other/BitBetter
1
0
Fork 0
mirror of https://github.com/jakeswenson/BitBetter.git synced 2025-10-18 14:33:26 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: other:08a6b94d4781445e3bd3306cb95dbd7a02188624
Branches Tags
other:master
other:unified
..
compare: other:b75dfb25129d8a9b4bdd26d02cb2c21e05d4bef6
Branches Tags
other:master
other:unified

No commits in common. "08a6b94d4781445e3bd3306cb95dbd7a02188624" and "b75dfb25129d8a9b4bdd26d02cb2c21e05d4bef6" have entirely different histories.
08a6b94d47 ... b75dfb2512

11 changed files with 63 additions and 96 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -7,5 +7,5 @@ src/bitBetter/.vs/*
*.pem *.pem
.vscode/ .vscode/
*.pfx *.pfx
*.cer *.cert
*.vsidx *.vsidx

2
.servers/serverlist.txt
View File

@ -1,4 +1,4 @@
# Uncomment a line below and fill in the missing values or add your own. Every line in this file will be called by build.[sh|ps1] once the patched image is built. # Uncomment a line below and fill in the missing values or add your own. Every line in this file will be called by build.[sh|ps1] once the patched image is built.
# docker run -d --name bitwarden -v <full-local-path>\logs:/var/log/bitwarden -v <full-local-path>\bwdata:/etc/bitwarden -p 80:8080 --env-file <full-local-path>\settings.env bitwarden-patched # docker run -d --name bitwarden -v <full-local-path>\logs:/var/log/bitwarden -v <full-local-path>\bwdata:/etc/bitwarden -p 80:8080 --env-file <full-local-path>\settings.env bitwarden-patch
# <OR> # <OR>
# docker-compose -f <full-local-path>/docker-compose.yml up -d # docker-compose -f <full-local-path>/docker-compose.yml up -d

6
README.md
View File

@ -46,8 +46,8 @@ If you wish to generate your self-signed cert & key manually, you can run the fo
```bash ```bash
cd .keys cd .keys
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cer -days 36500 -outform DER -passout pass:test openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
openssl x509 -inform DER -in cert.cer -out cert.pem openssl x509 -inform DER -in cert.cert -out cert.pem
openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
``` ```
@ -70,7 +70,7 @@ From the BitBetter directory, simply run:
./build.[sh|ps1] ./build.[sh|ps1]
``` ```
This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/self-host` image called `bitwarden-patched`. This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/self-host` image called `bitwarden-patch`.
Afterwards it will automatically generate the license generator and start all previously specified containers which are **now ready to accept self-issued licenses.** Afterwards it will automatically generate the license generator and start all previously specified containers which are **now ready to accept self-issued licenses.**

54
build.ps1
View File

@ -7,7 +7,7 @@ $tempdirectory = "$pwd\temp"
$components = "Api","Identity" $components = "Api","Identity"
# delete old directories / files if applicable # delete old directories / files if applicable
if (Test-Path "$tempdirectory" -PathType Container) { if (Test-Path "$tempdirectory") {
Remove-Item "$tempdirectory" -Recurse -Force Remove-Item "$tempdirectory" -Recurse -Force
} }
@ -19,38 +19,33 @@ if (Test-Path -Path "$pwd\src\licenseGen\cert.pfx" -PathType Leaf) {
Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force
} }
if (Test-Path -Path "$pwd\src\bitBetter\cert.cer" -PathType Leaf) { if (Test-Path -Path "$pwd\src\bitBetter\cert.cert" -PathType Leaf) {
