From 29a079521974027d12d6f504f37dcb42cc6a03d9 Mon Sep 17 00:00:00 2001 From: Jeremy Lin Date: Tue, 18 Feb 2020 21:27:00 -0800 Subject: [PATCH 01/27] Add backend support for alternate base dir (subdir/subpath) hosting To use this, include a path in the `DOMAIN` URL, e.g.: * `DOMAIN=https://example.com/custom-path` * `DOMAIN=https://example.com/multiple/levels/are/ok` --- src/api/admin.rs | 12 +++++++---- src/api/core/mod.rs | 2 +- src/api/web.rs | 14 +++++++++++-- src/auth.rs | 10 ++++----- src/config.rs | 21 +++++++++++++++++++ src/main.rs | 18 +++++++++------- src/static/templates/admin/base.hbs | 16 +++++++------- src/static/templates/admin/page.hbs | 18 ++++++++-------- .../templates/email/invite_accepted.hbs | 2 +- .../templates/email/invite_accepted.html.hbs | 2 +- .../templates/email/invite_confirmed.hbs | 2 +- .../templates/email/invite_confirmed.html.hbs | 2 +- .../templates/email/new_device_logged_in.hbs | 2 +- .../email/new_device_logged_in.html.hbs | 2 +- src/static/templates/email/pw_hint_some.hbs | 2 +- .../templates/email/pw_hint_some.html.hbs | 2 +- src/static/templates/email/welcome.hbs | 2 +- src/static/templates/email/welcome.html.hbs | 2 +- .../templates/email/welcome_must_verify.hbs | 2 +- .../email/welcome_must_verify.html.hbs | 2 +- src/util.rs | 13 ++++++++---- 21 files changed, 95 insertions(+), 53 deletions(-) diff --git a/src/api/admin.rs b/src/api/admin.rs index c4fad11..b0c40b0 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -52,6 +52,10 @@ const ADMIN_PATH: &str = "/admin"; const BASE_TEMPLATE: &str = "admin/base"; const VERSION: Option<&str> = option_env!("GIT_VERSION"); +fn admin_path() -> String { + format!("{}{}", CONFIG.domain_path(), ADMIN_PATH) +} + #[get("/", rank = 2)] fn admin_login(flash: Option) -> ApiResult> { // If there is an error, show it @@ -76,7 +80,7 @@ fn post_admin_login(data: Form, mut cookies: Cookies, ip: ClientIp) - if !_validate_token(&data.token) { error!("Invalid admin token. IP: {}", ip.ip); Err(Flash::error( - Redirect::to(ADMIN_PATH), + Redirect::to(admin_path()), "Invalid admin token, please try again.", )) } else { @@ -85,14 +89,14 @@ fn post_admin_login(data: Form, mut cookies: Cookies, ip: ClientIp) - let jwt = encode_jwt(&claims); let cookie = Cookie::build(COOKIE_NAME, jwt) - .path(ADMIN_PATH) + .path(admin_path()) .max_age(chrono::Duration::minutes(20)) .same_site(SameSite::Strict) .http_only(true) .finish(); cookies.add(cookie); - Ok(Redirect::to(ADMIN_PATH)) + Ok(Redirect::to(admin_path())) } } @@ -167,7 +171,7 @@ fn invite_user(data: Json, _token: AdminToken, conn: DbConn) -> Empt #[get("/logout")] fn logout(mut cookies: Cookies) -> Result { cookies.remove(Cookie::named(COOKIE_NAME)); - Ok(Redirect::to(ADMIN_PATH)) + Ok(Redirect::to(admin_path())) } #[get("/users")] diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index 55ed66d..550733c 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -172,7 +172,7 @@ fn hibp_breach(username: String) -> JsonResult { "BreachDate": "2019-08-18T00:00:00Z", "AddedDate": "2019-08-18T00:00:00Z", "Description": format!("Go to: https://haveibeenpwned.com/account/{account} for a manual check.

HaveIBeenPwned API key not set!
Go to https://haveibeenpwned.com/API/Key to purchase an API key from HaveIBeenPwned.

