancellationToken cancellationToken) in /source/src/Admin/Controllers/HomeController.cs:line 73
2023-02-12 01:07:00.570 +00:00 [ERR] An exception occurred while iterating over the results of a query for context type 'Bit.Infrastructure.EntityFramework.Repositories.DatabaseContext'.
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
2023-02-12 01:07:00.574 +00:00 [ERR] The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Bit.Infrastructure.EntityFramework.Repositories.UserRepository.SearchAsync(String email, Int32 skip, Int32 take) in /source/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs:line 59
   at Bit.Admin.Controllers.UsersController.Index(String email, Int32 page, Int32 count) in /source/src/Admin/Controllers/UsersController.cs:line 45
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2023-02-12 01:07:00.579 +00:00 [ERR] An unhandled exception has occurred while executing the request.
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Bit.Infrastructure.EntityFramework.Repositories.UserRepository.SearchAsync(String email, Int32 skip, Int32 take) in /source/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs:line 59
   at Bit.Admin.Controllers.UsersController.Index(String email, Int32 page, Int32 count) in /source/src/Admin/Controllers/UsersController.cs:line 45
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResourceFilter()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
   at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
2023-02-12 01:10:21.540 +00:00 [ERR] An exception occurred while iterating over the results of a query for context type 'Bit.Infrastructure.EntityFramework.Repositories.DatabaseContext'.
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
2023-02-12 01:10:21.542 +00:00 [ERR] The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Bit.Infrastructure.EntityFramework.Repositories.UserRepository.SearchAsync(String email, Int32 skip, Int32 take) in /source/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs:line 59
   at Bit.Admin.Controllers.UsersController.Index(String email, Int32 page, Int32 count) in /source/src/Admin/Controllers/UsersController.cs:line 45
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2023-02-12 01:10:21.546 +00:00 [ERR] An unhandled exception has occurred while executing the request.
System.Security.Cryptography.CryptographicException: The key {f0f80489-f3a6-42d6-bd07-65c93c78a321} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)
   at Bit.Infrastructure.EntityFramework.Converters.DataProtectionConverter.Unprotect(IDataProtector dataProtector, String value) in /source/src/Infrastructure.EntityFramework/Converters/DataProtectionConverter.cs:line 30
   at lambda_method158(Closure , QueryContext , DbDataReader , ResultContext , SingleQueryResultCoordinator )
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.EntityFrameworkQueryableExtensions.ToListAsync[TSource](IQueryable`1 source, CancellationToken cancellationToken)
   at Bit.Infrastructure.EntityFramework.Repositories.UserRepository.SearchAsync(String email, Int32 skip, Int32 take) in /source/src/Infrastructure.EntityFramework/Repositories/UserRepository.cs:line 59
   at Bit.Admin.Controllers.UsersController.Index(String email, Int32 page, Int32 count) in /source/src/Admin/Controllers/UsersController.cs:line 45
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResourceFilter()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
   at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
2023-02-12 01:10:32.236 +00:00 [ERR] Error encountered while sending GET request to http://localhost:80/version.json
System.Net.Http.HttpRequestException: Connection refused (localhost:80)
 ---> System.Net.Sockets.SocketException (111): Connection refused
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
   at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Bit.Admin.Controllers.HomeController.GetInstalledWebVersion(CancellationToken cancellationToken) in /source/src/Admin/Controllers/HomeController.cs:line 73
2023-02-13 09:39:59.341 +00:00 [ERR] Error encountered while sending GET request to http://localhost:80/version.json
System.Net.Http.HttpRequestException: Connection refused (localhost:80)
 ---> System.Net.Sockets.SocketException (111): Connection refused
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
   at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Bit.Admin.Controllers.HomeController.GetInstalledWebVersion(CancellationToken cancellationToken) in /source/src/Admin/Controllers/HomeController.cs:line 73
2023-02-13 09:40:11.079 +00:00 [ERR] Error encountered while sending GET request to http://localhost:80/version.json
System.Net.Http.HttpRequestException: Connection refused (localhost:80)
 ---> System.Net.Sockets.SocketException (111): Connection refused
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
   at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Bit.Admin.Controllers.HomeController.GetInstalledWebVersion(CancellationToken cancellationToken) in /source/src/Admin/Controllers/HomeController.cs:line 73

[tokyovigilante]

Thanks for the quick fix, but please push this to the dev docker image at least, as I cannot currently access my vault.

[justindbaur]

@tokyovigilante This should be on the latest of the dev tag.

[tokyovigilante]

Ok, this bug is still present if that is the case, unless there is a manual step required to trigger the migration.

[justindbaur]

You have to update your server and make sure that Admin is running. If that is the case for you can you post your admin logs again and I can see what might be going on.

[tokyovigilante]

Thanks, I have re-pulled this morning with the same result. admin.log snippet:

023-03-06 08:05:00.339 +00:00 [INF] Starting job DeleteSendsJob at "2023-03-06T08:05:00.3373219Z".
2023-03-06 08:05:02.702 +00:00 [INF] Deleting 0 sends.
2023-03-06 08:05:02.704 +00:00 [INF] Finished job DeleteSendsJob at "2023-03-06T08:05:02.7046723Z".
2023-03-06 08:05:07.759 +00:00 [INF] Migrating database.
2023-03-06 08:05:08.000 +00:00 [INF] Migration successful.
2023-03-07 22:31:24.597 +00:00 [INF] Migrating database.
2023-03-07 22:31:26.581 +00:00 [INF] Migration successful.

