mirror of
https://github.com/ViViDboarder/bitwarden_rs_ldap.git
synced 2024-12-21 08:37:33 +00:00
Rebrand vaultwarden
This commit is contained in:
parent
e05929765c
commit
a0bb9152ee
22
Cargo.lock
generated
22
Cargo.lock
generated
@ -39,17 +39,6 @@ name = "bitflags"
|
||||
version = "1.0.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
|
||||
[[package]]
|
||||
name = "bitwarden_rs_ldap"
|
||||
version = "0.3.1"
|
||||
dependencies = [
|
||||
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "build_const"
|
||||
version = "0.2.1"
|
||||
@ -1340,6 +1329,17 @@ dependencies = [
|
||||
"rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "vaultwarden_ldap"
|
||||
version = "0.3.1"
|
||||
dependencies = [
|
||||
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "vcpkg"
|
||||
version = "0.2.6"
|
||||
|
@ -1,5 +1,5 @@
|
||||
[package]
|
||||
name = "bitwarden_rs_ldap"
|
||||
name = "vaultwarden_ldap"
|
||||
version = "0.3.1"
|
||||
authors = ["ViViDboarder <vividboarder@gmail.com>"]
|
||||
edition = "2018"
|
||||
|
@ -1,17 +1,17 @@
|
||||
FROM rust:1.46
|
||||
|
||||
WORKDIR /usr/src/
|
||||
RUN USER=root cargo new --bin bitwarden_rs_ldap
|
||||
WORKDIR /usr/src/bitwarden_rs_ldap
|
||||
RUN USER=root cargo new --bin vaultwarden_ldap
|
||||
WORKDIR /usr/src/vaultwarden_ldap
|
||||
|
||||
# Compile dependencies
|
||||
COPY Cargo.toml Cargo.lock ./
|
||||
RUN cargo build --locked --release
|
||||
|
||||
# Remove bins to make sure we rebuild
|
||||
RUN rm ./target/release/deps/bitwarden_rs_ldap*
|
||||
RUN rm ./target/release/deps/vaultwarden_ldap*
|
||||
# Copy source and install
|
||||
COPY src ./src
|
||||
RUN cargo install --path .
|
||||
|
||||
CMD ["bitwarden_rs_ldap"]
|
||||
CMD ["vaultwarden_ldap"]
|
||||
|
@ -8,7 +8,7 @@ RUN cargo build --locked --release
|
||||
# Remove temp src
|
||||
RUN rm src/*.rs
|
||||
# Remove bins to make sure we rebuild
|
||||
# RUN rm ./target/release/deps/bitwarden_rs_ldap*
|
||||
# RUN rm ./target/release/deps/vaultwarden_ldap*
|
||||
COPY --chown=rust:rust ./src ./src
|
||||
RUN touch ./src/main.rs
|
||||
|
||||
@ -17,7 +17,7 @@ RUN cargo build --release
|
||||
FROM alpine:3
|
||||
RUN apk --no-cache add ca-certificates=20191127-r5
|
||||
COPY --from=builder \
|
||||
/home/rust/src/target/x86_64-unknown-linux-musl/release/bitwarden_rs_ldap \
|
||||
/home/rust/src/target/x86_64-unknown-linux-musl/release/vaultwarden_ldap \
|
||||
/usr/local/bin/
|
||||
|
||||
CMD ["/usr/local/bin/bitwarden_rs_ldap"]
|
||||
CMD ["/usr/local/bin/vaultwarden_ldap"]
|
||||
|
14
Makefile
14
Makefile
@ -1,4 +1,4 @@
|
||||
DOCKER_TAG ?= bitwarden_rs_ldap_${USER}
|
||||
DOCKER_TAG ?= vaultwarden_ldap_${USER}
|
||||
|
||||
.PHONY: all
|
||||
all: test check release
|
||||
@ -7,23 +7,23 @@ all: test check release
|
||||
.DEFAULT_GOAL = test
|
||||
|
||||
# Build debug version
|
||||
target/debug/bitwarden_rs_ldap: src/
|
||||
target/debug/vaultwarden_ldap: src/
|
||||
cargo build
|
||||
|
||||
# Build release version
|
||||
target/release/bitwarden_rs_ldap: src/
|
||||
target/release/vaultwarden_ldap: src/
|
||||
cargo build --locked --release
|
||||
|
||||
.PHONY: debug
|
||||
debug: target/debug/bitwarden_rs_ldap
|
||||
debug: target/debug/vaultwarden_ldap
|
||||
|
||||
.PHONY: release
|
||||
release: target/release/bitwarden_rs_ldap
|
||||
release: target/release/vaultwarden_ldap
|
||||
|
||||
# Run debug version
|
||||
.PHONY: run-debug
|
||||
run-debug: target/debug/bitwarden_rs_ldap
|
||||
target/debug/bitwarden_rs_ldap
|
||||
run-debug: target/debug/vaultwarden_ldap
|
||||
target/debug/vaultwarden_ldap
|
||||
|
||||
# Run all tests
|
||||
.PHONY: test
|
||||
|
16
README.md
16
README.md
@ -1,11 +1,11 @@
|
||||
# bitwarden_rs_ldap
|
||||
A simple LDAP connector for [bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs)
|
||||
# vaultwarden_ldap
|
||||
An LDAP connector for [vaultwarden](https://github.com/dani-garcia/vaultwarden)
|
||||
|
||||
After configuring, run `bitwarden_rs_ldap` and it will invite any users it finds in LDAP to your `bitwarden_rs` instance.
