other/BitBetter
1
0
Fork 0
mirror of https://github.com/jakeswenson/BitBetter.git synced 2025-12-20 21:56:37 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: other:lite
Branches Tags
other:master other:lite
..
compare: other:44e9356a651051bc69fb8ecb746d3728266b28b9
Branches Tags
other:master other:lite

22 Commits
lite ... 44e9356a65

Author SHA1 Message Date
Genva
44e9356a65 Merge d8465e1aec into 676dd7b85c 2025-06-16 16:38:22 +02:00
Genva
d8465e1aec Remove unnecessary changes in LicensingService.cs 2025-06-16 16:37:32 +02:00
Genva
a3a6564776 fix executable parameter 2025-06-16 16:34:12 +02:00
Genva
eaca0f047e remove loose file parameter 2025-06-16 14:29:49 +02:00
Genva
3f5910c616 pass single file application to license gen 2025-06-16 14:29:22 +02:00
Genva
936059785a support loading Core.dll from single file application 2025-06-16 14:23:04 +02:00
Genva
5b5d1301c9 remove obsolete project 2025-06-16 10:21:24 +02:00
Genva
317af2994b Clone only current version tag 2025-06-16 10:16:27 +02:00
Genva
1a2073cf35 Build image from source 2025-06-14 15:46:18 +02:00
h44z
676dd7b85c Fix warning in Dockerfile (#230) 2025-05-17 14:22:29 +00:00
Lorenzo Moscati
0b33567820 Updated container repository (#225) 
Updated the container image registries from Docker Hub to GitHub Container Registry. Fixes #224
 2025-03-29 17:16:26 +00:00
Alessandro
180ad94838 Move Manually generating Certificate & Key section in README.md (#216) 
Move `Manually generating Certificate & Key` section from `Building BitBetter` to `Setting up BitBetter` and mark it as `Optional` instead of `Note`.

Co-authored-by: h44z <christoph.h@sprinternet.at>
 2024-11-24 19:10:11 +01:00
vdmchkv
38c43a43c9 Prevent docker compose from attempting to pull BitBetter images from the Docker repository (#219) 
Co-authored-by: Vadim Iouchkov <vadim.iouchkov@d-gl.de>
 2024-11-24 19:02:48 +01:00
Michiel Hazelhof
bfc821e918 Update documentation to reflect changes (#214) 2024-11-03 10:22:14 +01:00
Michiel Hazelhof
3ec7b3d843 Quick and dirty fix (#213) 
* Quick and dirty fix

* Don't push obsolete code

* Improve code
 2024-11-01 14:36:03 +00:00
Shuttleu
7f64e2cd4a Update license to version 15 (#211) 
Co-authored-by: captainhook <16797541+captainhook@users.noreply.github.com>
 2024-10-10 14:29:59 +01:00
Michiel Hazelhof
a65277198c Use new location (#202) 2024-06-30 01:33:01 +00:00
kasperk81
12da7d7249 use correct framework (#193) 
* use correct framework

* use correct framework
 2024-03-30 09:31:27 +00:00
Jan Schöppach
3c703f517d Update to .NET 8.0 to fix building with bitwarden v2024.2.2 (#187) 
* Update to .NET 8.0 to fix building with bitwarden v2024.2.2

* Also update license gen to .NET 8.0
 2024-02-22 23:16:34 +00:00
Rakesh
b93c9487eb Update License to use Secrets Manager fully (#182) 2024-01-19 18:02:14 +00:00
Ayitaka
e173c06320 Updated license version to 12, added SM options, increased max seats (short to int) (#172) 
* - Updated license version to 12
- Added new SM license options

* Change seats, smseats, smserviceaccounts from short to int, like they are in the Bitwarden server code, to allow for the accurate maximum amount of seats
 2023-11-29 12:07:21 +00:00
Ayitaka
80c0808e72 Update licenseGen with latest version and options (#165) 
- Changed Version to 10
- Uncommented UseScim
- Added UseCustomPermissions
 2023-04-21 14:24:41 +02:00
23 changed files with 690 additions and 1041 deletions
Expand all files Collapse all files

12
.circleci/config.yml
View File

@@ -1,4 +1,4 @@
version: 2.1 version: 2
jobs: jobs:
build: build:
machine: true machine: true
@@ -9,13 +9,7 @@ jobs:
command: date command: date
- run: - run:
name: Generate Keys name: Generate Keys
command: ./generateKeys.sh command: ./.keys/generate-keys.sh
- run: - run:
name: Build script name: Build script
command: ./build.sh update command: ./build.sh
- run:
name: Test generating user license
command: ./licenseGen.sh user TestName TestEmail@example.com 4a619d4a-522d-4c70-8596-affb5b607c23
- run:
name: Test generating organization license
command: ./licenseGen.sh org TestName TestEmail@example.com 4a619d4a-522d-4c70-8596-affb5b607c23

19
.editorconfig
View File

@@ -1,19 +0,0 @@
root=true
###############################
# Core EditorConfig Options #
###############################
# All files
[*]
indent_style=tab
indent_size=4
trim_trailing_whitespace=true
end_of_line=lf
charset=utf-8
[*.{cs}]
insert_final_newline=false
[*.{md,mkdn}]
trim_trailing_whitespace = true
indent_style = space

1
.gitattributes vendored
View File

@@ -1 +0,0 @@
* text eol=lf

6
.gitignore vendored
View File

@@ -1,12 +1,8 @@
.idea/ .idea/
bin/ bin/
obj/ obj/
src/licenseGen/.vs/*
src/bitBetter/.vs/*
*.dll *.dll
*.pem *.pem
.vscode/ .vscode/
*.pfx *.pfx
*.cer *.cert
*.vsidx
.DS_Store

20
.keys/generate-keys.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
# Check for openssl
command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found. Aborting."; exit 1; }
DIR=`dirname "$0"`
DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd`
# Remove any existing key files
[ ! -e "$DIR/cert.pem" ] || rm "$DIR/cert.pem"
[ ! -e "$DIR/key.pem" ] || rm "$DIR/key.pem"
[ ! -e "$DIR/cert.cert" ] || rm "$DIR/cert.cert"
[ ! -e "$DIR/cert.pfx" ] || rm "$DIR/cert.pfx"
# Generate new keys
openssl req -x509 -newkey rsa:4096 -keyout "$DIR/key.pem" -out "$DIR/cert.cert" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test
openssl x509 -inform DER -in "$DIR/cert.cert" -out "$DIR/cert.pem"
openssl pkcs12 -export -out "$DIR/cert.pfx" -inkey "$DIR/key.pem" -in "$DIR/cert.pem" -passin pass:test -passout pass:test
ls

4
.servers/serverlist.txt
View File

@@ -1,4 +0,0 @@
# Uncomment a line below and fill in the missing values or add your own. Every line in this file will be called by build.[sh|ps1] once the patched image is built.
# docker run -d --name bitwarden --restart=always -v <full-local-path>\logs:/var/log/bitwarden -v <full-local-path>\bwdata:/etc/bitwarden -p 80:8080 --env-file <full-local-path>\settings.env bitwarden-patched
# <OR>
# docker-compose -f <full-local-path>/docker-compose.yml up -d

