mirror of
https://github.com/ViViDboarder/bitwarden_rs_ldap.git
synced 2024-11-23 19:56:26 +00:00
Rebrand vaultwarden
This commit is contained in:
parent
e05929765c
commit
a0bb9152ee
22
Cargo.lock
generated
22
Cargo.lock
generated
@ -39,17 +39,6 @@ name = "bitflags"
|
|||||||
version = "1.0.4"
|
version = "1.0.4"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "bitwarden_rs_ldap"
|
|
||||||
version = "0.3.1"
|
|
||||||
dependencies = [
|
|
||||||
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "build_const"
|
name = "build_const"
|
||||||
version = "0.2.1"
|
version = "0.2.1"
|
||||||
@ -1340,6 +1329,17 @@ dependencies = [
|
|||||||
"rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
"rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "vaultwarden_ldap"
|
||||||
|
version = "0.3.1"
|
||||||
|
dependencies = [
|
||||||
|
"ldap3 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
"reqwest 0.9.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
"serde 1.0.89 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
"serde_json 1.0.39 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
"toml 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "vcpkg"
|
name = "vcpkg"
|
||||||
version = "0.2.6"
|
version = "0.2.6"
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "bitwarden_rs_ldap"
|
name = "vaultwarden_ldap"
|
||||||
version = "0.3.1"
|
version = "0.3.1"
|
||||||
authors = ["ViViDboarder <vividboarder@gmail.com>"]
|
authors = ["ViViDboarder <vividboarder@gmail.com>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
@ -1,17 +1,17 @@
|
|||||||
FROM rust:1.46
|
FROM rust:1.46
|
||||||
|
|
||||||
WORKDIR /usr/src/
|
WORKDIR /usr/src/
|
||||||
RUN USER=root cargo new --bin bitwarden_rs_ldap
|
RUN USER=root cargo new --bin vaultwarden_ldap
|
||||||
WORKDIR /usr/src/bitwarden_rs_ldap
|
WORKDIR /usr/src/vaultwarden_ldap
|
||||||
|
|
||||||
# Compile dependencies
|
# Compile dependencies
|
||||||
COPY Cargo.toml Cargo.lock ./
|
COPY Cargo.toml Cargo.lock ./
|
||||||
RUN cargo build --locked --release
|
RUN cargo build --locked --release
|
||||||
|
|
||||||
# Remove bins to make sure we rebuild
|
# Remove bins to make sure we rebuild
|
||||||
RUN rm ./target/release/deps/bitwarden_rs_ldap*
|
RUN rm ./target/release/deps/vaultwarden_ldap*
|
||||||
# Copy source and install
|
# Copy source and install
|
||||||
COPY src ./src
|
COPY src ./src
|
||||||
RUN cargo install --path .
|
RUN cargo install --path .
|
||||||
|
|
||||||
CMD ["bitwarden_rs_ldap"]
|
CMD ["vaultwarden_ldap"]
|
||||||
|
@ -8,7 +8,7 @@ RUN cargo build --locked --release
|
|||||||
# Remove temp src
|
# Remove temp src
|
||||||
RUN rm src/*.rs
|
RUN rm src/*.rs
|
||||||
# Remove bins to make sure we rebuild
|
# Remove bins to make sure we rebuild
|
||||||
# RUN rm ./target/release/deps/bitwarden_rs_ldap*
|
# RUN rm ./target/release/deps/vaultwarden_ldap*
|
||||||
COPY --chown=rust:rust ./src ./src
|
COPY --chown=rust:rust ./src ./src
|
||||||
RUN touch ./src/main.rs
|
RUN touch ./src/main.rs
|
||||||
|
|
||||||
@ -17,7 +17,7 @@ RUN cargo build --release
|
|||||||
FROM alpine:3
|
FROM alpine:3
|
||||||
RUN apk --no-cache add ca-certificates=20191127-r5
|
RUN apk --no-cache add ca-certificates=20191127-r5
|
||||||
COPY --from=builder \
|
COPY --from=builder \
|
||||||
/home/rust/src/target/x86_64-unknown-linux-musl/release/bitwarden_rs_ldap \
|
/home/rust/src/target/x86_64-unknown-linux-musl/release/vaultwarden_ldap \
|
||||||
/usr/local/bin/
|
/usr/local/bin/
|
||||||
|
|
||||||
CMD ["/usr/local/bin/bitwarden_rs_ldap"]
|
CMD ["/usr/local/bin/vaultwarden_ldap"]
|
||||||
|
14
Makefile
14
Makefile
@ -1,4 +1,4 @@
|
|||||||
DOCKER_TAG ?= bitwarden_rs_ldap_${USER}
|
DOCKER_TAG ?= vaultwarden_ldap_${USER}
|
||||||
|
|
||||||
.PHONY: all
|
.PHONY: all
|
||||||
all: test check release
|
all: test check release
