Bitbetter identity Core.dll (#14)

* Added a Key Generating script To make the keygen process a bit easier I've added a `generate-keys.sh` script that can be found in the `.keys` directory. It will generate the key & cert and bundle them into the required pkcs#12 file automatically when running the build script if none already exist. * Generate bitbetter/identiry container with modified Core.dll Added the generation of a second modified container, bitbetter/identity, which contains the modified dll. Fixes #12. This works on my testing environment but has not gone through extensive testing. I'd recommend a review and cleanup of this commit before it is merged into the develop or master branches.
2023-10-10 13:36:57 +02:00 · 2019-05-25 18:12:10 -04:00 · 2019-05-25 18:12:10 -04:00 · 15371c362c
commit 15371c362c
parent 5f85d83e45
8 changed files with 166 additions and 24 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -10,6 +10,9 @@ jobs:
          command: date
      - setup_remote_docker
      - run: { name: 'Get docker', command: 'curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh' }
+      - run:
+          name: Generate Keys
+          command: ./.keys/generate-keys.sh
      - run:
          name: Build script
          command: ./build.sh
--- a/.keys/Empty.txt
+++ b/.keys/Empty.txt
@ -1 +0,0 @@
-Need an empty folder
--- a/.keys/generate-keys.sh
+++ b/.keys/generate-keys.sh
@ -0,0 +1,17 @@
+#!/bin/sh
+
+# Check for openssl
+command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found.  Aborting."; exit 1; }
+
+# Remove any existing key files
+[ ! -e cert.pem ]  || rm cert.pem
+[ ! -e key.pem ]   || rm key.pem
+[ ! -e cert.cert ] || rm cert.cert
+[ ! -e cert.pfx ]  || rm cert.pfx
+
+# Generate new keys
+openssl	req -x509 -newkey rsa:4096 -keyout .keys/key.pem -out .keys/cert.cert -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US'  -outform DER -passout pass:test
+openssl x509 -inform DER -in .keys/cert.cert -out .keys/cert.pem
+openssl pkcs12 -export -out .keys/cert.pfx -inkey .keys/key.pem -in .keys/cert.pem -passin pass:test -passout pass:test
+
+ls
--- a/README.md
+++ b/README.md
@ -40,8 +40,33 @@ dotnet add package Newtonsoft.Json --version 11.0.0
 cd ../bitBetter
 dotnet add package Newtonsoft.Json --version 11.0.0 
 ```
+## Building BitBetter

-Next, we need to generate the self-signed certificate we will use to sign any licenses we generate.
+Now that you've set up your build environment, you can run the main `BitBetter/build.sh` script to generate a modified version of the `bitwarden/api` and `bitwarden/identity` docker images.
+
+From the BitBetter directory, simply run:
+```bash
+./build.sh
+```
+
+This will create a new self-signed certificate in the `.keys` directory one does not already exist and then create a modified version of the official `bitwarden/api` called `bitbetter/api` and a modified version of the `bitwarden/identity` called `bitbetter/identity`. You may now simply edit your bitwarden docker-compose.yml to utilize the modified image.
+
+Edit your  `/path/to/bwdata/docker/docker-compose.yml`.
+
+> Replace `image: bitwarden/api:x.xx.x`<br>with `image: bitbetter/api`
+
+> Replace `image: bitwarden/identity:x.xx.x`<br>with `image: bitbetter/identity`
+
+You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `function restart()` block, comment out the call to `dockerComposePull`.
+
+> Replace `dockerComposePull`<br>with `#dockerComposePull`
+
+You can now start or restart Bitwarden as normal and the modified api will be used. <b>It is now ready to accept self-issued licenses.</b>
+
+---
+**Note: Manually generating Certificate & Key**
+
+If you wish to generate your self-signed cert & key manually, you can run the following commands.

 ```bash
 openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
@ -51,26 +76,7 @@ openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:te

 Note that the password here must be `test`.<sup>[1](#f1)</sup>

-## Building BitBetter
-
-Now that you've generated your own own self-signed certificate, you can run the main `BitBetter/build.sh` script to generate a modified version of the `bitwarden/api` docker image.
-
-From the BitBetter directory, simply run:
-```bash
-./build.sh
-```
-
-This will create a modified version of the official `bitwarden/api` called `bitbetter/api`. You may now simply edit your bitwarden docker-compose.yml to utilize the modified image.
-
-Edit your  `/path/to/bwdata/docker/docker-compose.yml`.
-
-> Replace `image: bitwarden/api:x.xx.x`<br>with `image: bitbetter/api`
-
-You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `function restart()` block, comment out the call to `dockerComposePull`.
-
-> Replace `dockerComposePull`<br>with `#dockerComposePull`
-
-You can now start or restart Bitwarden as normal and the modified api will be used. <b>It is now ready to accept self-issued licenses.</b>
+---