143
README.md
View File

@@ -1,14 +1,12 @@
# BitBetter lite # BitBetter
BitBetter is is a tool to modify Bitwarden's core dll to allow you to generate your own individual and organisation licenses. BitBetter is is a tool to modify Bitwarden's core dll to allow you to generate your own individual and organisation licenses. **You must have an existing installation of Bitwarden for BitBetter to modify.**
Please see the FAQ below for details on why this software was created. Please see the FAQ below for details on why this software was created.
Be aware that this branch is **only** for the lite (formerly unified) version of bitwarden. It has been rewritten and works in different ways than the master branch. _Beware! BitBetter does janky stuff to rewrite the bitwarden core dll and allow the installation of a self signed certificate. Use at your own risk!_
_Beware! BitBetter is a solution that generates a personal certificate and uses that to generate custom licences. This requires (automated) modifying of libraries. Use at your own risk!_ Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter
Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter and https://github.com/GieltjE/BitBetter
# Table of Contents # Table of Contents
- [BitBetter](#bitbetter) - [BitBetter](#bitbetter)
@@ -27,18 +25,18 @@ Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/B
- [Footnotes](#footnotes) - [Footnotes](#footnotes)
# Getting Started # Getting Started
The following instructions are for unix-based systems (Linux, BSD, macOS) and Windows, just choose the correct script extension (.sh or .ps1 respectively). The following instructions are for unix-based systems (Linux, BSD, macOS), it is possible to use a Windows systems assuming you are able to enable and install [WSL](https://docs.microsoft.com/en-us/windows/wsl/install-win10).
## Dependencies ## Dependencies
Aside from docker, which you also need for Bitwarden, BitBetter requires the following: Aside from docker, which you also need for Bitwarden, BitBetter requires the following:
* Bitwarden (tested with 2025.11.1 might work on lower versions), for safety always stay up to date * Bitwarden (tested with 1.47.1, might work on lower versions)
* openssl (probably already installed on most Linux or WSL systems, any version should work, on Windows it will be auto installed using winget) * openssl (probably already installed on most Linux or WSL systems, any version should work)
## Setting up BitBetter ## Setting up BitBetter
With your dependencies installed, begin the installation of BitBetter by downloading it through Github or using the git command: With your dependencies installed, begin the installation of BitBetter by downloading it through Github or using the git command:
``` ```bash
git clone https://github.com/jakeswenson/BitBetter.git git clone https://github.com/jakeswenson/BitBetter.git
``` ```
@@ -48,90 +46,104 @@ If you wish to generate your self-signed cert & key manually, you can run the fo
```bash ```bash
cd .keys cd .keys
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cer -days 36500 -outform DER -passout pass:test openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
openssl x509 -inform DER -in cert.cer -out cert.pem openssl x509 -inform DER -in cert.cert -out cert.pem
openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
``` ```
> Note that the password here must be `test`.<sup>[1](#f1)</sup> > Note that the password here must be `test`.<sup>[1](#f1)</sup>
---
---
## Building BitBetter ## Building BitBetter
Now that you've set up your build environment, we need to specify which servers to start after the work is done. Now that you've set up your build environment, you can **run the main build script** to generate a modified version of the `bitwarden/api` and `bitwarden/identity` docker images.
The scripts supports running and patching multi instances.
Edit the .servers/serverlist.txt file and fill in the missing values, they can be replaced with existing installation values.
This file may be empty, but there will be no containers will be spun up automatically.
Now it is time to **run the main build script** to generate a modified version of the `ghcr.io/bitwarden/lite` docker image and the license generator.
From the BitBetter directory, simply run: From the BitBetter directory, simply run:
``` ```bash
./build.[sh|ps1] ./build.sh
``` ```
This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `ghcr.io/bitwarden/lite` image called `bitwarden-patched`. This will create a new self-signed certificate in the `.keys` directory if one does not already exist and then create a modified version of the official `bitwarden/api` called `bitbetter/api` and a modified version of the `bitwarden/identity` called `bitbetter/identity`.
Afterwards it will automatically generate the license generator and start all previously specified containers which are **now ready to accept self-issued licenses.** You may now simply create the file `/path/to/bwdata/docker/docker-compose.override.yml` with the following contents to utilize the modified images.
```yaml
services:
api:
image: bitbetter/api
identity:
image: bitbetter/identity
```
You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `function restart()` block, comment out the call to `dockerComposePull`.
> Replace `dockerComposePull`<br>with `#dockerComposePull`
You can now start or restart Bitwarden as normal and the modified api will be used. **It is now ready to accept self-issued licenses.**
--- ---
## Updating Bitwarden and BitBetter ## Updating Bitwarden and BitBetter
To update Bitwarden, the same `build.[sh|ps1]` script can be used. It will rebuild the BitBetter image and automatically update Bitwarden before doing so. To update Bitwarden, the provided `update-bitwarden.sh` script can be used. It will rebuild the BitBetter images and automatically update Bitwarden afterwards. Docker pull errors can be ignored for api and identity images.
You can either run this script without providing any parameters in interactive mode (`./update-bitwarden.sh`) or by setting the parameters as follows, to run the script in non-interactive mode:
```bash
./update-bitwarden.sh param1 param2 param3
```
`param1`: The path to the directory containing your bwdata directory
`param2`: If you want the docker-compose file to be overwritten (either `y` or `n`)
`param3`: If you want the bitbetter images to be rebuild (either `y` or `n`)
If you are updating from versions <= 1.46.2, you may need to run `update-bitwarden.sh` twice to complete the update process.
## Generating Signed Licenses ## Generating Signed Licenses
There is a tool included in the directory `licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps. There is a tool included in the directory `src/licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps.
First, from the `BitBetter/src/licenseGen` directory, **build the license generator**.<sup>[2](#f2)</sup>
```bash
./build.sh
```
In order to run the tool and generate a license you'll need to get a **user's GUID** in order to generate an **invididual license** or the server's **install ID** to generate an **Organization license**. These can be retrieved most easily through the Bitwarden [Admin Portal](https://help.bitwarden.com/article/admin-portal/). In order to run the tool and generate a license you'll need to get a **user's GUID** in order to generate an **invididual license** or the server's **install ID** to generate an **Organization license**. These can be retrieved most easily through the Bitwarden [Admin Portal](https://help.bitwarden.com/article/admin-portal/).
**The user must have a verified email address at the time of license import, otherwise Bitwarden will reject the license key. Nevertheless, the license key can be generated even before the user's email is verified.** **The user must have a verified email address at the time of license import, otherwise Bitwarden will reject the license key. Nevertheless, the license key can be generated even before the user's email is verified.**
If you ran the build script, you can **simply run the license gen in interactive mode** from the `Bitbetter` directory and **follow the prompts to generate your license**. If you generated your keys in the default `BitBetter/.keys` directory, you can **simply run the license gen in interactive mode** from the `Bitbetter` directory and **follow the prompts to generate your license**.
``` ```bash
./licenseGen.[sh|ps1] interactive ./src/licenseGen/run.sh interactive
``` ```
**The license generator will spit out a JSON-formatted license which can then be used within the Bitwarden web front-end to license your user or org!** **The license generator will spit out a JSON-formatted license which can then be used within the Bitwarden web front-end to license your user or org!**
---
## Migrating from mssql to a real database ### Note: Alternative Ways to Generate License
Prepare a new database and bwdata directory, download and prepare the new settings.env (https://raw.githubusercontent.com/bitwarden/self-host/refs/heads/main/bitwarden-lite/settings.env) If you wish to run the license gen from a directory aside from the root `BitBetter` one, you'll have to provide the absolute path to your cert.pfx.
Make sure you can get the data from either the backup file or by connecting directly to the mssql database (navicat has a trial). ```bash
./src/licenseGen/run.sh /Absolute/Path/To/BitBetter/.keys/cert.pfx interactive
If required (e.g. you cannot connect to your docker mssql server directly) download Microsoft SQL Server 2022 and SQL Server Management Studio (the latter can be used to import the .bak file)
After cloning this repo and modifying .servers/serverlist.txt to suit your new environment do the following:
```
docker exec -i bitwarden-mssql /backup-db.sh
./bitwarden.sh stop
``` ```
Run build.sh and ensure your new instance serves a webpage AND has populated the new database with the tables (should be empty now) Additional, instead of interactive mode, you can also pass the parameters directly to the command as follows.
Proceed to stop the new container for now. ```bash
./src/licenseGen/run.sh /Absolute/Path/To/BitBetter/.keys/cert.pfx user "Name" "E-Mail" "User-GUID" ["Storage Space in GB"] ["Custom LicenseKey"]
Copy from the old to the new bwdata directory (do not copy/overwrite identity.pfx!): ./src/licenseGen/run.sh /Absolute/Path/To/BitBetter/.keys/cert.pfx org "Name" "E-Mail" "Install-ID used to install the server" ["Storage Space in GB"] ["Custom LicenseKey"]
- bwdata/core/licenses to bwdata-new/licenses ```
- bwdata/core/aspnet-dataprotection to bwdata-new/data-protection
- bwdata/core/attachments to bwdata-new/attachments
Export data only from the old sql server database, if needed import the .bak file to a local mssql instance.
Only export tables that have rows, makes it much quicker, .json is the easiest with navicat.
Import the rows to the real database, start the new docker container.
--- ---
# FAQ: Questions you might have. # FAQ: Questions you might have.
## Why build a license generator for open source software? ## Why build a license generator for open source software?
@@ -146,29 +158,10 @@ In the past we have done so but they were not focused on the type of customer th
UPDATE: Bitwarden now offers a cheap license called [Families Organization](https://bitwarden.com/pricing/) that provides premium features and the ability to self-host Bitwarden for six persons. UPDATE: Bitwarden now offers a cheap license called [Families Organization](https://bitwarden.com/pricing/) that provides premium features and the ability to self-host Bitwarden for six persons.
## 2fa doesn't work
Unfortunately the new BitWarden container doesn't set the timezone and ignores TZ= from the environment, can be fixed by:
```
docker exec bitwarden ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
```
## Changes in settings.env
Require a recreation of the docker container, build.sh will suffice too.
## Migrating from the old unified branch
```
git branch -m unified lite
git fetch origin
git branch -u origin/lite lite
git remote set-head origin -a
```
# Footnotes # Footnotes
<a name="#f1"><sup>1</sup></a>This tool builds on top of the `bitbetter/api` container image so make sure you've built that above using the root `./build.sh` script. <a name="#f1"><sup>1</sup></a> If you wish to change this you'll need to change the value that `src/licenseGen/Program.cs` uses for its `GenerateUserLicense` and `GenerateOrgLicense` calls. Remember, this is really unnecessary as this certificate does not represent any type of security-related certificate.
<a name="#f2"><sup>2</sup></a>This tool builds on top of the `bitbetter/api` container image so make sure you've built that above using the root `./build.sh` script.
<a name="#f2"><sup>2</sup></a> If you wish to change this you'll need to change the value that `licenseGen/Program.cs` uses for its `GenerateUserLicense` and `GenerateOrgLicense` calls. Remember, this is really unnecessary as this certificate does not represent any type of security-related certificate.