Remove-Item "$pwd\src\bitBetter\cert.cer" -Force Remove-Item "$pwd\src\bitBetter\cert.cert" -Force
} }
if (Test-Path "$pwd\.keys\cert.cert" -PathType Leaf) {
Rename-Item -Path "$pwd\.keys\cert.cert" -NewName "$pwd\.keys\cert.cer"
}
# generate keys if none are available # generate keys if none are available
if (!(Test-Path "$pwd\.keys" -PathType Container)) { if (!(Test-Path "$pwd\.keys")) {
.\generateKeys.ps1 .\generateKeys.ps1
} }
# copy the key to bitBetter # copy the key to bitBetter
Copy-Item "$pwd\.keys\cert.cer" -Destination "$pwd\src\bitBetter" Copy-Item "$pwd\.keys\cert.cert" -Destination "$pwd\src\bitBetter"
# build bitBetter and clean the source directory after # build bitBetter and clean the source directory after
docker build --no-cache -t bitbetter/bitbetter "$pwd\src\bitBetter" docker build --no-cache -t bitbetter/bitbetter "$pwd\src\bitBetter"
Remove-Item "$pwd\src\bitBetter\cert.cer" -Force Remove-Item "$pwd\src\bitBetter\cert.cert" -Force
# gather all running instances, cannot run a wildcard filter on Ancestor= :( # gather all running instances
$oldinstances = docker container ps --all -f Name=bitwarden --format '{{.ID}}' $oldinstances = docker container ps --all -f Name=bitwarden --format '{{.ID}}'
# stop and remove all running instances # stop all running instances
foreach ($instance in $oldinstances) { foreach ($instance in $oldinstances) {
docker stop $instance docker stop $instance
docker rm $instance docker rm $instance
} }
# update bitwarden itself # update bitwarden itself
if ($args[0] -eq 'update') { if ($args[0] -eq 'y') {
docker pull ghcr.io/bitwarden/self-host:beta docker pull ghcr.io/bitwarden/self-host:beta
} else { } else {
$confirmation = Read-Host "Update (or get) bitwarden source container (y/n)" $confirmation = Read-Host "Update (or get) bitwarden source container (y/n)"
@ -60,25 +55,12 @@ if ($args[0] -eq 'update') {
} }
# stop and remove previous existing patch(ed) container # stop and remove previous existing patch(ed) container
$oldinstances = docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}' docker stop bitwarden-patch
foreach ($instance in $oldinstances) { docker rm bitwarden-patch
docker stop $instance docker image rm bitwarden-patch
docker rm $instance
}
$oldinstances = docker image ls bitwarden-patched --format '{{.ID}}'
foreach ($instance in $oldinstances) {
docker image rm $instance
}
# remove old extract containers
$oldinstances = docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}'
foreach ($instance in $oldinstances) {
docker stop $instance
docker rm $instance
}
# start a new bitwarden instance so we can patch it # start a new bitwarden instance so we can patch it
$patchinstance = docker run -d --name bitwarden-extract ghcr.io/bitwarden/self-host:beta $patchinstance = docker run -d --name bitwarden-patch ghcr.io/bitwarden/self-host:beta
# create our temporary directory # create our temporary directory
New-item -ItemType Directory -Path $tempdirectory New-item -ItemType Directory -Path $tempdirectory
@ -89,15 +71,15 @@ foreach ($component in $components) {
docker cp $patchinstance`:/app/$component/Core.dll "$tempdirectory\$component\Core.dll" docker cp $patchinstance`:/app/$component/Core.dll "$tempdirectory\$component\Core.dll"
} }
# stop and remove our temporary container
docker stop bitwarden-extract
docker rm bitwarden-extract
# run bitBetter, this applies our patches to the required files # run bitBetter, this applies our patches to the required files
docker run -v "$tempdirectory`:/app/mount" --rm bitbetter/bitbetter docker run -v "$tempdirectory`:/app/mount" --rm bitbetter/bitbetter