 ## Generating Signed Licenses

--- a/95
+++ b/95
@ -0,0 +1,95 @@
+These are the commands I used (and a few of my notes) for a minimal Debian Stretch install..
+Software Selection - "SSH server" and 'standard system utilities" only
+
+
+
+sudo apt-get update
+sudo apt-get install vim vim-doc vim-scripts wget curl git
+sudo apt-get dist-upgrade
+sudo reboot
+
+---The next few lines I setup my server authentication and other misc profile settings you can skip until sudo apt-get
+
+ssh-keygen
+
+echo "ssh-rsa AA...1Q== " >>  .ssh/authorized_keys
+
+echo ":set mouse=" >> .vimrc
+echo "set nocompatible" >> .vimrc
+
+vi .bashrc
+
+sudo visudo  ---- tom ALL=(ALL) NOPASSWD:ALL
+
+sudo vi /etc/ssh/sshd_config  -  Enable 'PermitRootLogin prohibit-password' and 'PasswordAuthentication no'
+
+sudo apt-get update
+sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
+curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
+sudo apt update
+apt-cache policy docker-ce
+sudo apt install docker-ce
+sudo systemctl status docker
+sudo usermod -aG docker ${USER}
+exit
+
+id -nG
+docker version
+docker info
+docker run hello-world
+
+sudo curl -L --fail https://github.com/docker/compose/releases/download/1.23.1/run.sh -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose
+
+wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg
+sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/
+wget -q https://packages.microsoft.com/config/debian/9/prod.list
+sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list
+sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg
+sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list
+
+curl -s -o bitwarden.sh https://raw.githubusercontent.com/bitwarden/core/master/scripts/bitwarden.sh && sudo chmod u+x bitwarden.sh
+./bitwarden.sh install
+
+sudo apt-get update
+sudo apt-get install dotnet-sdk-2.1
+
+git clone https://github.com/online-stuff/BitBetter.git
+
+cd BitBetter/src/licenseGen/
+dotnet add package Newtonsoft.Json --version 11.0.0 
+
+cd ~/BitBetter/src/bitBetter
+dotnet add package Newtonsoft.Json --version 11.0.0 
+
+cd ~/BitBetter/.keys
+rm *
+
+openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
+openssl x509 -inform DER -in cert.cert -out cert.pem
+openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
+
+
+cd ~/BitBetter
+./build.sh
+
+cd src/licenseGen/
+./build.sh
+
+cd ~
+
+vi ~/bwdata/docker/docker-compose.yml   -  Change image: bitwarden/api:1.26.0 to image: bitbetter/api and image: bitwarden/identity:x.xx.x to image: bitbetter/identity
+vi ~/bwdata/env/global.override.env    -  Enter mail__smtp relay settings
+vi ~/bwdata/scripts/run.sh   -   function restart() {   dockerComposePull to  #dockerComposePull
+
+./bitwarden start
+
+----Server should be up and running..  Create a user account
+
+cd ~/BitBetter/src/licenseGen/
+./build.sh
+./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID"
+	Get User-GUID from the admin portal of the BitWarden server
+
+./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server from bitwarden.com/host"
--- a/build.sh
+++ b/build.sh
@ -1,13 +1,23 @@
 #!/bin/bash

-mkdir ./src/bitBetter/.keys
+# If there aren't any keys, generate them first.
+[ -e ./keys/cert.cert] || ./.keys/generate-keys.sh

-cp .keys/cert.cert ./src/bitBetter/.keys
+[ -e ./source/bitBetter/api/.keys ]  || mkdir ./src/bitBetter/api/.keys
+[ -e ./source/bitBetter/identity/.keys ]  || mkdir ./src/bitBetter/identity/.keys
+cp .keys/cert.cert ./src/bitBetter/api/.keys
+cp .keys/cert.cert ./src/bitBetter/identity/.keys

 cd ./src/bitBetter

 dotnet restore
 dotnet publish

+cp -r bin/ api/
+cp -r bin/ identity/
+
+cd ./api
 docker build --pull . -t bitbetter/api # --squash

+cd ../identity
+docker build --pull . -t bitbetter/identity # --squash
--- a/src/bitBetter/api/Dockerfile
+++ b/src/bitBetter/api/Dockerfile
--- a/src/bitBetter/identity/Dockerfile
+++ b/src/bitBetter/identity/Dockerfile
@ -0,0 +1,12 @@
+FROM bitwarden/identity
+
+COPY bin/Debug/netcoreapp2.0/publish/* /bitBetter/
+COPY ./.keys/cert.cert /newLicensing.cer
+
+RUN dotnet /bitBetter/bitBetter.dll && \
+    echo "modified dll" && \
+    mv /app/Core.dll /app/Core.orig.dll && \
+    mv /app/modified.dll /app/Core.dll && \
+    echo "replaced dll" && \
+    rm -rf /bitBetter && rm -rf /newLicensing.cer && \
+    echo "cleaned up"