132
build.ps1
View File

@@ -1,132 +0,0 @@
$ErrorActionPreference = 'Stop'
$PSNativeCommandUseErrorActionPreference = $true
# detect buildx, ErrorActionPreference will ensure the script stops execution if not found
docker buildx version
# Enable BuildKit for better build experience and to ensure platform args are populated
$env:DOCKER_BUILDKIT=1
$env:COMPOSE_DOCKER_CLI_BUILD=1
# define temporary directory
$tempdirectory = "$pwd\temp"
# define services to patch
$components = "Api","Identity"
# delete old directories / files if applicable
if (Test-Path "$tempdirectory" -PathType Container) {
Remove-Item "$tempdirectory" -Recurse -Force
}
if (Test-Path -Path "$pwd\src\licenseGen\Core.dll" -PathType Leaf) {
Remove-Item "$pwd\src\licenseGen\Core.dll" -Force
}
if (Test-Path -Path "$pwd\src\licenseGen\cert.pfx" -PathType Leaf) {
Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force
}
if (Test-Path -Path "$pwd\src\bitBetter\cert.cer" -PathType Leaf) {
Remove-Item "$pwd\src\bitBetter\cert.cer" -Force
}
if (Test-Path "$pwd\.keys\cert.cert" -PathType Leaf) {
Rename-Item -Path "$pwd\.keys\cert.cert" -NewName "$pwd\.keys\cert.cer"
}
# generate keys if none are available
if (!(Test-Path "$pwd\.keys" -PathType Container)) {
.\generateKeys.ps1
}
# copy the key to bitBetter
Copy-Item "$pwd\.keys\cert.cer" -Destination "$pwd\src\bitBetter"
# build bitBetter and clean the source directory after
docker build --no-cache -t bitbetter/bitbetter "$pwd\src\bitBetter"
Remove-Item "$pwd\src\bitBetter\cert.cer" -Force
# gather all running instances, cannot run a wildcard filter on Ancestor= :(, does find all where name = *bitwarden*
$oldinstances = docker container ps --all -f Name=bitwarden --format '{{.ID}}'
# stop and remove all running instances
foreach ($instance in $oldinstances) {
docker stop $instance
docker rm $instance
}
# update bitwarden itself
if ($args[0] -eq 'update') {
docker pull ghcr.io/bitwarden/lite:latest
} else {
$confirmation = Read-Host "Update (or get) bitwarden source container (y/n)"
if ($confirmation -eq 'y') {
docker pull ghcr.io/bitwarden/lite:latest
}
}
# stop and remove previous existing patch(ed) container
$oldinstances = docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}'
foreach ($instance in $oldinstances) {
docker stop $instance
docker rm $instance
}
$oldinstances = docker image ls bitwarden-patched --format '{{.ID}}'
foreach ($instance in $oldinstances) {
docker image rm $instance
}
# remove old extract containers
$oldinstances = docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}'
foreach ($instance in $oldinstances) {
docker stop $instance
docker rm $instance
}
# start a new bitwarden instance so we can patch it
$patchinstance = docker run -d --name bitwarden-extract ghcr.io/bitwarden/lite:latest
# create our temporary directory
New-item -ItemType Directory -Path $tempdirectory
# extract the files that need to be patched from the services that need to be patched into our temporary directory
foreach ($component in $components) {
New-item -itemtype Directory -path "$tempdirectory\$component"
docker cp $patchinstance`:/app/$component/Core.dll "$tempdirectory\$component\Core.dll"
}
# stop and remove our temporary container
docker stop bitwarden-extract
docker rm bitwarden-extract
# run bitBetter, this applies our patches to the required files
docker run -v "$tempdirectory`:/app/mount" --rm bitbetter/bitbetter
# create a new image with the patched files
docker build . --tag bitwarden-patched --file "$pwd\src\bitBetter\Dockerfile-bitwarden-patch"
# start all user requested instances
if (Test-Path -Path "$pwd\.servers\serverlist.txt" -PathType Leaf) {
foreach($line in Get-Content "$pwd\.servers\serverlist.txt") {
if (!($line.StartsWith("#"))) {
Invoke-Expression "& $line"
}
}
}
# remove our bitBetter image
docker image rm bitbetter/bitbetter
# copy our patched library to the licenseGen source directory
Copy-Item "$tempdirectory\Identity\Core.dll" -Destination "$pwd\src\licenseGen"
Copy-Item "$pwd\.keys\cert.pfx" -Destination "$pwd\src\licenseGen"
# build the licenseGen
docker build -t bitbetter/licensegen "$pwd\src\licenseGen"
# clean the licenseGen source directory
Remove-Item "$pwd\src\licenseGen\Core.dll" -Force
Remove-Item "$pwd\src\licenseGen\cert.pfx" -Force
# remove our temporary directory
Remove-Item "$tempdirectory" -Recurse -Force

149
build.sh
View File

@@ -1,135 +1,28 @@
#!/bin/bash #!/bin/sh
set -e set -e
DIR=`dirname "$0"`
DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd`
BW_VERSION=$(curl -sL https://go.btwrdn.co/bw-sh-versions | grep '^ *"'coreVersion'":' | awk -F\: '{ print $2 }' | sed -e 's/,$//' -e 's/^"//' -e 's/"$//')
# detect buildx, set -e will ensure the script stops execution if not found echo "Building BitBetter for BitWarden version $BW_VERSION"
docker buildx version
# Enable BuildKit for better build experience and to ensure platform args are populated # If there aren't any keys, generate them first.
export DOCKER_BUILDKIT=1 [ -e "$DIR/.keys/cert.cert" ] || "$DIR/.keys/generate-keys.sh"
export COMPOSE_DOCKER_CLI_BUILD=1
# define temporary directory # Prepare Bitwarden server repository
TEMPDIRECTORY="$PWD/temp" rm -rf $DIR/server
git clone --branch "v${BW_VERSION}" --depth 1 https://github.com/bitwarden/server.git $DIR/server
cp $DIR/.keys/cert.cert $DIR/server/src/Core/licensing.cer
# define services to patch # Build docker images
COMPONENTS=("Api" "Identity") docker build --no-cache --label com.bitwarden.product="bitbetter" $DIR/server -f $DIR/server/src/Api/Dockerfile -t bitbetter/api
docker build --no-cache --label com.bitwarden.product="bitbetter" $DIR/server -f $DIR/server/src/Identity/Dockerfile -t bitbetter/identity
# delete old directories / files if applicable docker tag bitbetter/api bitbetter/api:latest
if [ -d "$TEMPDIRECTORY" ]; then docker tag bitbetter/identity bitbetter/identity:latest
rm -rf "$TEMPDIRECTORY" docker tag bitbetter/api bitbetter/api:$BW_VERSION
fi docker tag bitbetter/identity bitbetter/identity:$BW_VERSION
if [ -f "$PWD/src/licenseGen/Core.dll" ]; then # Remove old instances of the image after a successful build.
rm -f "$PWD/src/licenseGen/Core.dll" ids=$( docker images bitbetter/* | grep -E -v -- "CREATED|latest|${BW_VERSION}" | awk '{ print $3 }' )
fi [ -n "$ids" ] && docker rmi $ids || true
if [ -f "$PWD/src/licenseGen/cert.pfx" ]; then
rm -f "$PWD/src/licenseGen/cert.pfx"
fi
if [ -f "$PWD/src/bitBetter/cert.cer" ]; then
rm -f "$PWD/src/bitBetter/cert.cer"
fi
if [ -f "$PWD/.keys/cert.cert" ]; then
mv "$PWD/.keys/cert.cert" "$PWD/.keys/cert.cer"
fi
# generate keys if none are available
if [ ! -d "$PWD/.keys" ]; then
./generateKeys.sh
fi
# copy the key to bitBetter
cp -f "$PWD/.keys/cert.cer" "$PWD/src/bitBetter"
# build bitBetter and clean the source directory after
docker build --no-cache -t bitbetter/bitbetter "$PWD/src/bitBetter"
rm -f "$PWD/src/bitBetter/cert.cer"
# gather all running instances, cannot run a wildcard filter on Ancestor= :(, does find all where name = *bitwarden*
OLDINSTANCES=$(docker container ps --all -f Name=bitwarden --format '{{.ID}}')
# stop and remove all running instances
for INSTANCE in ${OLDINSTANCES[@]}; do
docker stop $INSTANCE
docker rm $INSTANCE
done
# update bitwarden itself
if [ "$1" = "update" ]; then
docker pull ghcr.io/bitwarden/lite:latest
else
read -p "Update (or get) bitwarden source container (y/n): "
if [[ $REPLY =~ ^[Yy]$ ]]; then
docker pull ghcr.io/bitwarden/lite:latest
fi
fi
# stop and remove previous existing patch(ed) container
OLDINSTANCES=$(docker container ps --all -f Ancestor=bitwarden-patched --format '{{.ID}}')
for INSTANCE in ${OLDINSTANCES[@]}; do
docker stop $INSTANCE
docker rm $INSTANCE
done
OLDINSTANCES=$(docker image ls bitwarden-patched --format '{{.ID}}')
for INSTANCE in ${OLDINSTANCES[@]}; do
docker image rm $INSTANCE
done
# remove old extract containers
OLDINSTANCES=$(docker container ps --all -f Name=bitwarden-extract --format '{{.ID}}')
for INSTANCE in ${OLDINSTANCES[@]}; do
docker stop $INSTANCE
docker rm $INSTANCE
done
# start a new bitwarden instance so we can patch it
PATCHINSTANCE=$(docker run -d --name bitwarden-extract ghcr.io/bitwarden/lite:latest)
# create our temporary directory
mkdir $TEMPDIRECTORY
# extract the files that need to be patched from the services that need to be patched into our temporary directory
for COMPONENT in ${COMPONENTS[@]}; do
mkdir "$TEMPDIRECTORY/$COMPONENT"
docker cp $PATCHINSTANCE:/app/$COMPONENT/Core.dll "$TEMPDIRECTORY/$COMPONENT/Core.dll"
done
# stop and remove our temporary container
docker stop bitwarden-extract
docker rm bitwarden-extract
# run bitBetter, this applies our patches to the required files
docker run -v "$TEMPDIRECTORY:/app/mount" --rm bitbetter/bitbetter
# create a new image with the patched files
docker build . --tag bitwarden-patched --file "$PWD/src/bitBetter/Dockerfile-bitwarden-patch"
# start all user requested instances
if [ -f "$PWD/.servers/serverlist.txt" ]; then
# convert line endings to unix
sed -i 's/\r$//' "$PWD/.servers/serverlist.txt"
cat "$PWD/.servers/serverlist.txt" | while read -r LINE; do
if [[ $LINE != "#"* ]]; then
bash -c "$LINE"
fi
done
fi
# remove our bitBetter image
docker image rm bitbetter/bitbetter
# copy our patched library to the licenseGen source directory
cp -f "$TEMPDIRECTORY/Identity/Core.dll" "$PWD/src/licenseGen"
cp -f "$PWD/.keys/cert.pfx" "$PWD/src/licenseGen"
# build the licenseGen
docker build -t bitbetter/licensegen "$PWD/src/licenseGen"
# clean the licenseGen source directory
rm -f "$PWD/src/licenseGen/Core.dll"
rm -f "$PWD/src/licenseGen/cert.pfx"
# remove our temporary directory
rm -rf "$TEMPDIRECTORY"