# create a new image with the patched files # create a new image with the patched files
docker build . --tag bitwarden-patched --file "$pwd\src\bitBetter\Dockerfile-bitwarden-patch" docker build . --tag bitwarden-patch --file "$pwd\src\bitBetter\Dockerfile-bitwarden-patch"
# stop and remove our temporary container
docker stop bitwarden-patch
docker rm bitwarden-patch
# start all user requested instances # start all user requested instances
if (Test-Path -Path "$pwd\.servers\serverlist.txt" -PathType Leaf) { if (Test-Path -Path "$pwd\.servers\serverlist.txt" -PathType Leaf) {

51
build.sh
View File

@ -20,12 +20,8 @@ if [ -f "$PWD/src/licenseGen/cert.pfx" ]; then
rm -f "$PWD/src/licenseGen/cert.pfx" rm -f "$PWD/src/licenseGen/cert.pfx"
fi fi
if [ -f "$PWD/src/bitBetter/cert.cer" ]; then if [ -f "$PWD/src/bitBetter/cert.cert" ]; then
rm -f "$PWD/src/bitBetter/cert.cer" rm -f "$PWD/src/bitBetter/cert.cert"
fi
if [ -f "$PWD/.keys/cert.cert" ]; then
mv "$PWD/.keys/cert.cert" "$PWD/.keys/cert.cer"
fi fi
# generate keys if none are available # generate keys if none are available
@ -34,16 +30,16 @@ if [ ! -d "$PWD/.keys" ]; then
fi fi
# copy the key to bitBetter # copy the key to bitBetter
cp -f "$PWD/.keys/cert.cer" "$PWD/src/bitBetter" cp -f "$PWD/.keys/cert.cert" "$PWD/src/bitBetter"
# build bitBetter and clean the source directory after # build bitBetter and clean the source directory after
docker build --no-cache -t bitbetter/bitbetter "$PWD/src/bitBetter" docker build --no-cache -t bitbetter/bitbetter "$PWD/src/bitBetter"
rm -f "$PWD/src/bitBetter/cert.cer" rm -f "$PWD/src/bitBetter/cert.cert"
# gather all running instances, cannot run a wildcard filter on Ancestor= :( # gather all running instances
OLDINSTANCES=$(docker container ps --all -f Name=bitwarden --format '{{.ID}}') OLDINSTANCES=$(docker container ps --all -f Name=bitwarden --format '{{.ID}}')
# stop and remove all running instances # stop all running instances
for INSTANCE in ${OLDINSTANCES[@]}; do for INSTANCE in ${OLDINSTANCES[@]}; do
docker stop $INSTANCE docker stop $INSTANCE
docker rm $INSTANCE docker rm $INSTANCE
@ -62,25 +58,12 @@ else
fi fi
# stop and remove previous existing patch(ed) container # stop and remove previous existing patch(ed) container
OLDINSTANCES=$(docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}') docker stop bitwarden-patch
for INSTANCE in ${OLDINSTANCES[@]}; do docker rm bitwarden-patch
docker stop $INSTANCE docker image rm bitwarden-patch
docker rm $INSTANCE
done
OLDINSTANCES=$(docker image ls bitwarden-patched --format '{{.ID}}')
for INSTANCE in ${OLDINSTANCES[@]}; do
docker image rm $INSTANCE
done
# remove old extract containers
OLDINSTANCES=$(docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}')
for INSTANCE in ${OLDINSTANCES[@]}; do
docker stop $INSTANCE
docker rm $INSTANCE
done
# start a new bitwarden instance so we can patch it # start a new bitwarden instance so we can patch it
PATCHINSTANCE=$(docker run -d --name bitwarden-extract ghcr.io/bitwarden/self-host:beta) PATCHINSTANCE=$(docker run -d --name bitwarden-patch ghcr.io/bitwarden/self-host:beta)
# create our temporary directory # create our temporary directory
mkdir $TEMPDIRECTORY mkdir $TEMPDIRECTORY
@ -91,21 +74,21 @@ for COMPONENT in ${COMPONENTS[@]}; do