|
||||||
@ -7,23 +7,23 @@ all: test check release
|
|||||||
.DEFAULT_GOAL = test
|
.DEFAULT_GOAL = test
|
||||||
|
|
||||||
# Build debug version
|
# Build debug version
|
||||||
target/debug/bitwarden_rs_ldap: src/
|
target/debug/vaultwarden_ldap: src/
|
||||||
cargo build
|
cargo build
|
||||||
|
|
||||||
# Build release version
|
# Build release version
|
||||||
target/release/bitwarden_rs_ldap: src/
|
target/release/vaultwarden_ldap: src/
|
||||||
cargo build --locked --release
|
cargo build --locked --release
|
||||||
|
|
||||||
.PHONY: debug
|
.PHONY: debug
|
||||||
debug: target/debug/bitwarden_rs_ldap
|
debug: target/debug/vaultwarden_ldap
|
||||||
|
|
||||||
.PHONY: release
|
.PHONY: release
|
||||||
release: target/release/bitwarden_rs_ldap
|
release: target/release/vaultwarden_ldap
|
||||||
|
|
||||||
# Run debug version
|
# Run debug version
|
||||||
.PHONY: run-debug
|
.PHONY: run-debug
|
||||||
run-debug: target/debug/bitwarden_rs_ldap
|
run-debug: target/debug/vaultwarden_ldap
|
||||||
target/debug/bitwarden_rs_ldap
|
target/debug/vaultwarden_ldap
|
||||||
|
|
||||||
# Run all tests
|
# Run all tests
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
|
16
README.md
16
README.md
@ -1,11 +1,11 @@
|
|||||||
# bitwarden_rs_ldap
|
# vaultwarden_ldap
|
||||||
A simple LDAP connector for [bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs)
|
An LDAP connector for [vaultwarden](https://github.com/dani-garcia/vaultwarden)
|
||||||
|
|
||||||
After configuring, run `bitwarden_rs_ldap` and it will invite any users it finds in LDAP to your `bitwarden_rs` instance.
|
After configuring, run `vaultwarden_ldap` and it will invite any users it finds in LDAP to your `vaultwarden` instance.
|
||||||
|
|
||||||
## Deploying
|
## Deploying
|
||||||
|
|
||||||
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/bitwarden_rs_ldap`.
|
This is easiest done using Docker. See the `docker-compose.yml` file in this repo for an example. If you would like to use Docker Hub rather than building, change `build: .` to `image: vividboarder/vaultwarden_ldap`.
|
||||||
|
|
||||||
Make sure to populate and mount your `config.toml`!
|
Make sure to populate and mount your `config.toml`!
|
||||||
|
|
||||||
@ -17,9 +17,9 @@ Configuration values are as follows:
|
|||||||
|
|
||||||
|Name|Type|Optional|Description|
|
|Name|Type|Optional|Description|
|
||||||
|----|----|--------|-----------|
|
|----|----|--------|-----------|
|
||||||
|`bitwarden_url`|String||The root URL for accessing `bitwarden_rs`. Eg: `https://bw.example.com`|
|
|`vaultwarden_url`|String||The root URL for accessing `vaultwarden`. Eg: `https://vw.example.com`|
|
||||||
|`bitwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `bitwarden_rs`|
|
|`vaultwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `vaultwarden`|
|
||||||
|`bitwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|
|`vaultwarden_root_cert_file`|String|Optional|Path to an additional der-encoded root certificate to trust. Eg. `root.cert`. If using Docker see `docker-compose.yml` for how to expose it. Defaults to `empty`|
|
||||||
|`ldap_host`|String||The hostname or IP address for your ldap server|
|
|`ldap_host`|String||The hostname or IP address for your ldap server|
|
||||||
|`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings|
|
|`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings|
|
||||||
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used and if we should connect with `ldaps`. Defaults to `false`|
|
|`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used and if we should connect with `ldaps`. Defaults to `false`|
|
||||||
@ -45,7 +45,7 @@ For those less familiar with `cargo`, you can use the `make` targets that have b
|
|||||||
All testing is manual right now. First step is to set up Bitwarden and the LDAP server.
