mirror of
https://github.com/jakeswenson/BitBetter.git
synced 2023-10-10 13:36:57 +02:00
commit
664b75ac81
1
.keys/Empty.txt
Normal file
1
.keys/Empty.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
Need an empty folder
|
BIN
.keys/cert.cert
BIN
.keys/cert.cert
Binary file not shown.
34
README.md
34
README.md
@ -1,9 +1,12 @@
|
|||||||
# BitBetter
|
# BitBetter
|
||||||
[![CircleCI](https://img.shields.io/circleci/project/github/jakeswenson/BitBetter.svg)](https://circleci.com/gh/jakeswenson/BitBetter/tree/master)
|
|
||||||
|
|
||||||
This project is a tool to modify bitwardens core dll to allow me to self license.
|
This project is a tool to modify bitwardens core dll to allow me to self license.
|
||||||
Beware this does janky IL magic to rewrite the bitwarden core dll and install my self signed certificate.
|
Beware this does janky IL magic to rewrite the bitwarden core dll and install my self signed certificate.
|
||||||
|
|
||||||
|
Yes, there still are quite a few things that need to be fixed. Updates and Organization Buiness Name is hardcoded to Bitbetter, are the first to things to fix.. Better handling of the User-GUID comes to mind too.
|
||||||
|
|
||||||
|
Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/BitBetter
|
||||||
|
|
||||||
## Building
|
## Building
|
||||||
|
|
||||||
To build your own `bitwarden/api` image run
|
To build your own `bitwarden/api` image run
|
||||||
@ -15,25 +18,9 @@ replace anywhere `bitwarden/api` is used with `bitbetter/api` and give it a go.
|
|||||||
|
|
||||||
## Issuing your own licenses
|
## Issuing your own licenses
|
||||||
|
|
||||||
The repo is setup to replace the licesning signing cert in bitwarden.core with my own personal self signed cert (`cert.cert`)
|
The repo is setup to replace the licesning signing cert in bitwarden.core with your own personal self signed cert (`cert.pfx`)
|
||||||
If you want to be able to sign your own licenses obviously you'll have to replace it with your own self signed cert.
|
If you want to be able to sign your own licenses obviously you'll have to replace it with your own self signed cert.
|
||||||
|
|
||||||
you can generate one with openssl like so:
|
|
||||||
```bash
|
|
||||||
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER
|
|
||||||
```
|
|
||||||
|
|
||||||
### Convert your DER certificate to a PEM
|
|
||||||
|
|
||||||
```bash
|
|
||||||
openssl x509 -inform DER -in cert.cert -out cert.pem
|
|
||||||
```
|
|
||||||
|
|
||||||
### Convert your public and private key into a PKCS12/PFX
|
|
||||||
|
|
||||||
```bash
|
|
||||||
openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem
|
|
||||||
```
|
|
||||||
|
|
||||||
### Signing licesnses
|
### Signing licesnses
|
||||||
|
|
||||||
@ -50,11 +37,15 @@ This tool build ontop of the bitbetter/api container image so make sure you've b
|
|||||||
After that you can run the tool using:
|
After that you can run the tool using:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
./src/LicenseGen/run.sh <PATH TO YOUR PFX>
|
cd ~/BitBetter/src/licenseGen
|
||||||
|
./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID"
|
||||||
|
./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server"
|
||||||
```
|
```
|
||||||
|
|
||||||
# Questions (you might have?)
|
# Questions (you might have?)
|
||||||
|
|
||||||
|
I'll work on updates in the next couple weeks, right now, I just wanted something to start with.
|
||||||
|
|
||||||
## But why? Its open source?
|
## But why? Its open source?
|
||||||
|
|
||||||
Yes, bitwarden is great. If I didn't care about it i wouldn't be doing this.
|
Yes, bitwarden is great. If I didn't care about it i wouldn't be doing this.
|
||||||
@ -65,7 +56,6 @@ To host it myself. And maintain it myself. Basically WTH was bitwarden doing tha
|
|||||||
## You should have reached out to bitwarden
|
## You should have reached out to bitwarden
|
||||||
|
|
||||||
Thanks, good idea. And I did. Currently they're not focused on solving this issue - yet.
|
Thanks, good idea. And I did. Currently they're not focused on solving this issue - yet.
|
||||||
To be clear i'm totally happy to give them my money. Offer a perpetual family license, and i'd pay for it.