", account=username), - "LogoPath": "/bwrs_static/hibp.png", + "LogoPath": "bwrs_static/hibp.png", "PwnCount": 0, "DataClasses": [ "Error - No API key set!" diff --git a/src/api/web.rs b/src/api/web.rs index 408e38e..7f47ae7 100644 --- a/src/api/web.rs +++ b/src/api/web.rs @@ -37,7 +37,17 @@ fn app_id() -> Cached>> { { "version": { "major": 1, "minor": 0 }, "ids": [ - &CONFIG.domain(), + // Per : + // + // "In the Web case, the FacetID MUST be the Web Origin [RFC6454] + // of the web page triggering the FIDO operation, written as + // a URI with an empty path. Default ports are omitted and any + // path component is ignored." + // + // This leaves it unclear as to whether the path must be empty, + // or whether it can be non-empty and will be ignored. To be on + // the safe side, use a proper web origin (with empty path). + &CONFIG.domain_origin(), "ios:bundle-id:com.8bit.bitwarden", "android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI" ] }] @@ -75,6 +85,6 @@ fn static_files(filename: String) -> Result, Error> { "bootstrap-native-v4.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native-v4.js"))), "md5.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/md5.js"))), "identicon.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))), - _ => err!("Image not found"), + _ => err!(format!("Static file not found: {}", filename)), } } diff --git a/src/auth.rs b/src/auth.rs index 2820498..cbcdb47 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -16,11 +16,11 @@ const JWT_ALGORITHM: Algorithm = Algorithm::RS256; lazy_static! { pub static ref DEFAULT_VALIDITY: Duration = Duration::hours(2); static ref JWT_HEADER: Header = Header::new(JWT_ALGORITHM); - pub static ref JWT_LOGIN_ISSUER: String = format!("{}|login", CONFIG.domain()); - pub static ref JWT_INVITE_ISSUER: String = format!("{}|invite", CONFIG.domain()); - pub static ref JWT_DELETE_ISSUER: String = format!("{}|delete", CONFIG.domain()); - pub static ref JWT_VERIFYEMAIL_ISSUER: String = format!("{}|verifyemail", CONFIG.domain()); - pub static ref JWT_ADMIN_ISSUER: String = format!("{}|admin", CONFIG.domain()); + pub static ref JWT_LOGIN_ISSUER: String = format!("{}|login", CONFIG.domain_origin()); + pub static ref JWT_INVITE_ISSUER: String = format!("{}|invite", CONFIG.domain_origin()); + pub static ref JWT_DELETE_ISSUER: String = format!("{}|delete", CONFIG.domain_origin()); + pub static ref JWT_VERIFYEMAIL_ISSUER: String = format!("{}|verifyemail", CONFIG.domain_origin()); + pub static ref JWT_ADMIN_ISSUER: String = format!("{}|admin", CONFIG.domain_origin()); static ref PRIVATE_RSA_KEY: Vec = match read_file(&CONFIG.private_rsa_key()) { Ok(key) => key, Err(e) => panic!("Error loading private RSA Key.\n Error: {}", e), diff --git a/src/config.rs b/src/config.rs index 2c53a34..a8e440b 100644 --- a/src/config.rs +++ b/src/config.rs @@ -1,6 +1,8 @@ use std::process::exit; use std::sync::RwLock; +use reqwest::Url; + use crate::error::Error; use crate::util::{get_env, get_env_bool}; @@ -240,6 +242,10 @@ make_config! { domain: String, true, def, "http://localhost".to_string(); /// Domain Set |> Indicates if the domain is set by the admin. Otherwise the default will be used. domain_set: bool, false, def, false; + /// Domain origin |> Domain URL origin (in https://example.com:8443/path, https://example.com:8443 is the origin) + domain_origin: String, false, auto, |c| extract_url_origin(&c.domain); + /// Domain path |> Domain URL path (in https://example.com:8443/path, /path is the path) + domain_path: String, false, auto, |c| extract_url_path(&c.domain); /// Enable web vault web_vault_enabled: bool, false, def, true; @@ -457,6 +463,21 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { Ok(()) } +/// Extracts an RFC 6454 web origin from a URL. +fn extract_url_origin(url: &str) -> String { + let url = Url::parse(url).expect("valid URL"); + + url.origin().ascii_serialization() +} + +/// Extracts the path from a URL. +/// All trailing '/' chars are trimmed, even if the path is a lone '/'. +fn extract_url_path(url: &str) -> String { + let url = Url::parse(url).expect("valid URL"); + + url.path().trim_end_matches('/').to_string() +} + impl Config { pub fn load() -> Result { // Loading from env and file diff --git a/src/main.rs b/src/main.rs index 7c9d026..3c12063 100644 --- a/src/main.rs +++ b/src/main.rs @@ -255,18 +255,20 @@ mod migrations { } fn launch_rocket(extra_debug: bool) { - // Create Rocket object, this stores current log level and sets it's own + // Create Rocket object, this stores current log level and sets its own let rocket = rocket::ignite(); - // If addding more base paths here, consider also adding them to + let