Container version:

[Wed 11:37am] ryan@xserve ~/docker/bitwarden-unified/$ podman image list
REPOSITORY                     TAG         IMAGE ID      CREATED      SIZE
docker.io/bitwarden/self-host  dev         c58566d2f127  4 hours ago  847 MB

[Wed 11:37am] ryan@xserve ~/docker/bitwarden-unified/$ podman image inspect docker.io/bitwarden/self-host:dev
[
     {
          "Id": "c58566d2f127de624c52afd22acdd27b1b8fe33c2653a750b14c6159f6355327",
          "Digest": "sha256:56513fb38fd9c34be2612efd849310b31d53b0966fbfc8ff4d17c941416dfeb1",
          "RepoTags": [
               "docker.io/bitwarden/self-host:dev"
          ],
          "RepoDigests": [
               "docker.io/bitwarden/self-host@sha256:0d7a44c6d9427f148d9158c2b73dba8e1f67f011874acdb32f615070af32313f",
               "docker.io/bitwarden/self-host@sha256:56513fb38fd9c34be2612efd849310b31d53b0966fbfc8ff4d17c941416dfeb1"
          ],
          "Parent": "",
          "Comment": "",
          "Created": "2023-03-07T19:02:46.611436907Z",

Here is the current vault.db schema:

schema.sql

CREATE TABLE IF NOT EXISTS "__EFMigrationsHistory" (
    "MigrationId" TEXT NOT NULL CONSTRAINT "PK___EFMigrationsHistory" PRIMARY KEY,
    "ProductVersion" TEXT NOT NULL
);
CREATE TABLE IF NOT EXISTS "Event" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Event" PRIMARY KEY,
    "Date" TEXT NOT NULL,
    "Type" INTEGER NOT NULL,
    "UserId" TEXT NULL,
    "OrganizationId" TEXT NULL,
    "InstallationId" TEXT NULL,
    "ProviderId" TEXT NULL,
    "CipherId" TEXT NULL,
    "CollectionId" TEXT NULL,
    "PolicyId" TEXT NULL,
    "GroupId" TEXT NULL,
    "OrganizationUserId" TEXT NULL,
    "ProviderUserId" TEXT NULL,
    "ProviderOrganizationId" TEXT NULL,
    "DeviceType" INTEGER NULL,
    "IpAddress" TEXT NULL,
    "ActingUserId" TEXT NULL,
    "SystemUser" INTEGER NULL
, "SecretId" TEXT NULL, "ServiceAccountId" TEXT NULL, "DomainName" TEXT NULL);
CREATE TABLE IF NOT EXISTS "Grant" (
    "Key" TEXT NOT NULL CONSTRAINT "PK_Grant" PRIMARY KEY,
    "Type" TEXT NULL,
    "SubjectId" TEXT NULL,
    "SessionId" TEXT NULL,
    "ClientId" TEXT NULL,
    "Description" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "ExpirationDate" TEXT NULL,
    "ConsumedDate" TEXT NULL,
    "Data" TEXT NULL
);
CREATE TABLE IF NOT EXISTS "Installation" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Installation" PRIMARY KEY,
    "Email" TEXT NULL,
    "Key" TEXT NULL,
    "Enabled" INTEGER NOT NULL,
    "CreationDate" TEXT NOT NULL
);
CREATE TABLE IF NOT EXISTS "Organization" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Organization" PRIMARY KEY,
    "Identifier" TEXT NULL,
    "Name" TEXT NULL,
    "BusinessName" TEXT NULL,
    "BusinessAddress1" TEXT NULL,
    "BusinessAddress2" TEXT NULL,
    "BusinessAddress3" TEXT NULL,
    "BusinessCountry" TEXT NULL,
    "BusinessTaxNumber" TEXT NULL,
    "BillingEmail" TEXT NULL,
    "Plan" TEXT NULL,
    "PlanType" INTEGER NOT NULL,
    "Seats" INTEGER NULL,
    "MaxCollections" INTEGER NULL,
    "UsePolicies" INTEGER NOT NULL,
    "UseSso" INTEGER NOT NULL,
    "UseKeyConnector" INTEGER NOT NULL,
    "UseScim" INTEGER NOT NULL,
    "UseGroups" INTEGER NOT NULL,
    "UseDirectory" INTEGER NOT NULL,
    "UseEvents" INTEGER NOT NULL,
    "UseTotp" INTEGER NOT NULL,
    "Use2fa" INTEGER NOT NULL,
    "UseApi" INTEGER NOT NULL,
    "UseResetPassword" INTEGER NOT NULL,
    "SelfHost" INTEGER NOT NULL,
    "UsersGetPremium" INTEGER NOT NULL,
    "UseCustomPermissions" INTEGER NOT NULL,
    "Storage" INTEGER NULL,
    "MaxStorageGb" INTEGER NULL,
    "Gateway" INTEGER NULL,
    "GatewayCustomerId" TEXT NULL,
    "GatewaySubscriptionId" TEXT NULL,
    "ReferenceData" TEXT NULL,
    "Enabled" INTEGER NOT NULL,
    "LicenseKey" TEXT NULL,
    "PublicKey" TEXT NULL,
    "PrivateKey" TEXT NULL,
    "TwoFactorProviders" TEXT NULL,
    "ExpirationDate" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "MaxAutoscaleSeats" INTEGER NULL,
    "OwnersNotifiedOfAutoscaling" TEXT NULL
, "UseSecretsManager" INTEGER NOT NULL DEFAULT 0);
CREATE TABLE IF NOT EXISTS "Provider" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Provider" PRIMARY KEY,
    "Name" TEXT NULL,
    "BusinessName" TEXT NULL,
    "BusinessAddress1" TEXT NULL,
    "BusinessAddress2" TEXT NULL,
    "BusinessAddress3" TEXT NULL,
    "BusinessCountry" TEXT NULL,
    "BusinessTaxNumber" TEXT NULL,
    "BillingEmail" TEXT NULL,
    "Status" INTEGER NOT NULL,
    "UseEvents" INTEGER NOT NULL,
    "Enabled" INTEGER NOT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL
, "BillingPhone" TEXT NULL, "Type" INTEGER NOT NULL DEFAULT 0);
CREATE TABLE IF NOT EXISTS "TaxRate" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_TaxRate" PRIMARY KEY,
    "Country" TEXT NULL,
    "State" TEXT NULL,
    "PostalCode" TEXT NULL,
    "Rate" TEXT NOT NULL,
    "Active" INTEGER NOT NULL
);
CREATE TABLE IF NOT EXISTS "Collection" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Collection" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "ExternalId" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_Collection_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "Group" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Group" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "AccessAll" INTEGER NOT NULL,
    "ExternalId" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_Group_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "OrganizationApiKey" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_OrganizationApiKey" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Type" INTEGER NOT NULL,
    "ApiKey" TEXT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_OrganizationApiKey_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "OrganizationConnection" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_OrganizationConnection" PRIMARY KEY,
    "Type" INTEGER NOT NULL,
    "OrganizationId" TEXT NOT NULL,
    "Enabled" INTEGER NOT NULL,
    "Config" TEXT NULL,
    CONSTRAINT "FK_OrganizationConnection_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "OrganizationSponsorship" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_OrganizationSponsorship" PRIMARY KEY,
    "SponsoringOrganizationId" TEXT NULL,
    "SponsoringOrganizationUserId" TEXT NOT NULL,
    "SponsoredOrganizationId" TEXT NULL,
    "FriendlyName" TEXT NULL,
    "OfferedToEmail" TEXT NULL,
    "PlanSponsorshipType" INTEGER NULL,
    "LastSyncDate" TEXT NULL,
    "ValidUntil" TEXT NULL,
    "ToDelete" INTEGER NOT NULL,
    CONSTRAINT "FK_OrganizationSponsorship_Organization_SponsoredOrganizationId" FOREIGN KEY ("SponsoredOrganizationId") REFERENCES "Organization" ("Id"),