|
To be clear i'm totally happy to give them my money. Offer a perpetual server license, and i'd pay for it. Let me license the server, period. Allow an orginzation to have Premium for all users.. 500 seats, let the 500 users in the orginzation have the Premium features too.
|
||||||
Offer me a license thats tied to a version, I'll gladly rebuy another when a new version comes out AND i'm ready to upgrade.
|
|
||||||
|
|
||||||
I provided all these suggestions to bitwarden and they told me to wait until next year. Until then there's this.
|
I'm still in the testing/evaluating phase. If I am hosting the server/data, let me license the server, period. How many licenses does one user need to have...
|
||||||
|
95
ReadMeInstall
Normal file
95
ReadMeInstall
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
These are the commands I used (and a few of my notes) for a minimal Debian Stretch install..
|
||||||
|
Software Selection - "SSH server" and 'standard system utilities" only
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt-get install vim vim-doc vim-scripts wget curl git
|
||||||
|
sudo apt-get dist-upgrade
|
||||||
|
sudo reboot
|
||||||
|
|
||||||
|
---The next few lines I setup my server authentication and other misc profile settings you can skip until sudo apt-get
|
||||||
|
|
||||||
|
ssh-keygen
|
||||||
|
|
||||||
|
echo "ssh-rsa AA...1Q== " >> .ssh/authorized_keys
|
||||||
|
|
||||||
|
echo ":set mouse=" >> .vimrc
|
||||||
|
echo "set nocompatible" >> .vimrc
|
||||||
|
|
||||||
|
vi .bashrc
|
||||||
|
|
||||||
|
sudo visudo ---- tom ALL=(ALL) NOPASSWD:ALL
|
||||||
|
|
||||||
|
sudo vi /etc/ssh/sshd_config - Enable 'PermitRootLogin prohibit-password' and 'PasswordAuthentication no'
|
||||||
|
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
|
||||||
|
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
|
||||||
|
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
|
||||||
|
sudo apt update
|
||||||
|
apt-cache policy docker-ce
|
||||||
|
sudo apt install docker-ce
|
||||||
|
sudo systemctl status docker
|
||||||
|
sudo usermod -aG docker ${USER}
|
||||||
|
exit
|
||||||
|
|
||||||
|
id -nG
|
||||||
|
docker version
|
||||||
|
docker info
|
||||||
|
docker run hello-world
|
||||||
|
|
||||||
|
sudo curl -L --fail https://github.com/docker/compose/releases/download/1.23.1/run.sh -o /usr/local/bin/docker-compose
|
||||||
|
sudo chmod +x /usr/local/bin/docker-compose
|
||||||
|
|
||||||
|
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg
|
||||||
|
sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/
|
||||||
|
wget -q https://packages.microsoft.com/config/debian/9/prod.list
|
||||||
|
sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list
|
||||||
|
sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg
|
||||||
|
sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list
|
||||||
|
|
||||||
|
curl -s -o bitwarden.sh https://raw.githubusercontent.com/bitwarden/core/master/scripts/bitwarden.sh && sudo chmod u+x bitwarden.sh
|
||||||
|
./bitwarden.sh install
|
||||||
|
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt-get install dotnet-sdk-2.1
|
||||||
|
|
||||||
|
git clone https://github.com/online-stuff/BitBetter.git
|
||||||
|
|
||||||
|
cd BitBetter/src/licenseGen/
|
||||||
|
dotnet add package Newtonsoft.Json --version 11.0.0
|
||||||
|
|
||||||
|
cd ~/BitBetter/src/bitBetter
|
||||||
|
dotnet add package Newtonsoft.Json --version 11.0.0
|
||||||
|
|
||||||
|
cd ~/BitBetter/.keys
|
||||||
|
rm *
|
||||||
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test
|
||||||
|
openssl x509 -inform DER -in cert.cert -out cert.pem
|
||||||
|
openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test
|
||||||
|
|
||||||
|
|
||||||
|
cd ~/BitBetter
|
||||||
|
./build.sh
|
||||||
|
|
||||||
|