basepath = &CONFIG.domain_path(); + + // If adding more paths here, consider also adding them to // crate::utils::LOGGED_ROUTES to make sure they appear in the log let rocket = rocket - .mount("/", api::web_routes()) - .mount("/api", api::core_routes()) - .mount("/admin", api::admin_routes()) - .mount("/identity", api::identity_routes()) - .mount("/icons", api::icons_routes()) - .mount("/notifications", api::notifications_routes()) + .mount(&[basepath, "/"].concat(), api::web_routes()) + .mount(&[basepath, "/api"].concat(), api::core_routes()) + .mount(&[basepath, "/admin"].concat(), api::admin_routes()) + .mount(&[basepath, "/identity"].concat(), api::identity_routes()) + .mount(&[basepath, "/icons"].concat(), api::icons_routes()) + .mount(&[basepath, "/notifications"].concat(), api::notifications_routes()) .manage(db::init_pool()) .manage(api::start_notification_server()) .attach(util::AppHeaders()) diff --git a/src/static/templates/admin/base.hbs b/src/static/templates/admin/base.hbs index f61ae6a..9222a19 100644 --- a/src/static/templates/admin/base.hbs +++ b/src/static/templates/admin/base.hbs @@ -6,10 +6,10 @@ Bitwarden_rs Admin Panel - - - - + + + + + + + + + + + +
+ + + + +
+ + + + +
+ + + + + + + +
+ This is a test email to verify the SMTP configuration for {{url}}. +
+ When you can read this email it is probably configured correctly. +
+
+ + + + + +
+
+ + From 5a974c7b944a66adf72d4615004b894ba16ea6bd Mon Sep 17 00:00:00 2001 From: BlackDex Date: Wed, 26 Feb 2020 11:02:22 +0100 Subject: [PATCH 07/27] Added SMTP test button in the admin gui - Added a test button for checking the e-mail settings. - Fixed a bug with the _post JavaScript function: A function was overwriten with a variable and errors were not handled correctly like a 500 for example. --- src/api/admin.rs | 13 ++ src/config.rs | 1 + src/mail.rs | 11 ++ src/static/templates/admin/page.hbs | 47 +++++-- src/static/templates/email/smtp_test.hbs | 8 ++ src/static/templates/email/smtp_test.html.hbs | 129 ++++++++++++++++++ 6 files changed, 201 insertions(+), 8 deletions(-) create mode 100644 src/static/templates/email/smtp_test.hbs create mode 100644 src/static/templates/email/smtp_test.html.hbs diff --git a/src/api/admin.rs b/src/api/admin.rs index 937783f..03e6270 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -34,6 +34,7 @@ pub fn routes() -> Vec { post_config, delete_config, backup_db, + test_smtp, ] } @@ -170,6 +171,18 @@ fn invite_user(data: Json, _token: AdminToken, conn: DbConn) -> Empt } } +#[post("/test/smtp", data = "")] +fn test_smtp(data: Json, _token: AdminToken) -> EmptyResult { + let data: InviteData = data.into_inner(); + let email = data.email.clone(); + + if CONFIG.mail_enabled() { + mail::send_test(&email) + } else { + err!("Mail is not enabled") + } +} + #[get("/logout")] fn logout(mut cookies: Cookies) -> Result { cookies.remove(Cookie::named(COOKIE_NAME)); diff --git a/src/config.rs b/src/config.rs index 11f63aa..12e04d6 100644 --- a/src/config.rs +++ b/src/config.rs @@ -668,6 +668,7 @@ where reg!("email/verify_email", ".html"); reg!("email/welcome", ".html"); reg!("email/welcome_must_verify", ".html"); + reg!("email/smtp_test", ".html"); reg!("admin/base"); reg!("admin/login"); diff --git a/src/mail.rs b/src/mail.rs index 6e49f8f..77eb2ac 100644 --- a/src/mail.rs +++ b/src/mail.rs @@ -258,6 +258,17 @@ pub fn send_change_email(address: &str, token: &str) -> EmptyResult { send_email(&address, &subject, &body_html, &body_text) } +pub fn send_test(address: &str) -> EmptyResult { + let (subject, body_html, body_text) = get_text( + "email/smtp_test", + json!({ + "url": CONFIG.domain(), + }), + )?; + + send_email(&address, &subject, &body_html, &body_text) +} + fn send_email(address: &str, subject: &str, body_html: &str, body_text: &str) -> EmptyResult { let address_split: Vec<&str> = address.rsplitn(2, '@').collect(); if address_split.len() != 2 { diff --git a/src/static/templates/admin/page.hbs b/src/static/templates/admin/page.hbs index fd26ce1..31c4586 100644 --- a/src/static/templates/admin/page.hbs +++ b/src/static/templates/admin/page.hbs @@ -71,6 +71,17 @@ them to avoid confusion. This does not apply to the read-only section, which can only be set through the environment. + +
+
SMTP Test
+ Email: + +
+ + +
+
+