    CONSTRAINT "FK_OrganizationSponsorship_Organization_SponsoringOrganizationId" FOREIGN KEY ("SponsoringOrganizationId") REFERENCES "Organization" ("Id")
);
CREATE TABLE IF NOT EXISTS "Policy" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Policy" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Type" INTEGER NOT NULL,
    "Data" TEXT NULL,
    "Enabled" INTEGER NOT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_Policy_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "SsoConfig" (
    "Id" INTEGER NOT NULL CONSTRAINT "PK_SsoConfig" PRIMARY KEY AUTOINCREMENT,
    "Enabled" INTEGER NOT NULL,
    "OrganizationId" TEXT NOT NULL,
    "Data" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_SsoConfig_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE sqlite_sequence(name,seq);
CREATE TABLE IF NOT EXISTS "ProviderOrganization" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_ProviderOrganization" PRIMARY KEY,
    "ProviderId" TEXT NOT NULL,
    "OrganizationId" TEXT NOT NULL,
    "Key" TEXT NULL,
    "Settings" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_ProviderOrganization_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_ProviderOrganization_Provider_ProviderId" FOREIGN KEY ("ProviderId") REFERENCES "Provider" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "Cipher" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Cipher" PRIMARY KEY,
    "UserId" TEXT NULL,
    "OrganizationId" TEXT NULL,
    "Type" INTEGER NOT NULL,
    "Data" TEXT NULL,
    "Favorites" TEXT NULL,
    "Folders" TEXT NULL,
    "Attachments" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "DeletedDate" TEXT NULL,
    "Reprompt" INTEGER NULL,
    CONSTRAINT "FK_Cipher_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id"),
    CONSTRAINT "FK_Cipher_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id")
);
CREATE TABLE IF NOT EXISTS "Device" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Device" PRIMARY KEY,
    "UserId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "Type" INTEGER NOT NULL,
    "Identifier" TEXT NULL,
    "PushToken" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_Device_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "EmergencyAccess" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_EmergencyAccess" PRIMARY KEY,
    "GrantorId" TEXT NOT NULL,
    "GranteeId" TEXT NULL,
    "Email" TEXT NULL,
    "KeyEncrypted" TEXT NULL,
    "Type" INTEGER NOT NULL,
    "Status" INTEGER NOT NULL,
    "WaitTimeDays" INTEGER NOT NULL,
    "RecoveryInitiatedDate" TEXT NULL,
    "LastNotificationDate" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_EmergencyAccess_User_GranteeId" FOREIGN KEY ("GranteeId") REFERENCES "User" ("Id"),
    CONSTRAINT "FK_EmergencyAccess_User_GrantorId" FOREIGN KEY ("GrantorId") REFERENCES "User" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "Folder" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Folder" PRIMARY KEY,
    "UserId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_Folder_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "OrganizationUser" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_OrganizationUser" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "UserId" TEXT NULL,
    "Email" TEXT NULL,
    "Key" TEXT NULL,
    "ResetPasswordKey" TEXT NULL,
    "Status" INTEGER NOT NULL,
    "Type" INTEGER NOT NULL,
    "AccessAll" INTEGER NOT NULL,
    "ExternalId" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "Permissions" TEXT NULL, "AccessSecretsManager" INTEGER NOT NULL DEFAULT 0,
    CONSTRAINT "FK_OrganizationUser_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_OrganizationUser_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id")
);
CREATE TABLE IF NOT EXISTS "ProviderUser" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_ProviderUser" PRIMARY KEY,
    "ProviderId" TEXT NOT NULL,
    "UserId" TEXT NULL,
    "Email" TEXT NULL,
    "Key" TEXT NULL,
    "Status" INTEGER NOT NULL,
    "Type" INTEGER NOT NULL,
    "Permissions" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_ProviderUser_Provider_ProviderId" FOREIGN KEY ("ProviderId") REFERENCES "Provider" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_ProviderUser_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id")
);
CREATE TABLE IF NOT EXISTS "Send" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Send" PRIMARY KEY,
    "UserId" TEXT NULL,
    "OrganizationId" TEXT NULL,
    "Type" INTEGER NOT NULL,
    "Data" TEXT NULL,
    "Key" TEXT NULL,
    "Password" TEXT NULL,
    "MaxAccessCount" INTEGER NULL,
    "AccessCount" INTEGER NOT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "ExpirationDate" TEXT NULL,
    "DeletionDate" TEXT NOT NULL,
    "Disabled" INTEGER NOT NULL,
    "HideEmail" INTEGER NULL,
    CONSTRAINT "FK_Send_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id"),
    CONSTRAINT "FK_Send_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id")
);
CREATE TABLE IF NOT EXISTS "SsoUser" (
    "Id" INTEGER NOT NULL CONSTRAINT "PK_SsoUser" PRIMARY KEY AUTOINCREMENT,
    "UserId" TEXT NOT NULL,
    "OrganizationId" TEXT NULL,
    "ExternalId" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    CONSTRAINT "FK_SsoUser_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id"),
    CONSTRAINT "FK_SsoUser_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "Transaction" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Transaction" PRIMARY KEY,
    "UserId" TEXT NULL,
    "OrganizationId" TEXT NULL,
    "Type" INTEGER NOT NULL,
    "Amount" TEXT NOT NULL,
    "Refunded" INTEGER NULL,
    "RefundedAmount" TEXT NULL,
    "Details" TEXT NULL,
    "PaymentMethodType" INTEGER NULL,
    "Gateway" INTEGER NULL,