|
||||
After configuring, run `vaultwarden_ldap` and it will invite any users it finds in LDAP to your `vaultwarden` instance.
|
||||
|
||||
## Deploying
|
||||
|
||||
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/bitwarden_rs_ldap`.
|
||||
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/vaultwarden_ldap`.
|
||||
|
||||
Make sure to populate and mount your `config.toml`!
|
||||
|
||||
@ -17,9 +17,9 @@ Configuration values are as follows:
|
||||
|
||||
|Name|Type|Optional|Description|
|
||||
|----|----|--------|-----------|
|
||||
|`bitwarden_url`|String||The root URL for accessing `bitwarden_rs`. Eg: `https://bw.example.com`|
|
||||
|`bitwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `bitwarden_rs`|
|
||||
|`bitwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|
||||
|`vaultwarden_url`|String||The root URL for accessing `vaultwarden`. Eg: `https://vw.example.com`|
|
||||
|`vaultwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `vaultwarden`|
|
||||
|`vaultwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|
||||
|`ldap_host`|String||The hostname or IP address for your ldap server|
|
||||
|`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings|
|
||||
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used and if we should connect with `ldaps`. Defaults to `false`|
|
||||
@ -45,7 +45,7 @@ For those less familiar with `cargo`, you can use the `make` targets that have b
|
||||
All testing is manual right now. First step is to set up Bitwarden and the LDAP server.
|
||||
|
||||
```bash
|
||||
docker-compose up -d bitwarden ldap ldap_admin
|
||||
docker-compose up -d vaultwarden ldap ldap_admin
|
||||
```
|
||||
|
||||
1. After that, open the admin portal on http://localhost:8001 and log in using the default account info:
|
||||
|
@ -7,14 +7,17 @@ services:
|
||||
dockerfile: Dockerfile.alpine
|
||||
volumes:
|
||||
- ./example.config.toml:/config.toml:ro
|
||||
# ./root.cert:/usr/src/bitwarden_rs_ldap/root.cert:ro
|
||||
# ./root.cert:/usr/src/vaultwarden_ldap/root.cert:ro
|
||||
environment:
|
||||
CONFIG_PATH: /config.toml
|
||||
RUST_BACKTRACE: 1
|
||||
depends_on:
|
||||
- vaultwarden
|
||||
- ldap
|
||||
restart: always
|
||||
|
||||
bitwarden:
|
||||
image: bitwardenrs/server
|
||||
vaultwarden:
|
||||
image: vaultwarden/server
|
||||
ports:
|
||||
- 8000:80
|
||||
environment:
|
||||
@ -42,3 +45,5 @@ services:
|
||||
environment:
|
||||
PHPLDAPADMIN_HTTPS: 'false'
|
||||
PHPLDAPADMIN_LDAP_HOSTS: ldap
|
||||
depends_on:
|
||||
- ldap
|
||||
|
@ -1,5 +1,5 @@
|
||||
bitwarden_url = "http://bitwarden:80"
|
||||
bitwarden_admin_token = "admin"
|
||||
vaultwarden_url = "http://vaultwarden:80"
|
||||
vaultwarden_admin_token = "admin"
|
||||
ldap_host = "ldap"
|
||||
ldap_bind_dn = "cn=admin,dc=example,dc=org"
|
||||
ldap_bind_password = "admin"
|
||||
|
@ -36,9 +36,9 @@ pub fn read_config() -> Config {
|
||||
/// Contains all config values for LDAP syncing
|
||||
pub struct Config {
|
||||
// Bitwarden connection config
|
||||
bitwarden_url: String,
|
||||
bitwarden_admin_token: String,
|
||||
bitwarden_root_cert_file: Option<String>,
|
||||
vaultwarden_url: String,
|
||||
vaultwarden_admin_token: String,
|
||||
vaultwarden_root_cert_file: Option<String>,
|
||||
// LDAP Connection config
|
||||
ldap_host: String,
|
||||
ldap_scheme: Option<String>,
|
||||