{{#each config}} {{#if groupdoc}} @@ -213,13 +224,24 @@ mode: "same-origin", credentials: "same-origin", headers: { "Content-Type": "application/json" } - }).then(e => { - if (e.ok) { return msg(successMsg); } - e.json().then(json => { - const msg = json ? json.ErrorModel.Message : "Unknown error"; - msg(errMsg + ": " + msg); - }); - }).catch(e => { msg(errMsg + ": Unknown error") }); + }).then( resp => { + if (resp.ok) { msg(successMsg); return Promise.reject({error: false}); } + respStatus = resp.status; + respStatusText = resp.statusText; + return resp.text(); + }).then( respText => { + try { + const respJson = JSON.parse(respText); + return respJson ? respJson.ErrorModel.Message : "Unknown error"; + } catch (e) { + return Promise.reject({body:respStatus + ' - ' + respStatusText, error: true}); + } + }).then( apiMsg => { + msg(errMsg + "\n" + apiMsg); + }).catch( e => { + if (e.error === false) { return true; } + else { msg(errMsg + "\n" + e.body); } + }); } function deleteUser(id, mail) { var input_mail = prompt("To delete user '" + mail + "', please type the email below") @@ -260,6 +282,15 @@ "Error inviting user", data); return false; } + function smtpTest() { + inv = document.getElementById("smtp-test-email"); + data = JSON.stringify({ "email": inv.value }); + inv.value = ""; + _post("/admin/test/smtp/", + "SMTP Test email sent correctly", + "Error sending SMTP test email", data); + return false; + } function getFormData() { let data = {}; @@ -331,7 +362,7 @@ e.title = orgtype.name; }); - // These are formatted because otherwise the + // These are formatted because otherwise the // VSCode formatter breaks But they still work // {{#each config}} {{#if grouptoggle}} masterCheck("input_{{grouptoggle}}", "#g_{{group}} input"); diff --git a/src/static/templates/email/smtp_test.hbs b/src/static/templates/email/smtp_test.hbs new file mode 100644 index 0000000..9d16d22 --- /dev/null +++ b/src/static/templates/email/smtp_test.hbs @@ -0,0 +1,8 @@ +Bitwarden_rs SMTP Test + + +

+This is a test email to verify the SMTP configuration for {{url}}. +

+

When you can read this email it is probably configured correctly.

+ diff --git a/src/static/templates/email/smtp_test.html.hbs b/src/static/templates/email/smtp_test.html.hbs new file mode 100644 index 0000000..154bda0 --- /dev/null +++ b/src/static/templates/email/smtp_test.html.hbs @@ -0,0 +1,129 @@ +Bitwarden_rs SMTP Test + + + + + + Bitwarden_rs + + + + + + + + + + +
+ + + + +
+ + + + +
+ + + + + + + +
+ This is a test email to verify the SMTP configuration for {{url}}. +
+ When you can read this email it is probably configured correctly. +
+
+ + + + + +
+
+ + From 97fb7b5b96b66ee1b476cb9f74c8be0742c57c50 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Wed, 26 Feb 2020 16:58:57 +0100 Subject: [PATCH 08/27] Added urlpath to smtpTest function --- src/static/templates/admin/page.hbs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/static/templates/admin/page.hbs b/src/static/templates/admin/page.hbs index 31c4586..f326397 100644 --- a/src/static/templates/admin/page.hbs +++ b/src/static/templates/admin/page.hbs @@ -286,7 +286,7 @@ inv = document.getElementById("smtp-test-email"); data = JSON.stringify({ "email": inv.value }); inv.value = ""; - _post("/admin/test/smtp/", + _post("{{urlpath}}/admin/test/smtp/", "SMTP Test email sent correctly", "Error sending SMTP test email", data); return false; From edfdda86aeb05dd487b8ca72b8a7f389de48e13f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Sun, 1 Mar 2020 02:38:26 +0100 Subject: [PATCH 09/27] Use web vault built by docker autobuild, using the hash to reference the image for extra security --- docker/Dockerfile.j2 | 50 +++++++++-------------- docker/aarch64/mysql/Dockerfile | 24 +++++------ docker/aarch64/sqlite/Dockerfile | 24 +++++------ docker/amd64/mysql/Dockerfile | 24 +++++------ docker/amd64/mysql/Dockerfile.alpine | 23 +++++------ docker/amd64/postgresql/Dockerfile | 24 +++++------ docker/amd64/postgresql/Dockerfile.alpine | 23 +++++------ docker/amd64/sqlite/Dockerfile | 24 +++++------ docker/amd64/sqlite/Dockerfile.alpine | 23 +++++------ docker/armv6/mysql/Dockerfile | 24 +++++------ docker/armv6/sqlite/Dockerfile | 24 +++++------ docker/armv7/mysql/Dockerfile | 24 +++++------ docker/armv7/sqlite/Dockerfile | 24 +++++------ 13 files changed, 139 insertions(+), 196 deletions(-) diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index cdf83ee..ad1e425 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -1,16 +1,10 @@ -{{ "# This file was generated using a Jinja2 template." }} -{{ "# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's." }} +# This file was generated using a Jinja2 template. +# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. -# Using multistage build: -# https://docs.docker.com/develop/develop-images/multistage-build/ -# https://whitfin.io/speeding-up-rust-docker-builds/ -####################### VAULT BUILD IMAGE ####################### {% set build_stage_base_image = "rust:1.40" %} -{% set vault_stage_base_image = build_stage_base_image %} {% if "alpine" in target_file %} {% set build_stage_base_image = "clux/muslrust:nightly-2019-12-19" %} {% set runtime_stage_base_image = "alpine:3.11" %} -{% set vault_stage_base_image = runtime_stage_base_image %} {% set package_arch_name = "" %} {% elif "amd64" in target_file %} {% set runtime_stage_base_image = "debian:buster-slim" %} @@ -29,29 +23,23 @@ {% if package_arch_name == "" %} {% set package_arch_prefix = "" %} {% endif %} -FROM {{ vault_stage_base_image }} as vault - -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -{% if "alpine" in vault_stage_base_image %} -RUN apk add --no-cache --upgrade curl tar -{% else %} -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color -{% endif %} - -WORKDIR / - -{% if "alpine" in vault_stage_base_image %} -SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] -{% else %} -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] -{% endif %} - -RUN curl -L $URL | tar xz -RUN ls +# Using multistage build: +# https://docs.docker.com/develop/develop-images/multistage-build/ +# https://whitfin.io/speeding-up-rust-docker-builds/ +####################### VAULT BUILD IMAGE ####################### +{% set vault_image_hash = "sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c" %} +{% raw %} +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +{% endraw %} +FROM bitwardenrs/web-vault@{{ vault_image_hash }} as vault ########################## BUILD IMAGE ########################## {% if "musl" in build_stage_base_image %} diff --git a/docker/aarch64/mysql/Dockerfile b/docker/aarch64/mysql/Dockerfile index 14a0cbf..9e2812e 100644 --- a/docker/aarch64/mysql/Dockerfile +++ b/docker/aarch64/mysql/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/aarch64/sqlite/Dockerfile b/docker/aarch64/sqlite/Dockerfile index 0c2e7db..f130fac 100644 --- a/docker/aarch64/sqlite/Dockerfile +++ b/docker/aarch64/sqlite/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/amd64/mysql/Dockerfile b/docker/amd64/mysql/Dockerfile index 6e12db2..7f47c47 100644 --- a/docker/amd64/mysql/Dockerfile +++ b/docker/amd64/mysql/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/amd64/mysql/Dockerfile.alpine b/docker/amd64/mysql/Dockerfile.alpine index 9bc6a51..c3fff71 100644 --- a/docker/amd64/mysql/Dockerfile.alpine +++ b/docker/amd64/mysql/Dockerfile.alpine @@ -5,20 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM alpine:3.11 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -RUN apk add --no-cache --upgrade curl tar - -WORKDIR / - -SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # Musl build image for statically compiled binary diff --git a/docker/amd64/postgresql/Dockerfile b/docker/amd64/postgresql/Dockerfile index 8428de9..8cfa390 100644 --- a/docker/amd64/postgresql/Dockerfile +++ b/docker/amd64/postgresql/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/amd64/postgresql/Dockerfile.alpine b/docker/amd64/postgresql/Dockerfile.alpine index 12f2e52..c9574c5 100644 --- a/docker/amd64/postgresql/Dockerfile.alpine +++ b/docker/amd64/postgresql/Dockerfile.alpine @@ -5,20 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM alpine:3.11 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -RUN apk add --no-cache --upgrade curl tar - -WORKDIR / - -SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # Musl build image for statically compiled binary diff --git a/docker/amd64/sqlite/Dockerfile b/docker/amd64/sqlite/Dockerfile index e120c18..af2e792 100644 --- a/docker/amd64/sqlite/Dockerfile +++ b/docker/amd64/sqlite/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/amd64/sqlite/Dockerfile.alpine b/docker/amd64/sqlite/Dockerfile.alpine index 8cd9251..881b2e5 100644 --- a/docker/amd64/sqlite/Dockerfile.alpine +++ b/docker/amd64/sqlite/Dockerfile.alpine @@ -5,20 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM alpine:3.11 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -RUN apk add --no-cache --upgrade curl tar - -WORKDIR / - -SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # Musl build image for statically compiled binary diff --git a/docker/armv6/mysql/Dockerfile b/docker/armv6/mysql/Dockerfile index d55e12b..5f81576 100644 --- a/docker/armv6/mysql/Dockerfile +++ b/docker/armv6/mysql/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/armv6/sqlite/Dockerfile b/docker/armv6/sqlite/Dockerfile index ee6b590..3756090 100644 --- a/docker/armv6/sqlite/Dockerfile +++ b/docker/armv6/sqlite/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/armv7/mysql/Dockerfile b/docker/armv7/mysql/Dockerfile index c486595..c1183cc 100644 --- a/docker/armv7/mysql/Dockerfile +++ b/docker/armv7/mysql/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because