frodovdr
/
BitBetter
mirror of https://github.com/jakeswenson/BitBetter.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Make Sso available in org license (#73) 

* Exclude cert.cert from git

* Use latest release of bitwarden as base image (#67, #66)

* Add a script which simplifies Bitwarden updates

* fix typo

* Add UseApi

* Updated version, created update section

* Workaround for docker-compose --ignore-pull-failures bugs (4377 and 7127)

* use version from docker script

* check if bitbetter images are outdated

* Make Sso available in org license

Add `UseSso` var and enable

* Update README.md

Co-authored-by: Christoph Haas <christoph.h@sprinternet.at>
Co-authored-by: Lework <kuailemy123@163.com>
Co-authored-by: Captainhook <ec14018@qmul.ac.uk>
This commit is contained in:
captainhook 2020-09-10 19:36:44 +00:00 committed by GitHub
parent 6527ac8362
commit 7d8f0b1082
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 93 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -13,6 +13,7 @@ Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/B
+ [Dependencies](#dependencies)
+ [Setting up BitBetter](#setting-up-bitbetter)
+ [Building BitBetter](#building-bitbetter)
+ [Updating Bitwarden and BitBetter](#updating-bitwarden-and-bitbetter)
+ [Generating Signed Licenses](#generating-signed-licenses)
2. [FAQ](#faq-questions-you-might-have-)
3. [Footnotes](#footnotes)
@ -23,7 +24,7 @@ The following instructions are for unix-based systems (Linux, BSD, macOS), it is
## Dependencies
Aside from docker, which you also need for Bitwarden, BitBetter requires the following:
* Bitwarden (tested with 1.33.0, might work on lower versions)
* Bitwarden (tested with 1.37.0, might work on lower versions)
* openssl (probably already installed on most Linux or WSL systems, any version should work)
## Setting up BitBetter
@ -78,6 +79,10 @@ openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:te
---
## Updating Bitwarden and BitBetter
To update Bitwarden, the provided `update-bitwarden.sh` script can be used. It will rebuild the BitBetter images and automatically update Bitwarden afterwards. Docker pull errors can be ignored for api and identity images.
## Generating Signed Licenses
There is a tool included in the directory `src/licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps.

11
build.sh
View File

@ -2,6 +2,9 @@
DIR=`dirname "$0"`
DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd`
BW_VERSION="$(curl --silent https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh | grep 'COREVERSION="' | sed 's/^[^"]*"//; s/".*//')"
echo "Building BitBetter for BitWarden version $BW_VERSION"
# If there aren't any keys, generate them first.
[ -e "$DIR/.keys/cert.cert" ] || "$DIR/.keys/generate-keys.sh"
@ -12,7 +15,11 @@ cp "$DIR/.keys/cert.cert" "$DIR/src/bitBetter/.keys"
docker run --rm -v "$DIR/src/bitBetter:/bitBetter" -w=/bitBetter mcr.microsoft.com/dotnet/core/sdk:3.1 sh build.sh
docker build --build-arg BITWARDEN_TAG=bitwarden/api -t bitbetter/api "$DIR/src/bitBetter" # --squash
docker build --build-arg BITWARDEN_TAG=bitwarden/identity -t bitbetter/identity "$DIR/src/bitBetter" # --squash
docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/api:$BW_VERSION -t bitbetter/api "$DIR/src/bitBetter" # --squash
docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/identity:$BW_VERSION -t bitbetter/identity "$DIR/src/bitBetter" # --squash
docker tag bitbetter/api bitbetter/api:latest
docker tag bitbetter/identity bitbetter/identity:latest
docker tag bitbetter/api bitbetter/api:$BW_VERSION
docker tag bitbetter/identity bitbetter/identity:$BW_VERSION

4
src/bitBetter/Program.cs
View File

@ -51,10 +51,10 @@ namespace bitwardenSelfLicensor
var existingCert = new X509Certificate2(x.GetResourceData());
Console.WriteLine($"Existing Cert Thumbprin: {existingCert.Thumbprint}");
Console.WriteLine($"Existing Cert Thumbprint: {existingCert.Thumbprint}");
X509Certificate2 certificate = new X509Certificate2(cert);
Console.WriteLine($"New cert Thumbprint: {certificate.Thumbprint}");
Console.WriteLine($"New Cert Thumbprint: {certificate.Thumbprint}");
var ctor = licensingType.GetConstructors().Single();