cd src/licenseGen/
|
||||||
|
./build.sh
|
||||||
|
|
||||||
|
cd ~
|
||||||
|
|
||||||
|
vi ~/bwdata/docker/docker-compose.yml - Change image: bitwarden/api:1.26.0 to image: bitbetter/api
|
||||||
|
vi ~/bwdata/env/global.override.env - Enter mail__smtp relay settings
|
||||||
|
vi ~/bwdata/scripts/run.sh - function restart() { dockerComposePull to #dockerComposePull
|
||||||
|
|
||||||
|
./bitwarden start
|
||||||
|
|
||||||
|
----Server should be up and running.. Create a user account
|
||||||
|
|
||||||
|
cd ~/BitBetter/src/licenseGen/
|
||||||
|
./build.sh
|
||||||
|
./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID"
|
||||||
|
Get User-GUID from the admin portal of the BitWarden server
|
||||||
|
|
||||||
|
./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server from bitwarden.com/host"
|
@ -7,7 +7,6 @@ RUN dotnet /bitBetter/bitBetter.dll && \
|
|||||||
echo "modified dll" && \
|
echo "modified dll" && \
|
||||||
mv /app/Core.dll /app/Core.orig.dll && \
|
mv /app/Core.dll /app/Core.orig.dll && \
|
||||||
mv /app/modified.dll /app/Core.dll && \
|
mv /app/modified.dll /app/Core.dll && \
|
||||||
cp -f /app/Core.dll /jobs/Core.dll && \
|
|
||||||
echo "replaced dll" && \
|
echo "replaced dll" && \
|
||||||
rm -rf /bitBetter && rm -rf /newLicensing.cer && \
|
rm -rf /bitBetter && rm -rf /newLicensing.cer && \
|
||||||
echo "cleaned up"
|
echo "cleaned up"
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.IO;
|
using System.IO;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Runtime.Loader;
|
using System.Runtime.Loader;
|
||||||
@ -165,8 +165,8 @@ namespace bitwardenSelfLicensor
|
|||||||
set("Premium", true);
|
set("Premium", true);
|
||||||
set("Version", 1);
|
set("Version", 1);
|
||||||
set("Issued", DateTime.UtcNow);
|
set("Issued", DateTime.UtcNow);
|
||||||
set("Refresh", DateTime.UtcNow.AddYears(1).AddMonths(-1));
|
set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
|
||||||
set("Expires", DateTime.UtcNow.AddYears(1));
|
set("Expires", DateTime.UtcNow.AddYears(100));
|
||||||
set("Trial", false);
|
set("Trial", false);
|
||||||
|
|
||||||
set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
|
set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
|
||||||
@ -196,19 +196,22 @@ namespace bitwardenSelfLicensor
|
|||||||
set("BillingEmail", email);
|
set("BillingEmail", email);
|
||||||
set("BusinessName", "BitBetter");
|
set("BusinessName", "BitBetter");
|
||||||
set("Enabled", true);
|
set("Enabled", true);
|
||||||
set("Seats", (short)5);
|
set("Plan", "Custom");
|
||||||
|
set("PlanType", (byte)6);
|
||||||
|
set("Seats", (short)32767);
|
||||||
set("MaxCollections", short.MaxValue);
|
set("MaxCollections", short.MaxValue);
|
||||||
set("MaxStorageGb", short.MaxValue);
|
|
||||||
set("SelfHost", true);
|
|
||||||
set("UseGroups", true);
|
set("UseGroups", true);
|
||||||
|
set("UseEvents", true);
|
||||||
set("UseDirectory", true);
|
set("UseDirectory", true);
|
||||||
set("UseTotp", true);
|
set("UseTotp", true);
|
||||||
set("PlanType", (byte)6);
|
set("Use2fa", true);
|
||||||
set("Plan", "Custom");
|
set("MaxStorageGb", short.MaxValue);
|
||||||
set("Version", 1);
|
set("SelfHost", true);
|
||||||
|
set("UsersGetPremium", true);
|
||||||
|
set("Version", 4);
|
||||||
set("Issued", DateTime.UtcNow);
|
set("Issued", DateTime.UtcNow);
|
||||||
set("Refresh", DateTime.UtcNow.AddYears(1).AddMonths(-1));
|
set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
|
||||||
set("Expires", DateTime.UtcNow.AddYears(1));
|
set("Expires", DateTime.UtcNow.AddYears(100));
|
||||||
set("Trial", false);
|
set("Trial", false);
|
||||||
|
|
||||||
set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
|
set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
|
||||||
|
Loading…
Reference in New Issue
Block a user