25
generateKeys.ps1
View File

@@ -1,25 +0,0 @@
$ErrorActionPreference = 'Stop'
$PSNativeCommandUseErrorActionPreference = $true
# get the basic openssl binary path
$opensslbinary = "$Env:Programfiles\OpenSSL-Win64\bin\openssl.exe"
# if openssl is not installed attempt to install it
if (!(Get-Command $opensslbinary -errorAction SilentlyContinue))
{
winget install openssl
}
# if previous keys exist, remove them
if (Test-Path "$pwd\.keys")
{
Remove-Item "$pwd\.keys" -Recurse -Force
}
# create new directory
New-item -ItemType Directory -Path "$pwd\.keys"
# generate actual keys
Invoke-Expression "& '$opensslbinary' req -x509 -newkey rsa:4096 -keyout `"$pwd\.keys\key.pem`" -out `"$pwd\.keys\cert.cer`" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test"
Invoke-Expression "& '$opensslbinary' x509 -inform DER -in `"$pwd\.keys\cert.cer`" -out `"$pwd\.keys\cert.pem`""
Invoke-Expression "& '$opensslbinary' pkcs12 -export -out `"$pwd\.keys\cert.pfx`" -inkey `"$pwd\.keys\key.pem`" -in `"$pwd\.keys\cert.pem`" -passin pass:test -passout pass:test"

20
generateKeys.sh
View File

@@ -1,20 +0,0 @@
#!/bin/bash
set -e
# Check for openssl
command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found. Aborting."; exit 1; }
DIR="$PWD/.keys"
# if previous keys exist, remove them
if [ -d "$DIR" ]; then
rm -rf "$DIR"
fi
# create new directory
mkdir "$DIR"
# Generate new keys
openssl req -x509 -newkey rsa:4096 -keyout "$DIR/key.pem" -out "$DIR/cert.cer" -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test
openssl x509 -inform DER -in "$DIR/cert.cer" -out "$DIR/cert.pem"
openssl pkcs12 -export -out "$DIR/cert.pfx" -inkey "$DIR/key.pem" -in "$DIR/cert.pem" -passin pass:test -passout pass:test

17
licenseGen.ps1
View File

@@ -1,17 +0,0 @@
$ErrorActionPreference = 'Stop'
$PSNativeCommandUseErrorActionPreference = $true
if ($($args.Count) -lt 1) {
echo "USAGE: <License Gen action> [License Gen args...]"
echo "ACTIONS:"
echo " interactive"
echo " user"
echo " org"
Exit 1
}
if ($args[0] -eq "interactive") {
docker run -it --rm bitbetter/licensegen interactive
} else {
docker run bitbetter/licensegen $args
}

17
licenseGen.sh
View File

@@ -1,17 +0,0 @@
#!/bin/bash
set -e
if [ $# -lt 1 ]; then
echo "USAGE: <License Gen action> [License Gen args...]"
echo "ACTIONS:"
echo " interactive"
echo " user"
echo " org"
exit 1
fi
if [ "$1" = "interactive" ]; then
docker run -it --rm bitbetter/licensegen interactive
else
docker run --rm bitbetter/licensegen "$@"
fi

14
src/bitBetter/Dockerfile
View File

@@ -1,14 +0,0 @@
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /bitBetter
COPY . /bitBetter
COPY cert.cer /app/
RUN dotnet restore
RUN dotnet publish -c Release -o /app --no-restore
FROM mcr.microsoft.com/dotnet/sdk:8.0
WORKDIR /app
COPY --from=build /app .
ENTRYPOINT ["dotnet", "/app/bitBetter.dll"]

3
src/bitBetter/Dockerfile-bitwarden-patch
View File

@@ -1,3 +0,0 @@
FROM ghcr.io/bitwarden/lite:latest
COPY ./temp/ /app/

67
src/bitBetter/Program.cs
View File

@@ -1,67 +0,0 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography.X509Certificates;
using dnlib.DotNet;
using dnlib.DotNet.Emit;
using dnlib.DotNet.Writer;
using dnlib.IO;
namespace bitBetter;
internal class Program
{
private static Int32 Main()
{
const String certFile = "/app/cert.cer";
String[] files = Directory.GetFiles("/app/mount", "Core.dll", SearchOption.AllDirectories);
foreach (String file in files)
{
Console.WriteLine(file);
ModuleDefMD moduleDefMd = ModuleDefMD.Load(file);
Byte[] cert = File.ReadAllBytes(certFile);
EmbeddedResource embeddedResourceToRemove = moduleDefMd.Resources.OfType<EmbeddedResource>().First(r => r.Name.Equals("Bit.Core.licensing.cer"));
EmbeddedResource embeddedResourceToAdd = new("Bit.Core.licensing.cer", cert) { Attributes = embeddedResourceToRemove.Attributes };
moduleDefMd.Resources.Add(embeddedResourceToAdd);
moduleDefMd.Resources.Remove(embeddedResourceToRemove);
DataReader reader = embeddedResourceToRemove.CreateReader();
X509Certificate2 existingCert = new(reader.ReadRemainingBytes());
Console.WriteLine($"Existing Cert Thumbprint: {existingCert.Thumbprint}");
X509Certificate2 certificate = new(cert);
Console.WriteLine($"New Cert Thumbprint: {certificate.Thumbprint}");
IEnumerable<TypeDef> services = moduleDefMd.Types.Where(t => t.Namespace == "Bit.Core.Billing.Services");
TypeDef type = services.First(t => t.Name == "LicensingService");
MethodDef constructor = type.FindConstructors().First();
Instruction instructionToPatch = constructor.Body.Instructions.FirstOrDefault(i => i.OpCode == OpCodes.Ldstr && String.Equals((String)i.Operand, existingCert.Thumbprint, StringComparison.InvariantCultureIgnoreCase));
if (instructionToPatch != null)
{
instructionToPatch.Operand = certificate.Thumbprint;
}
else
{
Console.WriteLine("Can't find constructor to patch");
}
ModuleWriterOptions moduleWriterOptions = new(moduleDefMd);
moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.KeepOldMaxStack;
moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
moduleWriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveRids;
moduleDefMd.Write(file + ".new");
moduleDefMd.Dispose();
File.Delete(file);
File.Move(file + ".new", file);
}
return 0;
}
}

