Browse Source

Rebrand vaultwarden

pull/31/head
ViViDboarder 1 month ago
parent
commit
a0bb9152ee
  1. 22
      Cargo.lock
  2. 2
      Cargo.toml
  3. 8
      Dockerfile
  4. 6
      Dockerfile.alpine
  5. 14
      Makefile
  6. 16
      README.md
  7. 11
      docker-compose.yml
  8. 4
      example.config.toml
  9. 20
      src/config.rs
  10. 18
      src/main.rs
  11. 0
      src/vw_admin.rs

22
Cargo.lock

@ -39,17 +39,6 @@ name = "bitflags"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
[[package]]
name = "bitwarden_rs_ldap"
version = "0.3.1"
dependencies = [
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "build_const"
version = "0.2.1"
@ -1340,6 +1329,17 @@ dependencies = [
"rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "vaultwarden_ldap"
version = "0.3.1"
dependencies = [
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "vcpkg"
version = "0.2.6"

2
Cargo.toml

@ -1,5 +1,5 @@
[package]
name = "bitwarden_rs_ldap"
name = "vaultwarden_ldap"
version = "0.3.1"
authors = ["ViViDboarder <vividboarder@gmail.com>"]
edition = "2018"

8
Dockerfile

@ -1,17 +1,17 @@
FROM rust:1.46
WORKDIR /usr/src/
RUN USER=root cargo new --bin bitwarden_rs_ldap
WORKDIR /usr/src/bitwarden_rs_ldap
RUN USER=root cargo new --bin vaultwarden_ldap
WORKDIR /usr/src/vaultwarden_ldap
# Compile dependencies
COPY Cargo.toml Cargo.lock ./
RUN cargo build --locked --release
# Remove bins to make sure we rebuild
RUN rm ./target/release/deps/bitwarden_rs_ldap*
RUN rm ./target/release/deps/vaultwarden_ldap*
# Copy source and install
COPY src ./src
RUN cargo install --path .
CMD ["bitwarden_rs_ldap"]
CMD ["vaultwarden_ldap"]

6
Dockerfile.alpine

@ -8,7 +8,7 @@ RUN cargo build --locked --release
# Remove temp src
RUN rm src/*.rs
# Remove bins to make sure we rebuild
# RUN rm ./target/release/deps/bitwarden_rs_ldap*
# RUN rm ./target/release/deps/vaultwarden_ldap*
COPY --chown=rust:rust ./src ./src
RUN touch ./src/main.rs
@ -17,7 +17,7 @@ RUN cargo build --release
FROM alpine:3
RUN apk --no-cache add ca-certificates=20191127-r5
COPY --from=builder \
/home/rust/src/target/x86_64-unknown-linux-musl/release/bitwarden_rs_ldap \
/home/rust/src/target/x86_64-unknown-linux-musl/release/vaultwarden_ldap \
/usr/local/bin/
CMD ["/usr/local/bin/bitwarden_rs_ldap"]
CMD ["/usr/local/bin/vaultwarden_ldap"]

14
Makefile

@ -1,4 +1,4 @@
DOCKER_TAG ?= bitwarden_rs_ldap_${USER}
DOCKER_TAG ?= vaultwarden_ldap_${USER}
.PHONY: all
all: test check release
@ -7,23 +7,23 @@ all: test check release
.DEFAULT_GOAL = test
# Build debug version
target/debug/bitwarden_rs_ldap: src/
target/debug/vaultwarden_ldap: src/
cargo build
# Build release version
target/release/bitwarden_rs_ldap: src/
target/release/vaultwarden_ldap: src/
cargo build --locked --release
.PHONY: debug
debug: target/debug/bitwarden_rs_ldap
debug: target/debug/vaultwarden_ldap
.PHONY: release
release: target/release/bitwarden_rs_ldap
release: target/release/vaultwarden_ldap
# Run debug version
.PHONY: run-debug
run-debug: target/debug/bitwarden_rs_ldap
target/debug/bitwarden_rs_ldap
run-debug: target/debug/vaultwarden_ldap
target/debug/vaultwarden_ldap
# Run all tests
.PHONY: test

16
README.md

@ -1,11 +1,11 @@
# bitwarden_rs_ldap
A simple LDAP connector for [bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs)
# vaultwarden_ldap
An LDAP connector for [vaultwarden](https://github.com/dani-garcia/vaultwarden)
After configuring, run `bitwarden_rs_ldap` and it will invite any users it finds in LDAP to your `bitwarden_rs` instance.
After configuring, run `vaultwarden_ldap` and it will invite any users it finds in LDAP to your `vaultwarden` instance.
## Deploying
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/bitwarden_rs_ldap`.
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/vaultwarden_ldap`.
Make sure to populate and mount your `config.toml`!
@ -17,9 +17,9 @@ Configuration values are as follows:
|Name|Type|Optional|Description|
|----|----|--------|-----------|
|`bitwarden_url`|String||The root URL for accessing `bitwarden_rs`. Eg: `https://bw.example.com`|
|`bitwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `bitwarden_rs`|
|`bitwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|`vaultwarden_url`|String||The root URL for accessing `vaultwarden`. Eg: `https://vw.example.com`|
|`vaultwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `vaultwarden`|
|`vaultwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|`ldap_host`|String||The hostname or IP address for your ldap server|
|`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings|
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used and if we should connect with `ldaps`. Defaults to `false`|
@ -45,7 +45,7 @@ For those less familiar with `cargo`, you can use the `make` targets that have b
All testing is manual right now. First step is to set up Bitwarden and the LDAP server.
```bash
docker-compose up -d bitwarden ldap ldap_admin
docker-compose up -d vaultwarden ldap ldap_admin
```
1. After that, open the admin portal on http://localhost:8001 and log in using the default account info:

11
docker-compose.yml

@ -7,14 +7,17 @@ services:
dockerfile: Dockerfile.alpine
volumes:
- ./example.config.toml:/config.toml:ro
# ./root.cert:/usr/src/bitwarden_rs_ldap/root.cert:ro
# ./root.cert:/usr/src/vaultwarden_ldap/root.cert:ro
environment:
CONFIG_PATH: /config.toml
RUST_BACKTRACE: 1
depends_on:
- vaultwarden
- ldap
restart: always
bitwarden:
image: bitwardenrs/server
vaultwarden:
image: vaultwarden/server
ports:
- 8000:80
environment:
@ -42,3 +45,5 @@ services:
environment:
PHPLDAPADMIN_HTTPS: 'false'
PHPLDAPADMIN_LDAP_HOSTS: ldap
depends_on:
- ldap

4
example.config.toml

@ -1,5 +1,5 @@
bitwarden_url = "http://bitwarden:80"
bitwarden_admin_token = "admin"
vaultwarden_url = "http://vaultwarden:80"
vaultwarden_admin_token = "admin"
ldap_host = "ldap"
ldap_bind_dn = "cn=admin,dc=example,dc=org"
ldap_bind_password = "admin"

20
src/config.rs

@ -36,9 +36,9 @@ pub fn read_config() -> Config {
/// Contains all config values for LDAP syncing
pub struct Config {
// Bitwarden connection config
bitwarden_url: String,
bitwarden_admin_token: String,
bitwarden_root_cert_file: Option<String>,
vaultwarden_url: String,
vaultwarden_admin_token: String,
vaultwarden_root_cert_file: Option<String>,
// LDAP Connection config
ldap_host: String,
ldap_scheme: Option<String>,
@ -66,17 +66,17 @@ impl Config {
read_config()
}
pub fn get_bitwarden_url(&self) -> String {
self.bitwarden_url.clone()
pub fn get_vaultwarden_url(&self) -> String {
self.vaultwarden_url.clone()
}
pub fn get_bitwarden_admin_token(&self) -> String {
self.bitwarden_admin_token.clone()
pub fn get_vaultwarden_admin_token(&self) -> String {
self.vaultwarden_admin_token.clone()
}
pub fn get_bitwarden_root_cert_file(&self) -> String {
match &self.bitwarden_root_cert_file {
Some(bitwarden_root_cert_file) => bitwarden_root_cert_file.clone(),
pub fn get_vaultwarden_root_cert_file(&self) -> String {
match &self.vaultwarden_root_cert_file {
Some(vaultwarden_root_cert_file) => vaultwarden_root_cert_file.clone(),
None => String::new(),
}
}

18
src/main.rs

@ -7,15 +7,15 @@ use std::time::Duration;
use ldap3::{DerefAliases, LdapConn, LdapConnSettings, Scope, SearchEntry, SearchOptions};
mod bw_admin;
mod config;
mod vw_admin;
fn main() {
let config = config::Config::from_file();
let mut client = bw_admin::Client::new(
config.get_bitwarden_url().clone(),
config.get_bitwarden_admin_token().clone(),
config.get_bitwarden_root_cert_file().clone(),
let mut client = vw_admin::Client::new(
config.get_vaultwarden_url().clone(),
config.get_vaultwarden_admin_token().clone(),
config.get_vaultwarden_root_cert_file().clone(),
);
if let Err(e) = invite_users(&config, &mut client, config.get_ldap_sync_loop()) {
@ -26,7 +26,7 @@ fn main() {
/// Invites new users to Bitwarden from LDAP
fn invite_users(
config: &config::Config,
client: &mut bw_admin::Client,
client: &mut vw_admin::Client,
start_loop: bool,
) -> Result<(), Box<dyn Error>> {
if start_loop {
@ -39,7 +39,7 @@ fn invite_users(
}
/// Creates set of email addresses for users that already exist in Bitwarden
fn get_existing_users(client: &mut bw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
fn get_existing_users(client: &mut vw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
let all_users = client.users()?;
let mut user_emails = HashSet::with_capacity(all_users.len());
for user in all_users {
@ -119,7 +119,7 @@ fn search_entries(config: &config::Config) -> Result<Vec<SearchEntry>, Box<dyn E
/// Invite all LDAP users to Bitwarden
fn invite_from_ldap(
config: &config::Config,
client: &mut bw_admin::Client,
client: &mut vw_admin::Client,
) -> Result<(), Box<dyn Error>> {
match get_existing_users(client) {
Ok(existing_users) => {
@ -161,7 +161,7 @@ fn invite_from_ldap(
/// Begin sync loop to invite LDAP users to Bitwarden
fn start_sync_loop(
config: &config::Config,
client: &mut bw_admin::Client,
client: &mut vw_admin::Client,
) -> Result<(), Box<dyn Error>> {
let interval = Duration::from_secs(config.get_ldap_sync_interval_seconds());
loop {

0
src/bw_admin.rs → src/vw_admin.rs

Loading…
Cancel
Save