Merge 90e563e21f into 676dd7b85c

Set three new license options to true: UseRiskInsights, UseOrganizationDomains, and UseAdminSponsoredFamilies.

README.md

@@ -14,8 +14,8 @@ Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/B
 - [Getting Started](#getting-started)
   - [Dependencies](#dependencies)
   - [Setting up BitBetter](#setting-up-bitbetter)
+    - [Optional: Manually generating Certificate & Key](#optional-manually-generating-certificate--key)
   - [Building BitBetter](#building-bitbetter)
-    - [Note: Manually generating Certificate & Key](#note-manually-generating-certificate--key)
   - [Updating Bitwarden and BitBetter](#updating-bitwarden-and-bitbetter)
   - [Generating Signed Licenses](#generating-signed-licenses)
     - [Note: Alternative Ways to Generate License](#note-alternative-ways-to-generate-license)
@@ -40,6 +40,21 @@ With your dependencies installed, begin the installation of BitBetter by downloa
 git clone https://github.com/jakeswenson/BitBetter.git
 ```
 
+### Optional: Manually generating Certificate & Key
+
+If you wish to generate your self-signed cert & key manually, you can run the following commands.
+
+```bash
+cd .keys
+openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
+openssl x509 -inform DER -in cert.cert -out cert.pem
+openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
+```
+
+> Note that the password here must be `test`.<sup>[1](#f1)</sup>
+
+---
+
 ## Building BitBetter
 
 Now that you've set up your build environment, you can **run the main build script** to generate a modified version of the `bitwarden/api` and `bitwarden/identity` docker images.
@@ -54,8 +69,6 @@ This will create a new self-signed certificate in the `.keys` directory if one d
 You may now simply create the file `/path/to/bwdata/docker/docker-compose.override.yml` with the following contents to utilize the modified images.
 
 ```yaml
-version: '3'
-
 services:
   api:
     image: bitbetter/api
@@ -70,19 +83,6 @@ You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `func
 
 You can now start or restart Bitwarden as normal and the modified api will be used. **It is now ready to accept self-issued licenses.**
 
----
-### Note: Manually generating Certificate & Key
-
-If you wish to generate your self-signed cert & key manually, you can run the following commands.
-
-```bash
-openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
-openssl x509 -inform DER -in cert.cert -out cert.pem
-openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
-```
-
-> Note that the password here must be `test`.<sup>[1](#f1)</sup>
-
 ---
 
 ## Updating Bitwarden and BitBetter

build.sh

@@ -13,10 +13,10 @@ echo "Building BitBetter for BitWarden version $BW_VERSION"
 
 cp "$DIR/.keys/cert.cert" "$DIR/src/bitBetter/.keys"
 
-docker run --rm -v "$DIR/src/bitBetter:/bitBetter" -w=/bitBetter mcr.microsoft.com/dotnet/sdk:6.0 sh build.sh
+docker run --rm -v "$DIR/src/bitBetter:/bitBetter" -w=/bitBetter mcr.microsoft.com/dotnet/sdk:8.0 sh build.sh
 
-docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/api:$BW_VERSION --label com.bitwarden.product="bitbetter" -t bitbetter/api "$DIR/src/bitBetter" # --squash
+docker build --no-cache --build-arg BITWARDEN_TAG=ghcr.io/bitwarden/api:$BW_VERSION --label com.bitwarden.product="bitbetter" -t bitbetter/api "$DIR/src/bitBetter" # --squash
-docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/identity:$BW_VERSION --label com.bitwarden.product="bitbetter" -t bitbetter/identity "$DIR/src/bitBetter" # --squash
+docker build --no-cache --build-arg BITWARDEN_TAG=ghcr.io/bitwarden/identity:$BW_VERSION --label com.bitwarden.product="bitbetter" -t bitbetter/identity "$DIR/src/bitBetter" # --squash
 
 docker tag bitbetter/api bitbetter/api:latest
 docker tag bitbetter/identity bitbetter/identity:latest

src/bitBetter/Dockerfile

@@ -1,7 +1,7 @@
 ARG BITWARDEN_TAG
 FROM ${BITWARDEN_TAG}
 
-COPY bin/Debug/netcoreapp6.0/publish/* /bitBetter/
+COPY bin/Release/net8.0/publish/* /bitBetter/
 COPY ./.keys/cert.cert /newLicensing.cer
 
 RUN set -e; set -x; \

src/bitBetter/bitBetter.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>

src/licenseGen/Dockerfile

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/sdk:6.0 as build
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
 
 WORKDIR /licenseGen
 
@@ -12,6 +12,6 @@ RUN set -e; set -x; \
 
 FROM bitbetter/api
 
-COPY --from=build /licenseGen/bin/Debug/netcoreapp6.0/publish/* /app/
+COPY --from=build /licenseGen/bin/Release/net8.0/publish/* /app/
 