9
src/bitBetter/bitBetter.csproj
View File

@@ -1,9 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net8.0</TargetFramework>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="dnlib" Version="4.5.0" />
</ItemGroup>
</Project>

18
src/licenseGen/Dockerfile
View File

@@ -1,15 +1,17 @@
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /licenseGen WORKDIR /licenseGen
COPY . /licenseGen COPY . /licenseGen
COPY Core.dll /app/
COPY cert.pfx /app/
RUN dotnet restore RUN set -e; set -x; \
RUN dotnet publish -c Release -o /app --no-restore dotnet add package Newtonsoft.Json --version 13.0.1 \
&& dotnet restore \
&& dotnet publish
FROM mcr.microsoft.com/dotnet/sdk:8.0
WORKDIR /app
COPY --from=build /app .
ENTRYPOINT ["dotnet", "/app/licenseGen.dll", "--cert=/app/cert.pfx", "--core=/app/Core.dll"] FROM bitbetter/api
COPY --from=build /licenseGen/bin/Release/net8.0/publish/* /app/
ENTRYPOINT [ "dotnet", "/app/licenseGen.dll", "--core", "/app/Core.dll", "--executable", "/app/Api", "--cert", "/cert.pfx" ]

575
src/licenseGen/Program.cs
View File

@@ -1,224 +1,246 @@
using System; namespace BitwardenSelfLicensor
using System.IO;
using System.Text.Json;
using System.Reflection;
using System.Runtime.Loader;
using System.Security.Cryptography.X509Certificates;
using McMaster.Extensions.CommandLineUtils;
namespace licenseGen;
internal class Program
{ {
private static readonly CommandLineApplication App = new(); using Microsoft.Extensions.CommandLineUtils;
private static readonly CommandOption Cert = App.Option("--cert", "Certificate file", CommandOptionType.SingleValue); using Newtonsoft.Json;
private static readonly CommandOption CoreDll = App.Option("--core", "Path to Core.dll", CommandOptionType.SingleValue); using SingleFileExtractor.Core;
using System;
using System.IO;
using System.Runtime.Loader;
using System.Security.Cryptography.X509Certificates;
private static Int32 Main(String[] args) public static class Program
{ {
App.Command("interactive", config => public static int Main(string[] args)
{ {
String buff, licenseType = "", name = "", email = "", businessName=""; var app = new CommandLineApplication();
Int16 storage = 0; var cert = app.Option("--cert", "cert file", CommandOptionType.SingleValue);
Boolean validGuid = false, validInstallid = false; var coreDll = app.Option("--core", "path to core dll", CommandOptionType.SingleValue);
Guid guid = Guid.Empty, installid = Guid.Empty; var exec = app.Option("--executable", "path to Bitwarden single file executable", CommandOptionType.SingleValue);
bool ExecExists() => File.Exists(exec.Value());
bool CertExists() => File.Exists(cert.Value());
bool CoreExists() => File.Exists(coreDll.Value());
bool VerifyTopOptions() =>
!string.IsNullOrWhiteSpace(cert.Value()) &&
(!string.IsNullOrWhiteSpace(coreDll.Value()) || !string.IsNullOrWhiteSpace(exec.Value())) &&
CertExists() &&
(CoreExists() || ExecExists());
string GetExtractedDll()
{
var coreDllPath = Path.Combine("extract", "Core.dll");
var reader = new ExecutableReader(exec.Value());
reader.ExtractToDirectory("extract");
var fileInfo = new FileInfo(coreDllPath);
return fileInfo.FullName;
}
string GetCoreDllPath() => CoreExists() ? coreDll.Value() : GetExtractedDll();
app.Command("interactive", config =>
{
string buff="", licensetype="", name="", email="", businessname="";
short storage = 0;
bool valid_guid = false, valid_installid = false;
Guid guid = new Guid(), installid = new Guid();
config.OnExecute(() => config.OnExecute(() =>
{ {
Check(); if (!VerifyTopOptions())
Console.WriteLine("Interactive license mode...");
while (licenseType == "")
{ {
Console.WriteLine("What would you like to generate, a [u]ser license or an [o]rg license: "); if (!ExecExists() && !string.IsNullOrWhiteSpace(exec.Value())) config.Error.WriteLine($"Cant find single file executable at: {exec.Value()}");
if (!CoreExists() && !string.IsNullOrWhiteSpace(coreDll.Value())) config.Error.WriteLine($"Cant find core dll at: {coreDll.Value()}");
if (!CertExists()) config.Error.WriteLine($"Cant find certificate at: {cert.Value()}");
config.ShowHelp();
return 1;
}
WriteLine("Interactive license mode...");
while (licensetype == "")
{
WriteLine("What would you like to generate, a [u]ser license or an [o]rg license?");
buff = Console.ReadLine(); buff = Console.ReadLine();
switch (buff) if(buff == "u")
{ {
case "u": licensetype = "user";
{ WriteLineOver("Okay, we will generate a user license.");
licenseType = "user";
Console.WriteLine("Okay, we will generate a user license.");
while (!validGuid) while (valid_guid == false)
{ {
Console.WriteLine("Please provide the user's guid — refer to the Readme for details on how to retrieve this. [GUID]: "); WriteLine("Please provide the user's guid — refer to the Readme for details on how to retrieve this. [GUID]:");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (Guid.TryParse(buff, out guid))validGuid = true; if (Guid.TryParse(buff, out guid))valid_guid = true;
else Console.WriteLine("The user-guid provided does not appear to be valid!"); else WriteLineOver("The user-guid provided does not appear to be valid.");
} }
break;
} }
case "o": else if (buff == "o")
{ {
licenseType = "org"; licensetype = "org";
Console.WriteLine("Okay, we will generate an organization license."); WriteLineOver("Okay, we will generate an organization license.");
while (!validInstallid) while (valid_installid == false)
{ {
Console.WriteLine("Please provide your Bitwarden Install-ID — refer to the Readme for details on how to retrieve this. [Install-ID]: "); WriteLine("Please provide your Bitwarden Install-ID — refer to the Readme for details on how to retrieve this. [Install-ID]:");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (Guid.TryParse(buff, out installid)) validInstallid = true; if (Guid.TryParse(buff, out installid)) valid_installid = true;
else Console.WriteLine("The install-id provided does not appear to be valid."); else WriteLineOver("The install-id provided does not appear to be valid.");
} }
while (businessName == "") while (businessname == "")
{ {
Console.WriteLine("Please enter a business name, default is BitBetter. [Business Name]: "); WriteLineOver("Please enter a business name, default is BitBetter. [Business Name]:");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (buff == "") if (buff == "") businessname = "BitBetter";
else if (CheckBusinessName(buff)) businessname = buff;
}
}
else
{ {
businessName = "BitBetter"; WriteLineOver("Unrecognized option \'" + buff + "\'. ");
}
else if (CheckBusinessName(buff))
{
businessName = buff;
}
}
break;
}
default:
Console.WriteLine("Unrecognized option \'" + buff + "\'.");
break;
} }
} }
while (name == "") while (name == "")
{ {
Console.WriteLine("Please provide the username this license will be registered to. [username]: "); WriteLineOver("Please provide the username this license will be registered to. [username]:");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (CheckUsername(buff)) name = buff; if ( CheckUsername(buff) ) name = buff;
} }
while (email == "") while (email == "")
{ {
Console.WriteLine("Please provide the email address for the user " + name + ". [email]: "); WriteLineOver("Please provide the email address for the user " + name + ". [email]");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (CheckEmail(buff)) if ( CheckEmail(buff) ) email = buff;
{
email = buff;
}
} }
while (storage == 0) while (storage == 0)
{ {
Console.WriteLine("Extra storage space for the user " + name + ". (max.: " + Int16.MaxValue + "). Defaults to maximum value. [storage]"); WriteLineOver("Extra storage space for the user " + name + ". (max.: " + short.MaxValue + "). Defaults to maximum value. [storage]");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (String.IsNullOrWhiteSpace(buff)) if (string.IsNullOrWhiteSpace(buff))
{ {
storage = Int16.MaxValue; storage = short.MaxValue;
} }
else else
{ {
if (CheckStorage(buff)) if (CheckStorage(buff)) storage = short.Parse(buff);
{
storage = Int16.Parse(buff);
}
} }
} }
switch (licenseType) if (licensetype == "user")
{ {
case "user": WriteLineOver("Confirm creation of \"user\" license for username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", User-GUID: \"" + guid + "\"? Y/n");
{
Console.WriteLine("Confirm creation of \"user\" license for username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", User-GUID: \"" + guid + "\"? Y/n");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (buff is "" or "y" or "Y") if ( buff == "" || buff == "y" || buff == "Y" )
{ {
GenerateUserLicense(new X509Certificate2(Cert.Value(), "test"), CoreDll.Value(), name, email, storage, guid, null); GenerateUserLicense(new X509Certificate2(cert.Value(), "test"), GetCoreDllPath(), name, email, storage, guid, null);
} }
else else
{ {
Console.WriteLine("Exiting..."); WriteLineOver("Exiting...");
return 0; return 0;
} }
break;
} }
case "org": else if (licensetype == "org")
{ {
Console.WriteLine("Confirm creation of \"organization\" license for business name: \"" + businessName + "\", username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", Install-ID: \"" + installid + "\"? Y/n"); WriteLineOver("Confirm creation of \"organization\" license for business name: \"" + businessname + "\", username: \"" + name + "\", email: \"" + email + "\", Storage: \"" + storage + " GB\", Install-ID: \"" + installid + "\"? Y/n");
buff = Console.ReadLine(); buff = Console.ReadLine();
if (buff is "" or "y" or "Y") if ( buff == "" || buff == "y" || buff == "Y" )
{ {
GenerateOrgLicense(new X509Certificate2(Cert.Value(), "test"), CoreDll.Value(), name, email, storage, installid, businessName, null); GenerateOrgLicense(new X509Certificate2(cert.Value(), "test"), GetCoreDllPath(), name, email, storage, installid, businessname, null);
} }
else else
{ {
