Update and fix unified branch (#257)

* Upstream patches

* Fix license generator according to upstream changes (#245) (#249)

* Test generating user and organization licenses during build check (#252)

* Fix ps1 script and update language

* Update class path

* Cleanup code

* Cleanup code

* Cleanup code

* Refactor and fixes

* Copy all files

* Copy files only when needed

* Make call consistent

* Simplify call

* Clarify language

* Reuse code

* Cleanup

* Cleanup

* Remove NewtonSoft.Json

* Upgrade dnlib

* Cleanup

* Fix path issue

* Fix comparator

* Cleanup circleci

* Fix type

* Fix circleci

* Properly detect previous version

* Add missing parameter

* Better detect running patched containers

* Improve naming

* Fix line endings

* Fix typo

* Add comment

* Fix tabs

* Cleanup org license

* Use proper file extension

* Add missing file

* Migrate cert.cert if exists

* Check for the correct file

* Fix character check

* Add comment

* Add more documentation

* Add proper line endings

* Add potentially correct line

* Add auto restart

* Update comment

* Improve consistency between bash and powerhell

* Update documentation

* Detect buildx

* Fix spelling mistake

* Fix check order and improve verbosity

README.md

@@ -46,8 +46,8 @@ If you wish to generate your self-signed cert & key manually, you can run the fo
 
 ```bash
 cd .keys
-openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
-openssl x509 -inform DER -in cert.cert -out cert.pem
+openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cer -days 36500 -outform DER -passout pass:test
+openssl x509 -inform DER -in cert.cer -out cert.pem
 openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
 ```
 
@@ -70,7 +70,7 @@ From the BitBetter directory, simply run:
 ./build.[sh|ps1]
 ```
 
-This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/self-host` image called `bitwarden-patch`.
+This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/self-host` image called `bitwarden-patched`.
 
 Afterwards it will automatically generate the license generator and start all previously specified containers which are **now ready to accept self-issued licenses.**
 
@@ -98,6 +98,36 @@ If you ran the build script, you can **simply run the license gen in interactive
 **The license generator will spit out a JSON-formatted license which can then be used within the Bitwarden web front-end to license your user or org!**
 
 
+## Migrating from mssql to a real database
+
+Prepare a new database and bwdata directory, download and prepare the new settings.env (https://raw.githubusercontent.com/bitwarden/self-host/refs/heads/main/docker-unified/settings.env)
+
+Make sure you can get the data from either the backup file or by connecting directly to the mssql database (navicat has a trial).
+
+If required (e.g. you cannot connect to your docker mssql server directly) download Microsoft SQL Server 2022 and SQL Server Management Studio (the latter can be used to import the .bak file)
+
+After cloning this repo and modifying .servers/serverlist.txt to suit your new environment do the following:
+
+```
+docker exec -i bitwarden-mssql /backup-db.sh
+./bitwarden.sh stop
+```
+
+Run build.sh and ensure your new instance serves a webpage AND has populated the new database with the tables (should be empty now)
+
+Proceed to stop the new container for now.
+
+Copy from the old to the new bwdata directory (do not copy/overwrite identity.pfx!):
+ - bwdata/core/licenses to bwdata-new/licenses
+ - bwdata/core/aspnet-dataprotection to bwdata-new/data-protection
+ - bwdata/core/attachments to bwdata-new/attachments
+
+Export data only from the old sql server database, if needed import the .bak file to a local mssql instance.
+
+Only export tables that have rows, makes it much quicker, .json is the easiest with navicat.
+
+Import the rows to the real database, start the new docker container.
+
 ---
 
 # FAQ: Questions you might have.
@@ -114,9 +144,20 @@ In the past we have done so but they were not focused on the type of customer th
 
 UPDATE: Bitwarden now offers a cheap license called [Families Organization](https://bitwarden.com/pricing/) that provides premium features and the ability to self-host Bitwarden for six persons.
 
+## 2fa doesn't work
+
+Unfortunately the new BitWarden container doesn't set the timezone and ignores TZ= from the environment, can be fixed by:
+
+```
+docker exec bitwarden ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
+```
+
+## Changes in settings.env
+
+Require a recreation of the docker container, build.sh will suffice too.
 
 # Footnotes
 
 <a name="#f1"><sup>1</sup></a>This tool builds on top of the `bitbetter/api` container image so make sure you've built that above using the root `./build.sh` script.
 
-<a name="#f2"><sup>2</sup></a> If you wish to change this you'll need to change the value that `licenseGen/Program.cs` uses for its `GenerateUserLicense` and `GenerateOrgLicense` calls. Remember, this is really unnecessary as this certificate does not represent any type of security-related certificate.
+<a name="#f2"><sup>2</sup></a> If you wish to change this you'll need to change the value that `licenseGen/Program.cs` uses for its `GenerateUserLicense` and `GenerateOrgLicense` calls. Remember, this is really unnecessary as this certificate does not represent any type of security-related certificate.