diff --git a/.keys/Empty.txt b/.keys/Empty.txt new file mode 100644 index 0000000..031e408 --- /dev/null +++ b/.keys/Empty.txt @@ -0,0 +1 @@ +Need an empty folder diff --git a/.keys/cert.cert b/.keys/cert.cert deleted file mode 100644 index 740465b..0000000 Binary files a/.keys/cert.cert and /dev/null differ diff --git a/README.md b/README.md index 525d9f7..346749e 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,12 @@ # BitBetter -[![CircleCI](https://img.shields.io/circleci/project/github/jakeswenson/BitBetter.svg)](https://circleci.com/gh/jakeswenson/BitBetter/tree/master) This project is a tool to modify bitwardens core dll to allow me to self license. Beware this does janky IL magic to rewrite the bitwarden core dll and install my self signed certificate. +Yes, there still are quite a few things that need to be fixed. Updates and Organization Buiness Name is hardcoded to Bitbetter, are the first to things to fix.. Better handling of the User-GUID comes to mind too. + +Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter + ## Building To build your own `bitwarden/api` image run @@ -15,25 +18,9 @@ replace anywhere `bitwarden/api` is used with `bitbetter/api` and give it a go. ## Issuing your own licenses -The repo is setup to replace the licesning signing cert in bitwarden.core with my own personal self signed cert (`cert.cert`) +The repo is setup to replace the licesning signing cert in bitwarden.core with your own personal self signed cert (`cert.pfx`) If you want to be able to sign your own licenses obviously you'll have to replace it with your own self signed cert. -you can generate one with openssl like so: -```bash -openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -``` - -### Convert your DER certificate to a PEM - -```bash -openssl x509 -inform DER -in cert.cert -out cert.pem -``` - -### Convert your public and private key into a PKCS12/PFX - -```bash -openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -``` ### Signing licesnses @@ -50,11 +37,15 @@ This tool build ontop of the bitbetter/api container image so make sure you've b After that you can run the tool using: ```bash -./src/LicenseGen/run.sh +cd ~/BitBetter/src/licenseGen +./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID" +./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server" ``` # Questions (you might have?) +I'll work on updates in the next couple weeks, right now, I just wanted something to start with. + ## But why? Its open source? Yes, bitwarden is great. If I didn't care about it i wouldn't be doing this. @@ -65,7 +56,6 @@ To host it myself. And maintain it myself. Basically WTH was bitwarden doing tha ## You should have reached out to bitwarden Thanks, good idea. And I did. Currently they're not focused on solving this issue - yet. -To be clear i'm totally happy to give them my money. Offer a perpetual family license, and i'd pay for it. -Offer me a license thats tied to a version, I'll gladly rebuy another when a new version comes out AND i'm ready to upgrade. +To be clear i'm totally happy to give them my money. Offer a perpetual server license, and i'd pay for it. Let me license the server, period. Allow an orginzation to have Premium for all users.. 500 seats, let the 500 users in the orginzation have the Premium features too. -I provided all these suggestions to bitwarden and they told me to wait until next year. Until then there's this. +I'm still in the testing/evaluating phase. If I am hosting the server/data, let me license the server, period. How many licenses does one user need to have... diff --git a/ReadMeInstall b/ReadMeInstall new file mode 100644 index 0000000..ff8b2c1 --- /dev/null +++ b/ReadMeInstall @@ -0,0 +1,95 @@ +These are the commands I used (and a few of my notes) for a minimal Debian Stretch install.. +Software Selection - "SSH server" and 'standard system utilities" only + + + +sudo apt-get update +sudo apt-get install vim vim-doc vim-scripts wget curl git +sudo apt-get dist-upgrade +sudo reboot + +---The next few lines I setup my server authentication and other misc profile settings you can skip until sudo apt-get + +ssh-keygen + +echo "ssh-rsa AA...1Q== " >> .ssh/authorized_keys + +echo ":set mouse=" >> .vimrc +echo "set nocompatible" >> .vimrc + +vi .bashrc + +sudo visudo ---- tom ALL=(ALL) NOPASSWD:ALL + +sudo vi /etc/ssh/sshd_config - Enable 'PermitRootLogin prohibit-password' and 'PasswordAuthentication no' + +sudo apt-get