Console.WriteLine("Exiting..."); WriteLineOver("Exiting...");
return 0; return 0;
} }
break;
}
} }
return 0; return 0;
}); });
}); });
App.Command("user", config =>
app.Command("user", config =>
{ {
CommandArgument name = config.Argument("Name", "your name"); var name = config.Argument("Name", "your name");
CommandArgument email = config.Argument("Email", "your email"); var email = config.Argument("Email", "your email");
CommandArgument userIdArg = config.Argument("User ID", "your user id"); var userIdArg = config.Argument("User ID", "your user id");
CommandArgument storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + Int16.MaxValue + " (optional, default = max)"); var storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + short.MaxValue + " (optional, default = max)");
CommandArgument key = config.Argument("Key", "your key id (optional)"); var key = config.Argument("Key", "your key id (optional)");
var help = config.HelpOption("--help | -h | -?");
config.OnExecute(() => config.OnExecute(() =>
{ {
Check(); if (!VerifyTopOptions())
{
if (String.IsNullOrWhiteSpace(name.Value) || String.IsNullOrWhiteSpace(email.Value)) if (!ExecExists() && !string.IsNullOrWhiteSpace(exec.Value())) config.Error.WriteLine($"Cant find single file executable at: {exec.Value()}");
if (!CoreExists() && !string.IsNullOrWhiteSpace(coreDll.Value())) config.Error.WriteLine($"Cant find core dll at: {coreDll.Value()}");
if (!CertExists()) config.Error.WriteLine($"Cant find certificate at: {cert.Value()}");
config.ShowHelp();
return 1;
}
else if (string.IsNullOrWhiteSpace(name.Value) || string.IsNullOrWhiteSpace(email.Value))
{ {
config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}'"); config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}'");
config.ShowHelp(true); config.ShowHelp("user");
return 1; return 1;
} }
if (String.IsNullOrWhiteSpace(userIdArg.Value) || !Guid.TryParse(userIdArg.Value, out Guid userId)) if (string.IsNullOrWhiteSpace(userIdArg.Value) || !Guid.TryParse(userIdArg.Value, out Guid userId))
{ {
config.Error.WriteLine("User ID not provided"); config.Error.WriteLine($"User ID not provided");
config.ShowHelp(true); config.ShowHelp("user");
return 1; return 1;
} }
Int16 storageShort = 0; short storageShort = 0;
if (!String.IsNullOrWhiteSpace(storage.Value)) if (!string.IsNullOrWhiteSpace(storage.Value))
{ {
Double parsedStorage = Double.Parse(storage.Value); var parsedStorage = double.Parse(storage.Value);
if (parsedStorage is > Int16.MaxValue or < 0) if (parsedStorage > short.MaxValue || parsedStorage < 0)
{ {
config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]"); config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + short.MaxValue + "]");
config.ShowHelp(true); config.ShowHelp("org");
return 1; return 1;
} }
storageShort = (Int16) parsedStorage; storageShort = (short) parsedStorage;
} }
GenerateUserLicense(new X509Certificate2(Cert.Value()!, "test"), CoreDll.Value(), name.Value, email.Value, storageShort, userId, key.Value); GenerateUserLicense(new X509Certificate2(cert.Value(), "test"), GetCoreDllPath(), name.Value, email.Value, storageShort, userId, key.Value);
return 0; return 0;
}); });
}); });
App.Command("org", config => app.Command("org", config =>
{ {
CommandArgument name = config.Argument("Name", "your name"); var name = config.Argument("Name", "your name");
CommandArgument email = config.Argument("Email", "your email"); var email = config.Argument("Email", "your email");
CommandArgument installId = config.Argument("InstallId", "your installation id (GUID)"); var installId = config.Argument("InstallId", "your installation id (GUID)");
CommandArgument storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + Int16.MaxValue + " (optional, default = max)"); var storage = config.Argument("Storage", "extra storage space in GB. Maximum is " + short.MaxValue + " (optional, default = max)");
CommandArgument businessName = config.Argument("BusinessName", "name for the organization (optional)"); var businessName = config.Argument("BusinessName", "name for the organization (optional)");
CommandArgument key = config.Argument("Key", "your key id (optional)"); var key = config.Argument("Key", "your key id (optional)");
var help = config.HelpOption("--help | -h | -?");
config.OnExecute(() => config.OnExecute(() =>
{ {
Check(); if (!VerifyTopOptions())
{
if (String.IsNullOrWhiteSpace(name.Value) || String.IsNullOrWhiteSpace(email.Value) || String.IsNullOrWhiteSpace(installId.Value)) if (!ExecExists() && !string.IsNullOrWhiteSpace(exec.Value())) config.Error.WriteLine($"Cant find single file executable at: {exec.Value()}");
if (!CoreExists() && !string.IsNullOrWhiteSpace(coreDll.Value())) config.Error.WriteLine($"Cant find core dll at: {coreDll.Value()}");
if (!CertExists()) config.Error.WriteLine($"Cant find certificate at: {cert.Value()}");
config.ShowHelp();
return 1;
}
else if (string.IsNullOrWhiteSpace(name.Value) ||
string.IsNullOrWhiteSpace(email.Value) ||
string.IsNullOrWhiteSpace(installId.Value))
{ {
config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}' InstallId='{installId.Value}'"); config.Error.WriteLine($"Some arguments are missing: Name='{name.Value}' Email='{email.Value}' InstallId='{installId.Value}'");
config.ShowHelp(true); config.ShowHelp("org");
return 1; return 1;
} }
@@ -226,260 +248,195 @@ internal class Program
{ {
config.Error.WriteLine("Unable to parse your installation id as a GUID"); config.Error.WriteLine("Unable to parse your installation id as a GUID");
config.Error.WriteLine($"Here's a new guid: {Guid.NewGuid()}"); config.Error.WriteLine($"Here's a new guid: {Guid.NewGuid()}");
config.ShowHelp(true); config.ShowHelp("org");
return 1; return 1;
} }
Int16 storageShort = 0; short storageShort = 0;
if (!String.IsNullOrWhiteSpace(storage.Value)) if (!string.IsNullOrWhiteSpace(storage.Value))
{ {
Double parsedStorage = Double.Parse(storage.Value); var parsedStorage = double.Parse(storage.Value);
if (parsedStorage is > Int16.MaxValue or < 0) if (parsedStorage > short.MaxValue || parsedStorage < 0)
{ {
config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]"); config.Error.WriteLine("The storage value provided is outside the accepted range of [0-" + short.MaxValue + "]");
config.ShowHelp(true); config.ShowHelp("org");
return 1; return 1;
} }
storageShort = (Int16)parsedStorage; storageShort = (short) parsedStorage;
} }
GenerateOrgLicense(new X509Certificate2(Cert.Value()!, "test"), CoreDll.Value(), name.Value, email.Value, storageShort, installationId, businessName.Value, key.Value); GenerateOrgLicense(new X509Certificate2(cert.Value(), "test"), GetCoreDllPath(), name.Value, email.Value, storageShort, installationId, businessName.Value, key.Value);
return 0; return 0;
}); });
}); });
App.OnExecute(() => app.OnExecute(() =>
{ {
App.ShowHelp(); app.ShowHelp();
return 10; return 10;
}); });
app.HelpOption("-? | -h | --help");
try try
{ {
App.HelpOption("-? | -h | --help"); return app.Execute(args);
return App.Execute(args);
} }
catch (Exception exception) catch (Exception e)
{ {
Console.Error.WriteLine("Oops: {0}", exception); Console.Error.WriteLine("Oops: {0}", e);
return 100; return 100;
} }
} }
private static void Check()
{
if (Cert == null || String.IsNullOrWhiteSpace(Cert.Value()))
{
App.Error.WriteLine("No certificate specified");
App.ShowHelp();
Environment.Exit(1);
}
else if (CoreDll == null || String.IsNullOrWhiteSpace(CoreDll.Value()))
{
App.Error.WriteLine("No core dll specified");
App.ShowHelp();
Environment.Exit(1);
}
else if (!File.Exists(Cert.Value()))
{
App.Error.WriteLine($"Can't find certificate at: {Cert.Value()}");
App.ShowHelp();
Environment.Exit(1);
}
else if (!File.Exists(CoreDll.Value()))
{
App.Error.WriteLine($"Can't find core dll at: {CoreDll.Value()}");
App.ShowHelp();
Environment.Exit(1);
}
}
// checkUsername Checks that the username is a valid username // checkUsername Checks that the username is a valid username
private static Boolean CheckUsername(String s) private static bool CheckUsername(string s)
{ {
// TODO: Actually validate if ( string.IsNullOrWhiteSpace(s) ) {
if (!String.IsNullOrWhiteSpace(s)) return true; WriteLineOver("The username provided doesn't appear to be valid.\n");
Console.WriteLine("The username provided doesn't appear to be valid!");
return false; return false;
} }
return true; // TODO: Actually validate
}
// checkBusinessName Checks that the Business Name is a valid username // checkBusinessName Checks that the Business Name is a valid username
private static Boolean CheckBusinessName(String s) private static bool CheckBusinessName(string s)
{ {
// TODO: Actually validate if ( string.IsNullOrWhiteSpace(s) ) {
if (!String.IsNullOrWhiteSpace(s)) return true; WriteLineOver("The Business Name provided doesn't appear to be valid.\n");
Console.WriteLine("The Business Name provided doesn't appear to be valid!");
return false; return false;
} }
return true; // TODO: Actually validate
}
// checkEmail Checks that the email address is a valid email address // checkEmail Checks that the email address is a valid email address
private static Boolean CheckEmail(String s) private static bool CheckEmail(string s)
{ {
// TODO: Actually validate if ( string.IsNullOrWhiteSpace(s) ) {
if (!String.IsNullOrWhiteSpace(s)) return true; WriteLineOver("The email provided doesn't appear to be valid.\n");
Console.WriteLine("The email provided doesn't appear to be valid!");
return false; return false;
} }
return true; // TODO: Actually validate
}
// checkStorage Checks that the storage is in a valid range // checkStorage Checks that the storage is in a valid range
private static Boolean CheckStorage(String s) private static bool CheckStorage(string s)
{ {
if (String.IsNullOrWhiteSpace(s)) if (string.IsNullOrWhiteSpace(s))
{ {