|
All testing is manual right now. First step is to set up Bitwarden and the LDAP server.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker-compose up -d bitwarden ldap ldap_admin
|
docker-compose up -d vaultwarden ldap ldap_admin
|
||||||
```
|
```
|
||||||
|
|
||||||
1. After that, open the admin portal on http://localhost:8001 and log in using the default account info:
|
1. After that, open the admin portal on http://localhost:8001 and log in using the default account info:
|
||||||
|
@ -7,14 +7,17 @@ services:
|
|||||||
dockerfile: Dockerfile.alpine
|
dockerfile: Dockerfile.alpine
|
||||||
volumes:
|
volumes:
|
||||||
- ./example.config.toml:/config.toml:ro
|
- ./example.config.toml:/config.toml:ro
|
||||||
# ./root.cert:/usr/src/bitwarden_rs_ldap/root.cert:ro
|
# ./root.cert:/usr/src/vaultwarden_ldap/root.cert:ro
|
||||||
environment:
|
environment:
|
||||||
CONFIG_PATH: /config.toml
|
CONFIG_PATH: /config.toml
|
||||||
RUST_BACKTRACE: 1
|
RUST_BACKTRACE: 1
|
||||||
|
depends_on:
|
||||||
|
- vaultwarden
|
||||||
|
- ldap
|
||||||
restart: always
|
restart: always
|
||||||
|
|
||||||
bitwarden:
|
vaultwarden:
|
||||||
image: bitwardenrs/server
|
image: vaultwarden/server
|
||||||
ports:
|
ports:
|
||||||
- 8000:80
|
- 8000:80
|
||||||
environment:
|
environment:
|
||||||
@ -42,3 +45,5 @@ services:
|
|||||||
environment:
|
environment:
|
||||||
PHPLDAPADMIN_HTTPS: 'false'
|
PHPLDAPADMIN_HTTPS: 'false'
|
||||||
PHPLDAPADMIN_LDAP_HOSTS: ldap
|
PHPLDAPADMIN_LDAP_HOSTS: ldap
|
||||||
|
depends_on:
|
||||||
|
- ldap
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
bitwarden_url = "http://bitwarden:80"
|
vaultwarden_url = "http://vaultwarden:80"
|
||||||
bitwarden_admin_token = "admin"
|
vaultwarden_admin_token = "admin"
|
||||||
ldap_host = "ldap"
|
ldap_host = "ldap"
|
||||||
ldap_bind_dn = "cn=admin,dc=example,dc=org"
|
ldap_bind_dn = "cn=admin,dc=example,dc=org"
|
||||||
ldap_bind_password = "admin"
|
ldap_bind_password = "admin"
|
||||||
|
@ -36,9 +36,9 @@ pub fn read_config() -> Config {
|
|||||||
/// Contains all config values for LDAP syncing
|
/// Contains all config values for LDAP syncing
|
||||||
pub struct Config {
|
pub struct Config {
|
||||||
// Bitwarden connection config
|
// Bitwarden connection config
|
||||||
bitwarden_url: String,
|
vaultwarden_url: String,
|
||||||
bitwarden_admin_token: String,
|
vaultwarden_admin_token: String,
|
||||||
bitwarden_root_cert_file: Option<String>,
|
vaultwarden_root_cert_file: Option<String>,
|
||||||
// LDAP Connection config
|
// LDAP Connection config
|
||||||
ldap_host: String,
|
ldap_host: String,
|
||||||
ldap_scheme: Option<String>,
|
ldap_scheme: Option<String>,
|
||||||
@ -66,17 +66,17 @@ impl Config {
|
|||||||
read_config()
|
read_config()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_bitwarden_url(&self) -> String {
|
pub fn get_vaultwarden_url(&self) -> String {
|
||||||
self.bitwarden_url.clone()
|
self.vaultwarden_url.clone()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_bitwarden_admin_token(&self) -> String {
|
pub fn get_vaultwarden_admin_token(&self) -> String {
|
||||||
self.bitwarden_admin_token.clone()
|
self.vaultwarden_admin_token.clone()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_bitwarden_root_cert_file(&self) -> String {
|
pub fn get_vaultwarden_root_cert_file(&self) -> String {
|
||||||
match &self.bitwarden_root_cert_file {
|
match &self.vaultwarden_root_cert_file {
|
||||||
Some(bitwarden_root_cert_file) => bitwarden_root_cert_file.clone(),
|
Some(vaultwarden_root_cert_file) => vaultwarden_root_cert_file.clone(),
|
||||||
None => String::new(),
|