update +sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common +curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - +sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" +sudo apt update +apt-cache policy docker-ce +sudo apt install docker-ce +sudo systemctl status docker +sudo usermod -aG docker ${USER} +exit + +id -nG +docker version +docker info +docker run hello-world + +sudo curl -L --fail https://github.com/docker/compose/releases/download/1.23.1/run.sh -o /usr/local/bin/docker-compose +sudo chmod +x /usr/local/bin/docker-compose + +wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg +sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/ +wget -q https://packages.microsoft.com/config/debian/9/prod.list +sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list +sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg +sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list + +curl -s -o bitwarden.sh https://raw.githubusercontent.com/bitwarden/core/master/scripts/bitwarden.sh && sudo chmod u+x bitwarden.sh +./bitwarden.sh install + +sudo apt-get update +sudo apt-get install dotnet-sdk-2.1 + +git clone https://github.com/online-stuff/BitBetter.git + +cd BitBetter/src/licenseGen/ +dotnet add package Newtonsoft.Json --version 11.0.0 + +cd ~/BitBetter/src/bitBetter +dotnet add package Newtonsoft.Json --version 11.0.0 + +cd ~/BitBetter/.keys +rm * + +openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test +openssl x509 -inform DER -in cert.cert -out cert.pem +openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test + + +cd ~/BitBetter +./build.sh + +cd src/licenseGen/ +./build.sh + +cd ~ + +vi ~/bwdata/docker/docker-compose.yml - Change image: bitwarden/api:1.26.0 to image: bitbetter/api +vi ~/bwdata/env/global.override.env - Enter mail__smtp relay settings +vi ~/bwdata/scripts/run.sh - function restart() { dockerComposePull to #dockerComposePull + +./bitwarden start + +----Server should be up and running.. Create a user account + +cd ~/BitBetter/src/licenseGen/ +./build.sh +./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID" + Get User-GUID from the admin portal of the BitWarden server + +./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server from bitwarden.com/host" diff --git a/src/bitBetter/Dockerfile b/src/bitBetter/Dockerfile index 8c0a695..b59756d 100644 --- a/src/bitBetter/Dockerfile +++ b/src/bitBetter/Dockerfile @@ -7,7 +7,6 @@ RUN dotnet /bitBetter/bitBetter.dll && \ echo "modified dll" && \ mv /app/Core.dll /app/Core.orig.dll && \ mv /app/modified.dll /app/Core.dll && \ - cp -f /app/Core.dll /jobs/Core.dll && \ echo "replaced dll" && \ rm -rf /bitBetter && rm -rf /newLicensing.cer && \ - echo "cleaned up" \ No newline at end of file + echo "cleaned up" diff --git a/src/licenseGen/Program.cs b/src/licenseGen/Program.cs index 57e3e14..8e0e667 100644 --- a/src/licenseGen/Program.cs +++ b/src/licenseGen/Program.cs @@ -1,4 +1,4 @@ -using System; +using System; using System.IO; using System.Linq; using System.Runtime.Loader; @@ -165,8 +165,8 @@ namespace bitwardenSelfLicensor set("Premium", true); set("Version", 1); set("Issued", DateTime.UtcNow); - set("Refresh", DateTime.UtcNow.AddYears(1).AddMonths(-1)); - set("Expires", DateTime.UtcNow.AddYears(1)); + set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1)); + set("Expires", DateTime.UtcNow.AddYears(100)); set("Trial", false); set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0]))); @@ -196,19 +196,22 @@ namespace bitwardenSelfLicensor set("BillingEmail", email); set("BusinessName", "BitBetter"); set("Enabled", true); - set("Seats", (short)5); + set("Plan", "Custom"); + set("PlanType", (byte)6); + set("Seats", (short)32767); set("MaxCollections", short.MaxValue); - set("MaxStorageGb", short.MaxValue); - set("SelfHost", true); set("UseGroups", true); + set("UseEvents", true); set("UseDirectory", true); set("UseTotp", true); - set("PlanType", (byte)6); - set("Plan", "Custom"); - set("Version", 1); + set("Use2fa", true); + set("MaxStorageGb", short.MaxValue); + set("SelfHost", true); + set("UsersGetPremium", true); + set("Version", 4); set("Issued", DateTime.UtcNow); - set("Refresh", DateTime.UtcNow.AddYears(1).AddMonths(-1)); - set("Expires", DateTime.UtcNow.AddYears(1)); + set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1)); + set("Expires", DateTime.UtcNow.AddYears(100)); set("Trial", false); set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));