Console.WriteLine("The storage provided doesn't appear to be valid!"); WriteLineOver("The storage provided doesn't appear to be valid.\n");
return false; return false;
} }
if (double.Parse(s) > short.MaxValue || double.Parse(s) < 0)
if (!(Double.Parse(s) > Int16.MaxValue) && !(Double.Parse(s) < 0)) return true; {
WriteLineOver("The storage value provided is outside the accepted range of [0-" + short.MaxValue + "].\n");
Console.WriteLine("The storage value provided is outside the accepted range of [0-" + Int16.MaxValue + "]!");
return false; return false;
} }
return true;
private static readonly JsonSerializerOptions JsonOptions = new() { WriteIndented = true };
private static void GenerateUserLicense(X509Certificate2 cert, String corePath, String userName, String email, Int16 storage, Guid userId, String key)
{
Assembly core = AssemblyLoadContext.Default.LoadFromAssemblyPath(Path.GetFullPath(corePath));
Type type = core.GetType("Bit.Core.Billing.Models.Business.UserLicense");
Type licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
if (type == null)
{
Console.WriteLine("Could not find type!");
return;
}
if (licenseTypeEnum == null)
{
Console.WriteLine("Could not find license licenseTypeEnum!");
return;
} }
Object license = Activator.CreateInstance(type); // WriteLineOver Writes a new line to console over last line.
private static void WriteLineOver(string s)
MethodInfo computeHash = type.GetMethod("ComputeHash");
if (computeHash == null)
{ {
Console.WriteLine("Could not find ComputeHash!"); Console.SetCursorPosition(0, Console.CursorTop -1);
return; Console.WriteLine(s);
} }
MethodInfo sign = type.GetMethod("Sign"); // WriteLine This wrapper is just here so that console writes all look similar.
if (sign == null) private static void WriteLine(string s) => Console.WriteLine(s);
private static void GenerateUserLicense(X509Certificate2 cert, string corePath, string userName, string email, short storage, Guid userId, string key)
{ {
Console.WriteLine("Could not find sign!"); var core = AssemblyLoadContext.Default.LoadFromAssemblyPath(corePath);
return;
var type = core.GetType("Bit.Core.Models.Business.UserLicense");
var licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
var license = Activator.CreateInstance(type);
void set(string name, object value)
{
type.GetProperty(name).SetValue(license, value);
} }
Set(type, license, "LicenseKey", String.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key); set("LicenseKey", string.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
Set(type, license, "Id", userId); set("Id", userId);
Set(type, license, "Name", userName); set("Name", userName);
Set(type, license, "Email", email); set("Email", email);
Set(type, license, "Premium", true); set("Premium", true);
Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage); set("MaxStorageGb", storage == 0 ? short.MaxValue : storage);
Set(type, license, "Version", 1); set("Version", 1);
Set(type, license, "Issued", DateTime.UtcNow); set("Issued", DateTime.UtcNow);
Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1)); set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
Set(type, license, "Expires", DateTime.UtcNow.AddYears(100)); set("Expires", DateTime.UtcNow.AddYears(100));
Set(type, license, "Trial", false); set("Trial", false);
Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "User")); set("LicenseType", Enum.Parse(licenseTypeEnum, "User"));
Set(type, license, "Hash", Convert.ToBase64String(((Byte[])computeHash.Invoke(license, []))!));
Set(type, license, "Signature", Convert.ToBase64String((Byte[])sign.Invoke(license, [cert])!));
Console.WriteLine(JsonSerializer.Serialize(license, JsonOptions)); set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
} set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));
private static void GenerateOrgLicense(X509Certificate2 cert, String corePath, String userName, String email, Int16 storage, Guid instalId, String businessName, String key)
{
Assembly core = AssemblyLoadContext.Default.LoadFromAssemblyPath(Path.GetFullPath(corePath));
Type type = core.GetType("Bit.Core.Billing.Organizations.Models.OrganizationLicense");
Type licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
Type planTypeEnum = core.GetType("Bit.Core.Billing.Enums.PlanType");
if (type == null) Console.WriteLine(JsonConvert.SerializeObject(license, Formatting.Indented));
{
Console.WriteLine("Could not find type!");
return;
}
if (licenseTypeEnum == null)
{
Console.WriteLine("Could not find licenseTypeEnum!");
return;
}
if (planTypeEnum == null)
{
Console.WriteLine("Could not find planTypeEnum!");
return;
} }
Object license = Activator.CreateInstance(type); private static void GenerateOrgLicense(X509Certificate2 cert, string corePath, string userName, string email, short storage, Guid instalId, string businessName, string key)
MethodInfo computeHash = type.GetMethod("ComputeHash");
if (computeHash == null)
{ {
Console.WriteLine("Could not find ComputeHash!"); var core = AssemblyLoadContext.Default.LoadFromAssemblyPath(corePath);
return;
var type = core.GetType("Bit.Core.Models.Business.OrganizationLicense");
var licenseTypeEnum = core.GetType("Bit.Core.Enums.LicenseType");
var planTypeEnum = core.GetType("Bit.Core.Billing.Enums.PlanType");
var license = Activator.CreateInstance(type);
void set(string name, object value)
{
type.GetProperty(name).SetValue(license, value);
} }
MethodInfo sign = type.GetMethod("Sign"); set("LicenseKey", string.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key);
if (sign == null) set("InstallationId", instalId);
{ set("Id", Guid.NewGuid());
Console.WriteLine("Could not find sign!"); set("Name", userName);
return; set("BillingEmail", email);
} set("BusinessName", string.IsNullOrWhiteSpace(businessName) ? "BitBetter" : businessName);
set("Enabled", true);
set("Plan", "Enterprise (Annually)");
set("PlanType", Enum.Parse(planTypeEnum, "EnterpriseAnnually"));
set("Seats", int.MaxValue);
set("MaxCollections", short.MaxValue);
set("UsePolicies", true);
set("UseSso", true);
set("UseKeyConnector", true);
set("UseScim", true);
set("UseGroups", true);
set("UseEvents", true);
set("UseDirectory", true);
set("UseTotp", true);
set("Use2fa", true);
set("UseApi", true);
set("UseResetPassword", true);
set("UseCustomPermissions", true);
set("MaxStorageGb", storage == 0 ? short.MaxValue : storage);
set("SelfHost", true);
set("UsersGetPremium", true);
set("UsePasswordManager", true);
set("UseSecretsManager", true);
set("SmSeats", int.MaxValue);
set("SmServiceAccounts", int.MaxValue);
set("Version", 15); //This is set to 15 to use AllowAdminAccessToAllCollectionItems can be changed to 13 to just use Secrets Manager
set("Issued", DateTime.UtcNow);
set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
set("Expires", DateTime.UtcNow.AddYears(100));
set("Trial", false);
set("LicenseType", Enum.Parse(licenseTypeEnum, "Organization"));
set("LimitCollectionCreationDeletion", true); //This will be used in the new version of BitWarden but can be applied now
set("AllowAdminAccessToAllCollectionItems", true);
Set(type, license, "LicenseKey", String.IsNullOrWhiteSpace(key) ? Guid.NewGuid().ToString("n") : key); set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
Set(type, license, "InstallationId", instalId); set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));
Set(type, license, "Id", Guid.NewGuid());
Set(type, license, "Name", userName);
Set(type, license, "BillingEmail", email);
Set(type, license, "BusinessName", String.IsNullOrWhiteSpace(businessName) ? "BitBetter" : businessName);
Set(type, license, "Enabled", true);
Set(type, license, "Plan", "Enterprise (Annually)");
Set(type, license, "PlanType", Enum.Parse(planTypeEnum, "EnterpriseAnnually"));
Set(type, license, "Seats", Int32.MaxValue);
Set(type, license, "MaxCollections", Int16.MaxValue);
Set(type, license, "UsePolicies", true);
Set(type, license, "UseSso", true);
Set(type, license, "UseKeyConnector", true);
Set(type, license, "UseScim", true);
Set(type, license, "UseGroups", true);
Set(type, license, "UseEvents", true);
Set(type, license, "UseDirectory", true);
Set(type, license, "UseTotp", true);
Set(type, license, "Use2fa", true);
Set(type, license, "UseApi", true);
Set(type, license, "UseResetPassword", true);
Set(type, license, "MaxStorageGb", storage == 0 ? Int16.MaxValue : storage);
Set(type, license, "SelfHost", true);
Set(type, license, "UsersGetPremium", true);
Set(type, license, "UseCustomPermissions", true);
Set(type, license, "Version", 16);
Set(type, license, "Issued", DateTime.UtcNow);
Set(type, license, "Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
Set(type, license, "Expires", DateTime.UtcNow.AddYears(100));
Set(type, license, "ExpirationWithoutGracePeriod", DateTime.UtcNow.AddYears(100));
Set(type, license, "UsePasswordManager", true);
Set(type, license, "UseSecretsManager", true);
Set(type, license, "SmSeats", Int32.MaxValue);
Set(type, license, "SmServiceAccounts", Int32.MaxValue);
Set(type, license, "UseRiskInsights", true);
Set(type, license, "LimitCollectionCreationDeletion", true);
Set(type, license, "AllowAdminAccessToAllCollectionItems", true);
Set(type, license, "Trial", false);
Set(type, license, "LicenseType", Enum.Parse(licenseTypeEnum, "Organization"));
Set(type, license, "UseOrganizationDomains", true);
Set(type, license, "UseAdminSponsoredFamilies", true);
Set(type, license, "Hash", Convert.ToBase64String((Byte[])computeHash.Invoke(license, [])!));
Set(type, license, "Signature", Convert.ToBase64String((Byte[])sign.Invoke(license, [cert])!));
Console.WriteLine(JsonSerializer.Serialize(license, JsonOptions)); Console.WriteLine(JsonConvert.SerializeObject(license, Formatting.Indented));
} }
private static void Set(Type type, Object license, String name, Object value)
{
type.GetProperty(name)?.SetValue(license, value);
} }
} }