    "GatewayId" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    CONSTRAINT "FK_Transaction_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id"),
    CONSTRAINT "FK_Transaction_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id")
);
CREATE TABLE IF NOT EXISTS "CollectionGroups" (
    "CollectionId" TEXT NOT NULL,
    "GroupId" TEXT NOT NULL,
    "ReadOnly" INTEGER NOT NULL,
    "HidePasswords" INTEGER NOT NULL,
    CONSTRAINT "PK_CollectionGroups" PRIMARY KEY ("CollectionId", "GroupId"),
    CONSTRAINT "FK_CollectionGroups_Collection_CollectionId" FOREIGN KEY ("CollectionId") REFERENCES "Collection" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_CollectionGroups_Group_GroupId" FOREIGN KEY ("GroupId") REFERENCES "Group" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "CollectionCipher" (
    "CollectionId" TEXT NOT NULL,
    "CipherId" TEXT NOT NULL,
    CONSTRAINT "PK_CollectionCipher" PRIMARY KEY ("CollectionId", "CipherId"),
    CONSTRAINT "FK_CollectionCipher_Cipher_CipherId" FOREIGN KEY ("CipherId") REFERENCES "Cipher" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_CollectionCipher_Collection_CollectionId" FOREIGN KEY ("CollectionId") REFERENCES "Collection" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "AuthRequest" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_AuthRequest" PRIMARY KEY,
    "UserId" TEXT NOT NULL,
    "Type" INTEGER NOT NULL,
    "RequestDeviceIdentifier" TEXT NULL,
    "RequestDeviceType" INTEGER NOT NULL,
    "RequestIpAddress" TEXT NULL,
    "RequestFingerprint" TEXT NULL,
    "ResponseDeviceId" TEXT NULL,
    "AccessCode" TEXT NULL,
    "PublicKey" TEXT NULL,
    "Key" TEXT NULL,
    "MasterPasswordHash" TEXT NULL,
    "Approved" INTEGER NULL,
    "CreationDate" TEXT NOT NULL,
    "ResponseDate" TEXT NULL,
    "AuthenticationDate" TEXT NULL,
    CONSTRAINT "FK_AuthRequest_Device_ResponseDeviceId" FOREIGN KEY ("ResponseDeviceId") REFERENCES "Device" ("Id"),
    CONSTRAINT "FK_AuthRequest_User_UserId" FOREIGN KEY ("UserId") REFERENCES "User" ("Id") ON DELETE CASCADE
);
CREATE INDEX "IX_AuthRequest_ResponseDeviceId" ON "AuthRequest" ("ResponseDeviceId");
CREATE INDEX "IX_AuthRequest_UserId" ON "AuthRequest" ("UserId");
CREATE INDEX "IX_Cipher_OrganizationId" ON "Cipher" ("OrganizationId");
CREATE INDEX "IX_Cipher_UserId" ON "Cipher" ("UserId");
CREATE INDEX "IX_Collection_OrganizationId" ON "Collection" ("OrganizationId");
CREATE INDEX "IX_CollectionCipher_CipherId" ON "CollectionCipher" ("CipherId");
CREATE INDEX "IX_CollectionGroups_GroupId" ON "CollectionGroups" ("GroupId");
CREATE INDEX "IX_Device_UserId" ON "Device" ("UserId");
CREATE INDEX "IX_EmergencyAccess_GranteeId" ON "EmergencyAccess" ("GranteeId");
CREATE INDEX "IX_EmergencyAccess_GrantorId" ON "EmergencyAccess" ("GrantorId");
CREATE INDEX "IX_Folder_UserId" ON "Folder" ("UserId");
CREATE INDEX "IX_Group_OrganizationId" ON "Group" ("OrganizationId");
CREATE INDEX "IX_OrganizationApiKey_OrganizationId" ON "OrganizationApiKey" ("OrganizationId");
CREATE INDEX "IX_OrganizationConnection_OrganizationId" ON "OrganizationConnection" ("OrganizationId");
CREATE INDEX "IX_OrganizationSponsorship_SponsoredOrganizationId" ON "OrganizationSponsorship" ("SponsoredOrganizationId");
CREATE INDEX "IX_OrganizationSponsorship_SponsoringOrganizationId" ON "OrganizationSponsorship" ("SponsoringOrganizationId");
CREATE INDEX "IX_OrganizationUser_OrganizationId" ON "OrganizationUser" ("OrganizationId");
CREATE INDEX "IX_OrganizationUser_UserId" ON "OrganizationUser" ("UserId");
CREATE INDEX "IX_Policy_OrganizationId" ON "Policy" ("OrganizationId");
CREATE INDEX "IX_ProviderOrganization_OrganizationId" ON "ProviderOrganization" ("OrganizationId");
CREATE INDEX "IX_ProviderOrganization_ProviderId" ON "ProviderOrganization" ("ProviderId");
CREATE INDEX "IX_ProviderUser_ProviderId" ON "ProviderUser" ("ProviderId");
CREATE INDEX "IX_ProviderUser_UserId" ON "ProviderUser" ("UserId");
CREATE INDEX "IX_Send_OrganizationId" ON "Send" ("OrganizationId");
CREATE INDEX "IX_Send_UserId" ON "Send" ("UserId");
CREATE INDEX "IX_SsoConfig_OrganizationId" ON "SsoConfig" ("OrganizationId");
CREATE INDEX "IX_SsoUser_OrganizationId" ON "SsoUser" ("OrganizationId");
CREATE INDEX "IX_SsoUser_UserId" ON "SsoUser" ("UserId");
CREATE INDEX "IX_Transaction_OrganizationId" ON "Transaction" ("OrganizationId");
CREATE INDEX "IX_Transaction_UserId" ON "Transaction" ("UserId");
CREATE TABLE IF NOT EXISTS "Project" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Project" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "DeletedDate" TEXT NULL,
    CONSTRAINT "FK_Project_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "Secret" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_Secret" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Key" TEXT NULL,
    "Value" TEXT NULL,
    "Note" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "DeletedDate" TEXT NULL,
    CONSTRAINT "FK_Secret_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "ServiceAccount" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_ServiceAccount" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Name" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_ServiceAccount_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "ProjectSecret" (
    "ProjectsId" TEXT NOT NULL,
    "SecretsId" TEXT NOT NULL,
    CONSTRAINT "PK_ProjectSecret" PRIMARY KEY ("ProjectsId", "SecretsId"),
    CONSTRAINT "FK_ProjectSecret_Project_ProjectsId" FOREIGN KEY ("ProjectsId") REFERENCES "Project" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_ProjectSecret_Secret_SecretsId" FOREIGN KEY ("SecretsId") REFERENCES "Secret" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "AccessPolicy" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_AccessPolicy" PRIMARY KEY,