 ENTRYPOINT [ "dotnet", "/app/licenseGen.dll", "--core", "/app/Core.dll", "--cert", "/cert.pfx" ]

src/licenseGen/Program.cs

@@ -398,7 +398,7 @@ namespace bitwardenSelfLicensor
 
             var type = core.GetType("Bit.Core.Models.Business.OrganizationLicense");
             var licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
-            var planTypeEnum = core.GetType("Bit.Core.Enums.PlanType");
+            var planTypeEnum = core.GetType("Bit.Core.Billing.Enums.PlanType");
 
             var license = Activator.CreateInstance(type);
 
@@ -414,14 +414,14 @@ namespace bitwardenSelfLicensor
             set("BillingEmail", email);
             set("BusinessName", string.IsNullOrWhiteSpace(businessName) ? "BitBetter" : businessName);
             set("Enabled", true);
-            set("Plan", "Custom");
+            set("Plan", "Enterprise (Annually)");
-            set("PlanType", Enum.Parse(planTypeEnum, "Custom"));
+            set("PlanType", Enum.Parse(planTypeEnum, "EnterpriseAnnually"));
-            set("Seats", (int)short.MaxValue);
+            set("Seats", int.MaxValue);
             set("MaxCollections", short.MaxValue);
             set("UsePolicies", true);
             set("UseSso", true);
             set("UseKeyConnector", true);
-            //set("UseScim", true); // available in version 10, which is not released yet
+            set("UseScim", true);
             set("UseGroups", true);
             set("UseEvents", true);
             set("UseDirectory", true);
@@ -429,15 +429,25 @@ namespace bitwardenSelfLicensor
             set("Use2fa", true);
             set("UseApi", true);
             set("UseResetPassword", true);
+            set("UseCustomPermissions", true);
             set("MaxStorageGb", storage == 0 ? short.MaxValue : storage);
             set("SelfHost", true);
             set("UsersGetPremium", true);
-            set("Version", 9);
+            set("UsePasswordManager", true);
+            set("UseSecretsManager", true);
+            set("SmSeats", int.MaxValue);
+            set("SmServiceAccounts", int.MaxValue);
+            set("Version", 15); //This is set to 15 to use AllowAdminAccessToAllCollectionItems can be changed to 13 to just use Secrets Manager
             set("Issued", DateTime.UtcNow);
             set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
             set("Expires", DateTime.UtcNow.AddYears(100));
             set("Trial", false);
             set("LicenseType", Enum.Parse(licenseTypeEnum, "Organization"));
+            set("LimitCollectionCreationDeletion", true); //This will be used in the new version of BitWarden but can be applied now
+            set("AllowAdminAccessToAllCollectionItems", true);
+            set("UseRiskInsights", true);
+            set("UseOrganizationDomains", true);
+            set("UseAdminSponsoredFamilies", true);
 
             set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
             set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));

src/licenseGen/licenseGen.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
 
   <ItemGroup>

update-bitwarden.sh

@@ -32,14 +32,14 @@ RECREATE_OV=${tmprecreate:-$RECREATE_OV}
 if [[ $RECREATE_OV =~ ^[Yy]$ ]]
 then
     {
-        echo "version: '3'"
-        echo ""
         echo "services:"
         echo "  api:"
         echo "    image: bitbetter/api:$BW_VERSION"
+        echo "    pull_policy: never"
         echo ""
         echo "  identity:"
         echo "    image: bitbetter/identity:$BW_VERSION"
+        echo "    pull_policy: never"        
         echo ""
     } > $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml
     echo "BitBetter docker-compose override created!"
@@ -71,7 +71,7 @@ cd $BITWARDEN_BASE
 ./bitwarden.sh updateself
 
 # Update the bitwarden.sh: automatically patch run.sh to fix docker-compose pull errors for private images
-awk '1;/function downloadRunFile/{c=6}c&&!--c{print "sed -i '\''s/dccmd pull/dccmd pull --ignore-pull-failures || true/g'\'' $SCRIPTS_DIR/run.sh"}' $BITWARDEN_BASE/bitwarden.sh > tmp_bw.sh && mv tmp_bw.sh $BITWARDEN_BASE/bitwarden.sh 
+sed -i 's/chmod u+x $SCRIPTS_DIR\/run.sh/chmod u+x $SCRIPTS_DIR\/run.sh\n        sed -i \x27s\/dccmd pull\/dccmd pull --ignore-pull-failures || true\/g\x27 $SCRIPTS_DIR\/run.sh/g' -i $BITWARDEN_BASE/bitwarden.sh
 chmod +x $BITWARDEN_BASE/bitwarden.sh
 echo "Patching bitwarden.sh completed..."