6
src/licenseGen/build.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/sh
DIR=`dirname "$0"`
DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd`
docker build -t bitbetter/licensegen "$DIR" # --squash

9
src/licenseGen/licenseGen.csproj
View File

@@ -1,10 +1,15 @@
<Project Sdk="Microsoft.NET.Sdk"> <Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup> <PropertyGroup>
<OutputType>Exe</OutputType> <OutputType>Exe</OutputType>
<TargetFramework>net8.0</TargetFramework> <TargetFramework>net8.0</TargetFramework>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="McMaster.Extensions.CommandLineUtils" Version="4.1.1" /> <PackageReference Include="Microsoft.Extensions.CommandLineUtils" Version="1.1.1" />
<PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
<PackageReference Include="SingleFileExtractor.Core" Version="2.3.0" />
<PackageReference Include="System.Runtime.Loader" Version="4.3.0" /> <PackageReference Include="System.Runtime.Loader" Version="4.3.0" />
</ItemGroup> </ItemGroup>
</Project> </Project>

26
src/licenseGen/run.sh Executable file
View File

@@ -0,0 +1,26 @@
#!/bin/sh
DIR=`dirname "$0"`
DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd`
# Grab the absolute path to the default pfx location
cert_path="$DIR/../../.keys/cert.pfx"
if [ "$#" -lt "2" ]; then
echo "USAGE: $0 <ABSOLUTE PATH TO CERT.PFX> <License Gen action> [License Gen args...]"
echo "ACTIONS:"
echo " interactive"
echo " user"
echo " org"
exit 1
fi
cert_path="$1"
action="$2"
shift
if [ $action = "interactive" ]; then
docker run -it --rm -v "$cert_path:/cert.pfx" bitbetter/licensegen "$@"
else
docker run --rm -v "$cert_path:/cert.pfx" bitbetter/licensegen "$@"
fi

85
update-bitwarden.sh Executable file
View File

@@ -0,0 +1,85 @@
#!/bin/bash
ask () {
local __resultVar=$1
local __result="$2"
if [ -z "$2" ]; then
read -p "$3" __result
fi
eval $__resultVar="'$__result'"
}
SCRIPT_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
BW_VERSION=$(curl -sL https://go.btwrdn.co/bw-sh-versions | grep '^ *"'coreVersion'":' | awk -F\: '{ print $2 }' | sed -e 's/,$//' -e 's/^"//' -e 's/"$//')
echo "Starting Bitwarden update, newest server version: $BW_VERSION"
# Default path is the parent directory of the BitBetter location
BITWARDEN_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." >/dev/null 2>&1 && pwd )"
# Get Bitwarden base from user (or keep default value) or use first argument
ask tmpbase "$1" "Enter Bitwarden base directory [$BITWARDEN_BASE]: "
BITWARDEN_BASE=${tmpbase:-$BITWARDEN_BASE}
# Check if directory exists and is valid
[ -d "$BITWARDEN_BASE" ] || { echo "Bitwarden base directory $BITWARDEN_BASE not found!"; exit 1; }
[ -f "$BITWARDEN_BASE/bitwarden.sh" ] || { echo "Bitwarden base directory $BITWARDEN_BASE is not valid!"; exit 1; }
# Check if user wants to recreate the docker-compose override file
RECREATE_OV="y"
ask tmprecreate "$2" "Rebuild docker-compose override? [Y/n]: "
RECREATE_OV=${tmprecreate:-$RECREATE_OV}
if [[ $RECREATE_OV =~ ^[Yy]$ ]]
then
{
echo "services:"
echo " api:"
echo " image: bitbetter/api:$BW_VERSION"
echo " pull_policy: never"
echo ""
echo " identity:"
echo " image: bitbetter/identity:$BW_VERSION"
echo " pull_policy: never"
echo ""
} > $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml
echo "BitBetter docker-compose override created!"
else
echo "Make sure to check if the docker override contains the correct image version ($BW_VERSION) in $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml!"
fi
# Check if user wants to rebuild the bitbetter images
docker images bitbetter/api --format="{{ .Tag }}" | grep -F -- "${BW_VERSION}" > /dev/null
retval=$?
REBUILD_BB="n"
REBUILD_BB_DESCR="[y/N]"
if [ $retval -ne 0 ]; then
REBUILD_BB="y"
REBUILD_BB_DESCR="[Y/n]"
fi
ask tmprebuild "$3" "Rebuild BitBetter images? $REBUILD_BB_DESCR: "
REBUILD_BB=${tmprebuild:-$REBUILD_BB}
if [[ $REBUILD_BB =~ ^[Yy]$ ]]
then
$SCRIPT_BASE/build.sh
echo "BitBetter images updated to version: $BW_VERSION"
fi
# Now start the bitwarden update
cd $BITWARDEN_BASE
./bitwarden.sh updateself
# Update the bitwarden.sh: automatically patch run.sh to fix docker-compose pull errors for private images
sed -i 's/chmod u+x $SCRIPTS_DIR\/run.sh/chmod u+x $SCRIPTS_DIR\/run.sh\n sed -i \x27s\/dccmd pull\/dccmd pull --ignore-pull-failures || true\/g\x27 $SCRIPTS_DIR\/run.sh/g' -i $BITWARDEN_BASE/bitwarden.sh
chmod +x $BITWARDEN_BASE/bitwarden.sh
echo "Patching bitwarden.sh completed..."
./bitwarden.sh update
# Prune Docker images without at least one container associated to them.
echo "Pruning Docker images without at least one container associated to them..."
docker image prune -a
cd $SCRIPT_BASE
echo "Bitwarden update completed!"