    "GroupId" TEXT NULL,
    "GrantedProjectId" TEXT NULL,
    "GrantedServiceAccountId" TEXT NULL,
    "ServiceAccountId" TEXT NULL,
    "OrganizationUserId" TEXT NULL,
    "Read" INTEGER NOT NULL,
    "Write" INTEGER NOT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    "Discriminator" TEXT NOT NULL,
    CONSTRAINT "FK_AccessPolicy_Group_GroupId" FOREIGN KEY ("GroupId") REFERENCES "Group" ("Id"),
    CONSTRAINT "FK_AccessPolicy_OrganizationUser_OrganizationUserId" FOREIGN KEY ("OrganizationUserId") REFERENCES "OrganizationUser" ("Id"),
    CONSTRAINT "FK_AccessPolicy_Project_GrantedProjectId" FOREIGN KEY ("GrantedProjectId") REFERENCES "Project" ("Id"),
    CONSTRAINT "FK_AccessPolicy_ServiceAccount_GrantedServiceAccountId" FOREIGN KEY ("GrantedServiceAccountId") REFERENCES "ServiceAccount" ("Id"),
    CONSTRAINT "FK_AccessPolicy_ServiceAccount_ServiceAccountId" FOREIGN KEY ("ServiceAccountId") REFERENCES "ServiceAccount" ("Id")
);
CREATE TABLE IF NOT EXISTS "ApiKey" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_ApiKey" PRIMARY KEY,
    "ServiceAccountId" TEXT NULL,
    "Name" TEXT NULL,
    "ClientSecret" TEXT NULL,
    "Scope" TEXT NULL,
    "EncryptedPayload" TEXT NULL,
    "Key" TEXT NULL,
    "ExpireAt" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "RevisionDate" TEXT NOT NULL,
    CONSTRAINT "FK_ApiKey_ServiceAccount_ServiceAccountId" FOREIGN KEY ("ServiceAccountId") REFERENCES "ServiceAccount" ("Id")
);
CREATE INDEX "IX_AccessPolicy_GrantedProjectId" ON "AccessPolicy" ("GrantedProjectId");
CREATE INDEX "IX_AccessPolicy_GrantedServiceAccountId" ON "AccessPolicy" ("GrantedServiceAccountId");
CREATE INDEX "IX_AccessPolicy_GroupId" ON "AccessPolicy" ("GroupId");
CREATE INDEX "IX_AccessPolicy_OrganizationUserId" ON "AccessPolicy" ("OrganizationUserId");
CREATE INDEX "IX_AccessPolicy_ServiceAccountId" ON "AccessPolicy" ("ServiceAccountId");
CREATE INDEX "IX_ApiKey_ServiceAccountId" ON "ApiKey" ("ServiceAccountId");
CREATE INDEX "IX_Project_DeletedDate" ON "Project" ("DeletedDate");
CREATE INDEX "IX_Project_OrganizationId" ON "Project" ("OrganizationId");
CREATE INDEX "IX_ProjectSecret_SecretsId" ON "ProjectSecret" ("SecretsId");
CREATE INDEX "IX_Secret_DeletedDate" ON "Secret" ("DeletedDate");
CREATE INDEX "IX_Secret_OrganizationId" ON "Secret" ("OrganizationId");
CREATE INDEX "IX_ServiceAccount_OrganizationId" ON "ServiceAccount" ("OrganizationId");
CREATE TABLE IF NOT EXISTS "CollectionUsers" (
    "CollectionId" TEXT NOT NULL,
    "OrganizationUserId" TEXT NOT NULL,
    "HidePasswords" INTEGER NOT NULL,
    "ReadOnly" INTEGER NOT NULL,
    CONSTRAINT "PK_CollectionUsers" PRIMARY KEY ("CollectionId", "OrganizationUserId"),
    CONSTRAINT "FK_CollectionUsers_Collection_CollectionId" FOREIGN KEY ("CollectionId") REFERENCES "Collection" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_CollectionUsers_OrganizationUser_OrganizationUserId" FOREIGN KEY ("OrganizationUserId") REFERENCES "OrganizationUser" ("Id") ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "GroupUser" (
    "GroupId" TEXT NOT NULL,
    "OrganizationUserId" TEXT NOT NULL,
    CONSTRAINT "PK_GroupUser" PRIMARY KEY ("GroupId", "OrganizationUserId"),
    CONSTRAINT "FK_GroupUser_Group_GroupId" FOREIGN KEY ("GroupId") REFERENCES "Group" ("Id") ON DELETE CASCADE,
    CONSTRAINT "FK_GroupUser_OrganizationUser_OrganizationUserId" FOREIGN KEY ("OrganizationUserId") REFERENCES "OrganizationUser" ("Id") ON DELETE CASCADE
);
CREATE INDEX "IX_CollectionUsers_OrganizationUserId" ON "CollectionUsers" ("OrganizationUserId");
CREATE INDEX "IX_GroupUser_OrganizationUserId" ON "GroupUser" ("OrganizationUserId");
CREATE TABLE IF NOT EXISTS "User" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_User" PRIMARY KEY,
    "AccountRevisionDate" TEXT NOT NULL,
    "ApiKey" TEXT NOT NULL,
    "AvatarColor" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "Culture" TEXT NULL,
    "Email" TEXT NOT NULL,
    "EmailVerified" INTEGER NOT NULL,
    "EquivalentDomains" TEXT NULL,
    "ExcludedGlobalEquivalentDomains" TEXT NULL,
    "FailedLoginCount" INTEGER NOT NULL,
    "ForcePasswordReset" INTEGER NOT NULL,
    "Gateway" INTEGER NULL,
    "GatewayCustomerId" TEXT NULL,
    "GatewaySubscriptionId" TEXT NULL,
    "Kdf" INTEGER NOT NULL,
    "KdfIterations" INTEGER NOT NULL,
    "Key" TEXT NULL,
    "LastFailedLoginDate" TEXT NULL,
    "LicenseKey" TEXT NULL,
    "MasterPassword" TEXT NULL,
    "MasterPasswordHint" TEXT NULL,
    "MaxStorageGb" INTEGER NULL,
    "Name" TEXT NULL,
    "Premium" INTEGER NOT NULL,
    "PremiumExpirationDate" TEXT NULL,
    "PrivateKey" TEXT NULL,
    "PublicKey" TEXT NULL,
    "ReferenceData" TEXT NULL,
    "RenewalReminderDate" TEXT NULL,
    "RevisionDate" TEXT NOT NULL,
    "SecurityStamp" TEXT NOT NULL,
    "Storage" INTEGER NULL,
    "TwoFactorProviders" TEXT NULL,
    "TwoFactorRecoveryCode" TEXT NULL,
    "UsesKeyConnector" INTEGER NOT NULL
);
CREATE TABLE IF NOT EXISTS "OrganizationDomain" (
    "Id" TEXT NOT NULL CONSTRAINT "PK_OrganizationDomain" PRIMARY KEY,
    "OrganizationId" TEXT NOT NULL,
    "Txt" TEXT NULL,
    "DomainName" TEXT NULL,
    "CreationDate" TEXT NOT NULL,
    "VerifiedDate" TEXT NULL,
    "NextRunDate" TEXT NOT NULL,
    "LastCheckedDate" TEXT NULL,
    "JobRunCount" INTEGER NOT NULL,
    CONSTRAINT "FK_OrganizationDomain_Organization_OrganizationId" FOREIGN KEY ("OrganizationId") REFERENCES "Organization" ("Id") ON DELETE CASCADE
);
CREATE INDEX "IX_OrganizationDomain_OrganizationId" ON "OrganizationDomain" ("OrganizationId");