diff --git a/docker/armv7/sqlite/Dockerfile b/docker/armv7/sqlite/Dockerfile index 7cce852..cfd1dc7 100644 --- a/docker/armv7/sqlite/Dockerfile +++ b/docker/armv7/sqlite/Dockerfile @@ -5,21 +5,17 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -FROM rust:1.40 as vault -ENV VAULT_VERSION "v2.12.0d" - -ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz" - -# Build time options to avoid dpkg warnings and help with reproducible builds. -ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color - -WORKDIR / - -SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"] - -RUN curl -L $URL | tar xz -RUN ls +# This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. +# It can be viewed in multiple ways: +# - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. +# - From the console, with the following commands: +# docker pull bitwardenrs/web-vault:v2.12.0e +# docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.12.0e +# +# - To do the opposite, and get the tag from the hash, you can do: +# docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c +FROM bitwardenrs/web-vault@sha256:ce56b3f5e538351411785ac45e9b4b913259c3508b1323d62e8fa0f30717dd1c as vault ########################## BUILD IMAGE ########################## # We need to use the Rust build image, because From f1d3b03c605486fc45794aa9030aef648a2c86b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Mon, 2 Mar 2020 19:37:49 +0100 Subject: [PATCH 10/27] Update README.md --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index cdcb384..01f62c9 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Image is based on [Rust implementation of Bitwarden API](https://github.com/dani **This project is not associated with the [Bitwarden](https://bitwarden.com/) project nor 8bit Solutions LLC.** -#### ⚠️**IMPORTANT**⚠️: When using this server, please report any Bitwarden related bug-reports or suggestions [here](https://github.com/dani-garcia/bitwarden_rs/issues/new), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels. +#### ⚠️**IMPORTANT**⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels. --- @@ -21,14 +21,14 @@ Image is based on [Rust implementation of Bitwarden API](https://github.com/dani Basically full implementation of Bitwarden API is provided including: - * Basic single user functionality + * Single user functionality * Organizations support * Attachments * Vault API support * Serving the static files for Vault interface * Website icons API * Authenticator and U2F support - * YubiKey OTP + * YubiKey and Duo support ## Installation Pull the docker image and mount a volume from the host for persistent storage: @@ -49,13 +49,13 @@ If you have an available domain name, you can get HTTPS certificates with [Let's See the [bitwarden_rs wiki](https://github.com/dani-garcia/bitwarden_rs/wiki) for more information on how to configure and run the bitwarden_rs server. ## Get in touch +To ask a question, offer suggestions or new features or to get help configuring or installing the software, please [use the forum](https://bitwardenrs.discourse.group/). -To ask a question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine. Please also report any bugs spotted here. +If you spot any bugs or crashes with bitwarden_rs itself, please [create an issue](https://github.com/dani-garcia/bitwarden_rs/issues/). Make sure there aren't any similar issues open, though! If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/#bitwarden_rs:matrix.org) room on Matrix. Feel free to join us! ### Sponsors Thanks for your contribution to the project! -- [@Skaronator](https://github.com/Skaronator) - [@ChonoN](https://github.com/ChonoN) From e41e7c07dbf58c68c894987d12b5263bd3e30ce0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Mon, 2 Mar 2020 19:58:36 +0100 Subject: [PATCH 11/27] Update issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 42 +++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 11 +++++ .../help-with-installation-configuration.md | 11 +++++ .../help-with-proxy-database-nas-setup.md | 11 +++++ 4 files changed, 75 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/ISSUE_TEMPLATE/help-with-installation-configuration.md create mode 100644 .github/ISSUE_TEMPLATE/help-with-proxy-database-nas-setup.