@ -66,17 +66,17 @@ impl Config {
|
||||
read_config()
|
||||
}
|
||||
|
||||
pub fn get_bitwarden_url(&self) -> String {
|
||||
self.bitwarden_url.clone()
|
||||
pub fn get_vaultwarden_url(&self) -> String {
|
||||
self.vaultwarden_url.clone()
|
||||
}
|
||||
|
||||
pub fn get_bitwarden_admin_token(&self) -> String {
|
||||
self.bitwarden_admin_token.clone()
|
||||
pub fn get_vaultwarden_admin_token(&self) -> String {
|
||||
self.vaultwarden_admin_token.clone()
|
||||
}
|
||||
|
||||
pub fn get_bitwarden_root_cert_file(&self) -> String {
|
||||
match &self.bitwarden_root_cert_file {
|
||||
Some(bitwarden_root_cert_file) => bitwarden_root_cert_file.clone(),
|
||||
pub fn get_vaultwarden_root_cert_file(&self) -> String {
|
||||
match &self.vaultwarden_root_cert_file {
|
||||
Some(vaultwarden_root_cert_file) => vaultwarden_root_cert_file.clone(),
|
||||
None => String::new(),
|
||||
}
|
||||
}
|
||||
|
18
src/main.rs
18
src/main.rs
@ -7,15 +7,15 @@ use std::time::Duration;
|
||||
|
||||
use ldap3::{DerefAliases, LdapConn, LdapConnSettings, Scope, SearchEntry, SearchOptions};
|
||||
|
||||
mod bw_admin;
|
||||
mod config;
|
||||
mod vw_admin;
|
||||
|
||||
fn main() {
|
||||
let config = config::Config::from_file();
|
||||
let mut client = bw_admin::Client::new(
|
||||
config.get_bitwarden_url().clone(),
|
||||
config.get_bitwarden_admin_token().clone(),
|
||||
config.get_bitwarden_root_cert_file().clone(),
|
||||
let mut client = vw_admin::Client::new(
|
||||
config.get_vaultwarden_url().clone(),
|
||||
config.get_vaultwarden_admin_token().clone(),
|
||||
config.get_vaultwarden_root_cert_file().clone(),
|
||||
);
|
||||
|
||||
if let Err(e) = invite_users(&config, &mut client, config.get_ldap_sync_loop()) {
|
||||
@ -26,7 +26,7 @@ fn main() {
|
||||
/// Invites new users to Bitwarden from LDAP
|
||||
fn invite_users(
|
||||
config: &config::Config,
|
||||
client: &mut bw_admin::Client,
|
||||
client: &mut vw_admin::Client,
|
||||
start_loop: bool,
|
||||
) -> Result<(), Box<dyn Error>> {
|
||||
if start_loop {
|
||||
@ -39,7 +39,7 @@ fn invite_users(
|
||||
}
|
||||
|
||||
/// Creates set of email addresses for users that already exist in Bitwarden
|
||||
fn get_existing_users(client: &mut bw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
|
||||
fn get_existing_users(client: &mut vw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
|
||||
let all_users = client.users()?;
|
||||
let mut user_emails = HashSet::with_capacity(all_users.len());
|
||||
for user in all_users {
|
||||
@ -119,7 +119,7 @@ fn search_entries(config: &config::Config) -> Result<Vec<SearchEntry>, Box<dyn E
|
||||
/// Invite all LDAP users to Bitwarden
|
||||
fn invite_from_ldap(
|
||||
config: &config::Config,
|
||||
client: &mut bw_admin::Client,
|
||||
client: &mut vw_admin::Client,
|
||||
) -> Result<(), Box<dyn Error>> {
|
||||
match get_existing_users(client) {
|
||||
Ok(existing_users) => {
|
||||
@ -161,7 +161,7 @@ fn invite_from_ldap(
|
||||
/// Begin sync loop to invite LDAP users to Bitwarden
|
||||
fn start_sync_loop(
|
||||
config: &config::Config,
|
||||
client: &mut bw_admin::Client,
|
||||
client: &mut vw_admin::Client,
|
||||
) -> Result<(), Box<dyn Error>> {
|
||||
let interval = Duration::from_secs(config.get_ldap_sync_interval_seconds());
|
||||
loop {
|
||||
|
Loading…
Reference in New Issue
Block a user