[justindbaur]

@tokyovigilante Can you post the results from SELECT * FROM "__EFMigrationsHistory". It appears you are missing the KDFOptions migration but I can't think of why.

[tokyovigilante]

20221212154007_initial|6.0.12
20230106025949_AvatarColor|6.0.12
20230106153919_SecretsManager|6.0.12
20230112125615_ProviderAddProviderTypeBillingPhone|6.0.12
20230113175436_Fix Navigation Properties|6.0.12
20230124132220_KDFOptions|6.0.12
20230201175211_SecretsManagerOrganizationUser|6.0.12
20230201192604_LastUserDates|6.0.12
20230118212950_RemoveDeviceUnknownVerification|6.0.12
20230213133244_SecretsManagerEvent|6.0.12
20230302121757_DomainClaiming|6.0.12

[tokyovigilante]

Hi, any update for this? Is there a manual way to trigger the migration or restore the database? Thanks.

[jcbvm]

I think this issue needs to be reopened. I have the same issue with the latest beta image.

[Mag1cByt3s]

I have the same issue suddenly.

Can someone please reopen this issue ?

[justindbaur]

Hey all, I am reopening this issue, to make sure, you are all getting this error SQLite Error 1: 'no such column: u.KdfMemory' not another issue?

[ghost]

Hey all, I am reopening this issue, to make sure, you are all getting this error SQLite Error 1: 'no such column: u.KdfMemory' not another issue?

Hello, I am facing this issue with the same error. Tried both dev and beta tag.

[gavGaz]

Hey all, I am reopening this issue, to make sure, you are all getting this error SQLite Error 1: 'no such column: u.KdfMemory' not another issue?

This is exactly the same error I am seeing having pulled the latest beta image (as of yesterday). I'm using an Sqllite DB. More than happy to help reproduce or provide logs etc. if useful.

[justindbaur]

@gavGaz Did you pull it brand new or were you upgrading from a different version?

[gavGaz]

@gavGaz Did you pull it brand new or were you upgrading from a different version?

Upgraded from a previous version

[justindbaur]

To give you all an update, I spent a good bit of time trying to recreate this error and I have not been able to. It somehow appears that it's failing to do a migration yet is still marking it as having done that migration in the __EFMigrationsHistory table. For people that really want to try and correct this issue without starting from a fresh install you are free to try and delete that row from the database. DELETE FROM "__EFMigrationsHistory" WHERE "MigrationId" = '20230124132220_KDFOptions'; But I can't warn enough that I have no idea how this will effect your database so please don't do this if this database is your only copy of your data.

My recommendation for all who ran into this issue is to find the location of your .db and delete it. If the Admin project is running it should rerun migrations on a new file and that should work.

For anyone who runs into the issue in the future here is a list of the information that would be helpful, I am not planning on spending much more time on this without this information.

• Which tag you are running (dev/beta)
• SHA Digest history, first build, any updates, and current build
  • This may be hard to get, at the very least give as specific times for when you did these actions
• A SELECT * FROM "__EFMigrationsHistory";
• .schema from SQLite.
• Logs from admin.log by default in /var/log/bitwarden
• Error message

[Mag1cByt3s]

For now I switched to PostgreSQL and had no issues since then. Only downside is that bitwarden is running considerably slower when not using SQLite.

But once these issues get fixed and the SQLite backend gets more stable i am happy to switch back to SQLite.

[gavGaz]

To give you all an update, I spent a good bit of time trying to recreate this error and I have not been able to. It somehow appears that it's failing to do a migration yet is still marking it as having done that migration in the __EFMigrationsHistory table. For people that really want to try and correct this issue without starting from a fresh install you are free to try and delete that row from the database. DELETE FROM "__EFMigrationsHistory" WHERE "MigrationId" = '20230124132220_KDFOptions'; But I can't warn enough that I have no idea how this will effect your database so please don't do this if this database is your only copy of your data.

My recommendation for all who ran into this issue is to find the location of your .db and delete it. If the Admin project is running it should rerun migrations on a new file and that should work.