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..758853c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,42 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + + + +### Subject of the issue + + +### Your environment + +* Bitwarden_rs version: + +* Install method: +* Clients used: +* Reverse proxy and version: +* Version of mysql/postgresql: +* Other relevant information: + +### Steps to reproduce + + +### Expected behaviour + + +### Actual behaviour + + +### Relevant logs + diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..7f9a43b --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,11 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: better for forum +assignees: '' + +--- + +# Please submit all your feature requests to the forum +Link: https://bitwardenrs.discourse.group/c/feature-requests diff --git a/.github/ISSUE_TEMPLATE/help-with-installation-configuration.md b/.github/ISSUE_TEMPLATE/help-with-installation-configuration.md new file mode 100644 index 0000000..9bc269d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/help-with-installation-configuration.md @@ -0,0 +1,11 @@ +--- +name: Help with installation/configuration +about: Any questions about the setup of bitwarden_rs +title: '' +labels: better for forum +assignees: '' + +--- + +# Please submit all your third party help requests to the forum +Link: https://bitwardenrs.discourse.group/c/help diff --git a/.github/ISSUE_TEMPLATE/help-with-proxy-database-nas-setup.md b/.github/ISSUE_TEMPLATE/help-with-proxy-database-nas-setup.md new file mode 100644 index 0000000..2235ca1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/help-with-proxy-database-nas-setup.md @@ -0,0 +1,11 @@ +--- +name: Help with proxy/database/NAS setup +about: Any questions about third party software +title: '' +labels: better for forum +assignees: '' + +--- + +# Please submit all your third party help requests to the forum +Link: https://bitwardenrs.discourse.group/c/third-party-help From 536672ac1b901fc649639db46f7e2c6b3ef7e7e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Mon, 2 Mar 2020 19:58:53 +0100 Subject: [PATCH 12/27] Delete ISSUE_TEMPLATE.md --- .github/ISSUE_TEMPLATE.md | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md deleted file mode 100644 index 7aaabd7..0000000 --- a/.github/ISSUE_TEMPLATE.md +++ /dev/null @@ -1,33 +0,0 @@ - - -### Subject of the issue - - -### Your environment - -* Bitwarden_rs version: - -* Install method: -* Clients used: -* Reverse proxy and version: -* Version of mysql/postgresql: -* Other relevant information: - -### Steps to reproduce - - -### Expected behaviour - - -### Actual behaviour - - -### Relevant logs - From cc404b4edc392fc141c941da10e411d8e98a817e Mon Sep 17 00:00:00 2001 From: zethra Date: Mon, 2 Mar 2020 14:57:06 -0500 Subject: [PATCH 13/27] Added command line flags for help and version Signed-off-by: zethra --- Cargo.lock | 128 ++++++++++++++++++++++++++++++++++++++++++++++++++++ Cargo.toml | 5 +- src/main.rs | 27 ++++++++++- 3 files changed, 158 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d978da9..232f724 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -15,6 +15,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "ansi_term" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b" +dependencies = [ + "winapi 0.3.8", +] + [[package]] name = "arrayvec" version = "0.4.12" @@ -144,6 +153,7 @@ dependencies = [ "serde_derive", "serde_json", "soup", + "structopt", "syslog", "u2f", "uuid 0.8.1", @@ -259,6 +269,21 @@ dependencies = [ "time 0.1.42", ] +[[package]] +name = "clap" +version = "2.33.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9" +dependencies = [ + "ansi_term", + "atty", + "bitflags", + "strsim", + "textwrap", + "unicode-width", + "vec_map", +] + [[package]] name = "cloudabi" version = "0.0.3" @@ -868,6 +893,15 @@ dependencies = [ "walkdir", ] +[[package]] +name = "heck" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "20564e78d53d2bb135c343b3f47714a56af2061f1c928fdb541dc7b9fdd94205" +dependencies = [ + "unicode-segmentation", +] + [[package]] name = "hermit-abi" version = "0.1.6" @@ -1797,6 +1831,32 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" +[[package]] +name = "proc-macro-error" +version = "0.4.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7959c6467d962050d639361f7703b2051c43036d03493c36f01d440fdd3138a" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2 1.0.8", + "quote 1.0.2", + "syn 1.0.14", + "version_check 0.9.1", +] + +[[package]] +name = "proc-macro-error-attr" +version = "0.4.