docker cp $PATCHINSTANCE:/app/$COMPONENT/Core.dll "$TEMPDIRECTORY/$COMPONENT/Core.dll" docker cp $PATCHINSTANCE:/app/$COMPONENT/Core.dll "$TEMPDIRECTORY/$COMPONENT/Core.dll"
done done
# stop and remove our temporary container
docker stop bitwarden-extract
docker rm bitwarden-extract
# run bitBetter, this applies our patches to the required files # run bitBetter, this applies our patches to the required files
docker run -v "$TEMPDIRECTORY:/app/mount" --rm bitbetter/bitbetter docker run -v "$TEMPDIRECTORY:/app/mount" --rm bitbetter/bitbetter
# create a new image with the patched files # create a new image with the patched files
docker build . --tag bitwarden-patched --file "$PWD/src/bitBetter/Dockerfile-bitwarden-patch" docker build . --tag bitwarden-patch --file "$PWD/src/bitBetter/Dockerfile-bitwarden-patch"
# stop and remove our temporary container
docker stop bitwarden-patch
docker rm bitwarden-patch
# start all user requested instances # start all user requested instances
if [ -f "$PWD/src/bitBetter/cert.cer" ]; then if [ -f "$PWD/src/bitBetter/cert.cert" ]; then
sed -i 's/\r$//' "$PWD/.servers/serverlist.txt" sed -i 's/\r$//' "$PWD/.servers/serverlist.txt"
cat "$PWD/.servers/serverlist.txt" | while read -r LINE; do cat "$PWD/.servers/serverlist.txt" | while read -r LINE; do
if [[ $LINE == "#*" ]]; then if [[ $LINE == "#*" ]] ;
bash -c "$LINE" bash -c "$LINE"
fi fi
done done

4
generateKeys.ps1
View File

@ -20,6 +20,6 @@ if (Test-Path "$pwd\.keys")
New-item -ItemType Directory -Path "$pwd\.keys" New-item -ItemType Directory -Path "$pwd\.keys"
# generate actual keys # generate actual keys
Invoke-Expression "& '$opensslbinary' req -x509 -newkey rsa:4096 -keyout `"$pwd\.keys\key.pem`" -out `"$pwd\.keys\cert.cer`" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test" Invoke-Expression "& '$opensslbinary' req -x509 -newkey rsa:4096 -keyout `"$pwd\.keys\key.pem`" -out `"$pwd\.keys\cert.cert`" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test"
Invoke-Expression "& '$opensslbinary' x509 -inform DER -in `"$pwd\.keys\cert.cer`" -out `"$pwd\.keys\cert.pem`"" Invoke-Expression "& '$opensslbinary' x509 -inform DER -in `"$pwd\.keys\cert.cert`" -out `"$pwd\.keys\cert.pem`""
Invoke-Expression "& '$opensslbinary' pkcs12 -export -out `"$pwd\.keys\cert.pfx`" -inkey `"$pwd\.keys\key.pem`" -in `"$pwd\.keys\cert.pem`" -passin pass:test -passout pass:test" Invoke-Expression "& '$opensslbinary' pkcs12 -export -out `"$pwd\.keys\cert.pfx`" -inkey `"$pwd\.keys\key.pem`" -in `"$pwd\.keys\cert.pem`" -passin pass:test -passout pass:test"

4
generateKeys.sh
View File

@ -15,6 +15,6 @@ fi
mkdir "$DIR" mkdir "$DIR"
# Generate new keys # Generate new keys
openssl req -x509 -newkey rsa:4096 -keyout "$DIR/key.pem" -out "$DIR/cert.cer" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test openssl req -x509 -newkey rsa:4096 -keyout "$DIR/key.pem" -out "$DIR/cert.cert" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test
openssl x509 -inform DER -in "$DIR/cert.cer" -out "$DIR/cert.pem" openssl x509 -inform DER -in "$DIR/cert.cert" -out "$DIR/cert.pem"
openssl pkcs12 -export -out "$DIR/cert.pfx" -inkey "$DIR/key.pem" -in "$DIR/cert.pem" -passin pass:test -passout pass:test openssl pkcs12 -export -out "$DIR/cert.pfx" -inkey "$DIR/key.pem" -in "$DIR/cert.pem" -passin pass:test -passout pass:test

2
src/bitBetter/Dockerfile
View File

@ -2,7 +2,7 @@ FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /bitBetter WORKDIR /bitBetter
COPY . /bitBetter COPY . /bitBetter
COPY cert.cer /app/ COPY cert.cert /app/