For anyone who runs into the issue in the future here is a list of the information that would be helpful, I am not planning on spending much more time on this without this information.

• Which tag you are running (dev/beta)

• SHA Digest history, first build, any updates, and current build

  • This may be hard to get, at the very least give as specific times for when you did these actions

• A SELECT * FROM "__EFMigrationsHistory";

• .schema from SQLite.

• Logs from admin.log by default in /var/log/bitwarden

• Error message

Will deleting the .db directory also wipe out any credentials?

I.e. is there a way of recovering from this situation maintaining my credential data?

[justindbaur]

@gavGaz Yes, deleting the .db file, most likely called vault.db, will delete all your credentials. If you would like you can make a copy of that file. Then you can try to do the DELETE FROM "__EFMigrationsHistory" WHERE "MigrationId" = '20230124132220_KDFOptions'; I mentioned but I make no guarantees that it will solve the issue. If that doesn't work you can just delete it and rename the copy back to the original.

The long way of recovering from this situation is making a copy of the database, booting up bitwarden to let it run the migrations and then inserting the data from the original into the new one. You'll have to do this one table at a time but skipping the __EFMigrationsHistory table. Then you should be able to sign in with the same account you had before. But that is not very easy.

[justindbaur]

@Pascal3366 glad PostgreSQL is working okay, I'm curious where you are seeing it be "considerably slower". Is the PostgreSQL database hosted as another container on the same machine? I wouldn't expect them to have any significant difference.

[Mag1cByt3s]

@justindbaur you notice that it is slower when it is loading the vault e.g.

The database is hosted as a container on the same machine.

I tried to put the database into the bitwarden mapped folder first but that would not work because it is mounted through NFS. I had constantly problems with lock files.

So now the database is inside the docker volume.

But yes you can really notice the speed difference between PostgreSQL and SQLite.

[tokyovigilante]

@justindbaur Thanks for your work on this, deleting the 20230124132220_KDFOptions line from the db did not work unfortunately. Acknowledging this is a beta and deleting the entire vault is a reasonable thing to do here, in the future I would like to use this unified version with SQLite (primarily because it works well with podman) and it would be appreciated if the SQLite migrations are robust in future.

[justindbaur]

@Pascal3366 Very interesting, I will keep an eye out, they both use EF so a slower warmup time is expected for both but once queries have been generated and cached I would actually expect Postgres to out perform, the SQLite provider doesn't have quite as many features so we have to do larger queries sometimes and filter the rest of the data in the code, outside of the query. But it's also possible the C# -> SQLite driver is more optimized then the C# -> Postgres one, and if that is the case we can't do to much.

@tokyovigilante Thank you for understanding, I am working on a couple different fronts to ensure that these new databases are well tested so they can be more robust. I'm working on this PR (#2471) that adds automatic repository layer testing. In response to this issue specifically I will work on something to automatically test the upgrade path by running the tests on the base and then upgrading to head on a PR and rerunning the tests.

[juliokele]

Quick and dirty solution to add the missing columns in the User table (use carefully!)

on docker host:

• get bitwarden CONTAINER ID
  docker ps

• bash into the bitwarden container
  docker exec -it <CONTAINER ID from previous command> bash
  for example:
  docker exec -it 123456ABCDE bash

in docker container:

• update app repository and install sqlite3
  apt update && apt install sqlite3 -y

• cd to /etc/bitwarden
  cd /etc/bitwarden

• backup vault.db
  cp vault.db vault.db.orig

• add missing columns to the vault.db User table
  sqlite3 vault.db
ALTER TABLE User ADD KdfMemory INTEGER NULL;
ALTER TABLE User ADD KdfParallelism INTEGER NULL;
ALTER TABLE User ADD LastEmailChangeDate TEXT NULL;
ALTER TABLE User ADD LastKdfChangeDate TEXT NULL;
ALTER TABLE User ADD LastKeyRotationDate TEXT NULL;
ALTER TABLE User ADD LastPasswordChangeDate TEXT NULL;
.exit

• uninstall sqlite3
  apt purge sqlite3 -y

[justindbaur]

Quick and dirty solution to add the missing columns in the User table (use carefully!)

You should be able to skip a few steps because /etc/bitwarden should be a mounted volume. So you just need sqlite3 on your computer (and many might already) and can connect connect to it from there. But for those that want to try this, go for it.

[tokyovigilante]

@juliokele Thanks, results below but just running this against my vault.db got my installation working again, and subsequent upgrade/pull to 2023.3.0 worked well, thanks!

SQLite version 3.40.0 2022-11-16 12:10:08
Enter ".help" for usage hints.
sqlite> ALTER TABLE User ADD KdfMemory INTEGER NULL;
Parse error: duplicate column name: KdfMemory
sqlite> ALTER TABLE User ADD KdfParallelism INTEGER NULL;
Parse error: duplicate column name: KdfParallelism
sqlite> ALTER TABLE User ADD LastEmailChangeDate TEXT NULL;
sqlite> ALTER TABLE User ADD LastKdfChangeDate TEXT NULL;
sqlite> ALTER TABLE User ADD LastKeyRotationDate TEXT NULL;
sqlite> ALTER TABLE User ADD LastPasswordChangeDate TEXT NULL;
sqlite> .exit

@justindbaur That's great, sounds good thank you.