None => String::new(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
18
src/main.rs
18
src/main.rs
@ -7,15 +7,15 @@ use std::time::Duration;
|
|||||||
|
|
||||||
use ldap3::{DerefAliases, LdapConn, LdapConnSettings, Scope, SearchEntry, SearchOptions};
|
use ldap3::{DerefAliases, LdapConn, LdapConnSettings, Scope, SearchEntry, SearchOptions};
|
||||||
|
|
||||||
mod bw_admin;
|
|
||||||
mod config;
|
mod config;
|
||||||
|
mod vw_admin;
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
let config = config::Config::from_file();
|
let config = config::Config::from_file();
|
||||||
let mut client = bw_admin::Client::new(
|
let mut client = vw_admin::Client::new(
|
||||||
config.get_bitwarden_url().clone(),
|
config.get_vaultwarden_url().clone(),
|
||||||
config.get_bitwarden_admin_token().clone(),
|
config.get_vaultwarden_admin_token().clone(),
|
||||||
config.get_bitwarden_root_cert_file().clone(),
|
config.get_vaultwarden_root_cert_file().clone(),
|
||||||
);
|
);
|
||||||
|
|
||||||
if let Err(e) = invite_users(&config, &mut client, config.get_ldap_sync_loop()) {
|
if let Err(e) = invite_users(&config, &mut client, config.get_ldap_sync_loop()) {
|
||||||
@ -26,7 +26,7 @@ fn main() {
|
|||||||
/// Invites new users to Bitwarden from LDAP
|
/// Invites new users to Bitwarden from LDAP
|
||||||
fn invite_users(
|
fn invite_users(
|
||||||
config: &config::Config,
|
config: &config::Config,
|
||||||
client: &mut bw_admin::Client,
|
client: &mut vw_admin::Client,
|
||||||
start_loop: bool,
|
start_loop: bool,
|
||||||
) -> Result<(), Box<dyn Error>> {
|
) -> Result<(), Box<dyn Error>> {
|
||||||
if start_loop {
|
if start_loop {
|
||||||
@ -39,7 +39,7 @@ fn invite_users(
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Creates set of email addresses for users that already exist in Bitwarden
|
/// Creates set of email addresses for users that already exist in Bitwarden
|
||||||
fn get_existing_users(client: &mut bw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
|
fn get_existing_users(client: &mut vw_admin::Client) -> Result<HashSet<String>, Box<dyn Error>> {
|
||||||
let all_users = client.users()?;
|
let all_users = client.users()?;
|
||||||
let mut user_emails = HashSet::with_capacity(all_users.len());
|
let mut user_emails = HashSet::with_capacity(all_users.len());
|
||||||
for user in all_users {
|
for user in all_users {
|
||||||
@ -119,7 +119,7 @@ fn search_entries(config: &config::Config) -> Result<Vec<SearchEntry>, Box<dyn E
|
|||||||
/// Invite all LDAP users to Bitwarden
|
/// Invite all LDAP users to Bitwarden
|
||||||
fn invite_from_ldap(
|
fn invite_from_ldap(
|
||||||
config: &config::Config,
|
config: &config::Config,
|
||||||
client: &mut bw_admin::Client,
|
client: &mut vw_admin::Client,
|
||||||
) -> Result<(), Box<dyn Error>> {
|
) -> Result<(), Box<dyn Error>> {
|
||||||
match get_existing_users(client) {
|
match get_existing_users(client) {
|
||||||
Ok(existing_users) => {
|
Ok(existing_users) => {
|
||||||
@ -161,7 +161,7 @@ fn invite_from_ldap(
|
|||||||
/// Begin sync loop to invite LDAP users to Bitwarden
|
/// Begin sync loop to invite LDAP users to Bitwarden
|
||||||
fn start_sync_loop(
|
fn start_sync_loop(
|
||||||
config: &config::Config,
|
config: &config::Config,
|
||||||
client: &mut bw_admin::Client,
|
client: &mut vw_admin::Client,
|
||||||
) -> Result<(), Box<dyn Error>> {
|
) -> Result<(), Box<dyn Error>> {
|
||||||
let interval = Duration::from_secs(config.get_ldap_sync_interval_seconds());
|
let interval = Duration::from_secs(config.get_ldap_sync_interval_seconds());
|
||||||
loop {
|
loop {
|
||||||
|
Loading…
Reference in New Issue
Block a user