RUN dotnet restore RUN dotnet restore
RUN dotnet publish -c Release -o /app --no-restore RUN dotnet publish -c Release -o /app --no-restore

2
src/bitBetter/Program.cs
View File

@ -14,7 +14,7 @@ internal class Program
{ {
private static Int32 Main() private static Int32 Main()
{ {
const String certFile = "/app/cert.cer"; const String certFile = "/app/cert.cert";
String[] files = Directory.GetFiles("/app/mount", "Core.dll", SearchOption.AllDirectories); String[] files = Directory.GetFiles("/app/mount", "Core.dll", SearchOption.AllDirectories);
foreach (String file in files) foreach (String file in files)

20
src/licenseGen/Program.cs
View File

@ -446,24 +446,26 @@ internal class Program
Set(type, license, "Use2fa", true); Set(type, license, "Use2fa", true);
Set(type, license, "UseApi", true); Set(type, license, "UseApi", true);
Set(type, license, "UseResetPassword", true); Set(type, license, "UseResetPassword", true);
Set(type, license, "UseCustomPermissions", true);
Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage); Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage);
Set(type, license, "SelfHost", true); Set(type, license, "SelfHost", true);
Set(type, license, "UsersGetPremium", true); Set(type, license, "UsersGetPremium", true);
Set(type, license, "UseCustomPermissions", true);
Set(type, license, "Version", 16);
Set(type, license, "Issued", DateTime.UtcNow);
Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
Set(type, license, "Expires", DateTime.UtcNow.AddYears(100));
Set(type, license, "ExpirationWithoutGracePeriod", DateTime.UtcNow.AddYears(100));
Set(type, license, "UsePasswordManager", true); Set(type, license, "UsePasswordManager", true);
Set(type, license, "UseSecretsManager", true); Set(type, license, "UseSecretsManager", true);
Set(type, license, "SmSeats", Int32.MaxValue); Set(type, license, "SmSeats", Int32.MaxValue);
Set(type, license, "SmServiceAccounts", Int32.MaxValue); Set(type, license, "SmServiceAccounts", Int32.MaxValue);
Set(type, license, "UseRiskInsights", true); Set(type, license, "Version", 15); //This is set to 15 to use AllowAdminAccessToAllCollectionItems can be changed to 13 to just use Secrets Manager
Set(type, license, "LimitCollectionCreationDeletion", true); Set(type, license, "Issued", DateTime.UtcNow);
Set(type, license, "AllowAdminAccessToAllCollectionItems", true); Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
Set(type, license, "Expires", DateTime.UtcNow.AddYears(100));
Set(type, license, "Trial", false); Set(type, license, "Trial", false);
Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "Organization")); Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "Organization"));
Set(type, license, "LimitCollectionCreationDeletion", true); //This will be used in the new version of BitWarden but can be applied now
Set(type, license, "AllowAdminAccessToAllCollectionItems", true);
Set(type, license, "UseRiskInsights", true);
Set(type, license, "UseOrganizationDomains", true);
Set(type, license, "UseAdminSponsoredFamilies", true);
Set(type, license, "UseRiskInsights", true);
Set(type, license, "UseOrganizationDomains", true); Set(type, license, "UseOrganizationDomains", true);
Set(type, license, "UseAdminSponsoredFamilies", true); Set(type, license, "UseAdminSponsoredFamilies", true);
Set(type, license, "Hash", Convert.ToBase64String((Byte[])computeHash.Invoke(license, [])!)); Set(type, license, "Hash", Convert.ToBase64String((Byte[])computeHash.Invoke(license, [])!));