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4002d9f55991d5e019fb940a90e1a95eb80c24e77cb2462dd4dc869604d543a" +dependencies = [ + "proc-macro2 1.0.8", + "quote 1.0.2", + "syn 1.0.14", + "syn-mid", + "version_check 0.9.1", +] + [[package]] name = "proc-macro-hack" version = "0.5.11" @@ -2554,6 +2614,36 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b1884d1bc09741d466d9b14e6d37ac89d6909cbcac41dd9ae982d4d063bbedfc" +[[package]] +name = "strsim" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" + +[[package]] +name = "structopt" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fe43617218c0805c6eb37160119dc3c548110a67786da7218d1c6555212f073" +dependencies = [ + "clap", + "lazy_static", + "structopt-derive", +] + +[[package]] +name = "structopt-derive" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6e79c80e0f4efd86ca960218d4e056249be189ff1c42824dcd9a7f51a56f0bd" +dependencies = [ + "heck", + "proc-macro-error", + "proc-macro2 1.0.8", + "quote 1.0.2", + "syn 1.0.14", +] + [[package]] name = "subtle" version = "1.0.0" @@ -2599,6 +2689,17 @@ dependencies = [ "unicode-xid 0.2.0", ] +[[package]] +name = "syn-mid" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7be3539f6c128a931cf19dcee741c1af532c7fd387baa739c03dd2e96479338a" +dependencies = [ + "proc-macro2 1.0.8", + "quote 1.0.2", + "syn 1.0.14", +] + [[package]] name = "synstructure" version = "0.12.3" @@ -2648,6 +2749,15 @@ dependencies = [ "utf-8", ] +[[package]] +name = "textwrap" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" +dependencies = [ + "unicode-width", +] + [[package]] name = "thread_local" version = "1.0.1" @@ -2952,6 +3062,18 @@ dependencies = [ "smallvec 1.2.0", ] +[[package]] +name = "unicode-segmentation" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0" + +[[package]] +name = "unicode-width" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479" + [[package]] name = "unicode-xid" version = "0.1.0" @@ -3022,6 +3144,12 @@ version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3fc439f2794e98976c88a2a2dafce96b930fe8010b0a256b3c2199a773933168" +[[package]] +name = "vec_map" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05c78687fb1a80548ae3250346c3db86a80a7cdd77bda190189f2d0a0987c81a" + [[package]] name = "version_check" version = "0.1.5" diff --git a/Cargo.toml b/Cargo.toml index 330250e..7cfe970 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -53,7 +53,7 @@ fern = { version = "0.5.9", features = ["syslog-4"] } diesel = { version = "1.4.3", features = [ "chrono", "r2d2"] } diesel_migrations = "1.4.0" -# Bundled SQLite +# Bundled SQLite libsqlite3-sys = { version = "0.16.0", features = ["bundled"], optional = true } # Crypto library @@ -114,6 +114,9 @@ percent-encoding = "2.1.0" # Punycode conversion idna = "0.2.0" +# CLI argument parsing +structopt = "0.3.11" + [patch.crates-io] # Use newest ring rocket = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13' } diff --git a/src/main.rs b/src/main.rs index 3c12063..5274795 100644 --- a/src/main.rs +++ b/src/main.rs @@ -42,7 +42,18 @@ mod util; pub use config::CONFIG; pub use error::{Error, MapResult}; +use structopt::StructOpt; + +#[derive(Debug, StructOpt)] +#[structopt(name = "bitwarden_rs", about = "A Bitwarden API server written in Rust")] +struct Opt { + /// Prints the app version + #[structopt(short, long)] + version: bool, +} + fn main() { + parse_args(); launch_info(); use log::LevelFilter as LF; @@ -64,6 +75,18 @@ fn main() { launch_rocket(extra_debug); } +fn parse_args() { + let opt = Opt::from_args(); + if opt.version { + if let Some(version) = option_env!("GIT_VERSION") { + println!("bitwarden_rs {}", version); + } else { + println!("bitwarden_rs (Version info from Git not present)"); + } + exit(0); + } +} + fn launch_info() { println!("/--------------------------------------------------------------------\\"); println!("| Starting Bitwarden_RS |"); @@ -177,7 +200,9 @@ fn check_rsa_keys() { info!("JWT keys don't exist, checking if OpenSSL is available..."); Command::new("openssl").arg("version").status().unwrap_or_else(|_| { - info!("Can't create keys because OpenSSL is not available, make sure it's installed and available on the PATH"); + info!( + "Can't create keys because OpenSSL is not available, make sure it's installed and available on the PATH" + ); exit(1); }); From 390d10d6566405c82f96ef57c784a4c910f292b2 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Wed, 4 Mar 2020 13:25:38 +0100 Subject: [PATCH 14/27] Relocated SMTP test input+button. - Moved smtp test option to within the "SMTP Email" Settings block. - Added optional option to prevent full page reload. - SMTP Test and Backup do not reload the admin interface any more. --- src/static/templates/admin/page.hbs | 45 ++++++++++++++++------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/src/static/templates/admin/page.hbs b/src/static/templates/admin/page.hbs index f326397..6fd4393 100644 --- a/src/static/templates/admin/page.hbs +++ b/src/static/templates/admin/page.hbs @@ -72,16 +72,6 @@ environment. -
-
SMTP Test
- Email: - - - - - -
-
{{#each config}} {{#if groupdoc}} @@ -121,6 +111,17 @@ {{/if}} {{/each}} + {{#case group "smtp"}} +
+ +
+ +
+ +
+
+
+ {{/case}} {{/if}} @@ -202,7 +203,11 @@