4
src/licenseGen/Program.cs
View File

@ -359,6 +359,7 @@ namespace bitwardenSelfLicensor
set("Seats", (short)32767);
set("MaxCollections", short.MaxValue);
set("UsePolicies", true);
set("UseSso", true);
set("UseGroups", true);
set("UseEvents", true);
set("UseDirectory", true);
@ -367,11 +368,12 @@ namespace bitwardenSelfLicensor
set("MaxStorageGb", short.MaxValue);
set("SelfHost", true);
set("UsersGetPremium", true);
set("Version", 5);
set("Version", 6);
set("Issued", DateTime.UtcNow);
set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1));
set("Expires", DateTime.UtcNow.AddYears(100));
set("Trial", false);
set("UseApi", true);
set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0])));
set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert })));

73
update-bitwarden.sh Executable file
View File

@ -0,0 +1,73 @@
#!/bin/bash
SCRIPT_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
BW_VERSION="$(curl --silent https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh | grep 'COREVERSION="' | sed 's/^[^"]*"//; s/".*//')"
echo "Starting Bitwarden update, newest server version: $BW_VERSION"
# Default path is the parent directory of the BitBetter location
BITWARDEN_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." >/dev/null 2>&1 && pwd )"
# Get Bitwarden base from user (or keep default value)
read -p "Enter Bitwarden base directory [$BITWARDEN_BASE]: " tmpbase
BITWARDEN_BASE=${tmpbase:-$BITWARDEN_BASE}
# Check if directory exists and is valid
[ -d "$BITWARDEN_BASE" ] || { echo "Bitwarden base directory $BITWARDEN_BASE not found!"; exit 1; }
[ -f "$BITWARDEN_BASE/bitwarden.sh" ] || { echo "Bitwarden base directory $BITWARDEN_BASE is not valid!"; exit 1; }
# Check if user wants to recreate the docker-compose override file
RECREATE_OV="y"
read -p "Rebuild docker-compose override? [Y/n]: " tmprecreate
RECREATE_OV=${tmprecreate:-$RECREATE_OV}
if [[ $RECREATE_OV =~ ^[Yy]$ ]]
then
{
echo "version: '3'"
echo ""
echo "services:"
echo " api:"
echo " image: bitbetter/api:$BW_VERSION"
echo ""
echo " identity:"
echo " image: bitbetter/identity:$BW_VERSION"
echo ""
} > $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml
echo "BitBetter docker-compose override created!"
else
echo "Make sure to check if the docker override contains the correct image version ($BW_VERSION) in $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml!"
fi
# Check if user wants to rebuild the bitbetter images
docker images bitbetter/api --format="{{ .Tag }}" | grep -F -- "${BW_VERSION}" > /dev/null
retval=$?
REBUILD_BB="n"
REBUILD_BB_DESCR="[y/N]"
if [ $retval -ne 0 ]; then
REBUILD_BB="y"
REBUILD_BB_DESCR="[Y/n]"
fi
read -p "Rebuild BitBetter images? $REBUILD_BB_DESCR: " tmprebuild
REBUILD_BB=${tmprebuild:-$REBUILD_BB}
if [[ $REBUILD_BB =~ ^[Yy]$ ]]
then
./build.sh
echo "BitBetter images updated to version: $BW_VERSION"
fi
# Now start the bitwarden update
cd $BITWARDEN_BASE
./bitwarden.sh updateself
# Update the bitwarden.sh: automatically patch run.sh to fix docker-compose pull errors for private images
awk '1;/function downloadRunFile/{c=6}c&&!--c{print "sed -i '\''s/docker-compose pull/docker-compose pull --ignore-pull-failures || true/g'\'' $SCRIPTS_DIR/run.sh"}' $BITWARDEN_BASE/bitwarden.sh > tmp_bw.sh && mv tmp_bw.sh $BITWARDEN_BASE/bitwarden.sh
chmod +x $BITWARDEN_BASE/bitwarden.sh
echo "Patching bitwarden.sh completed..."
./bitwarden.sh update
cd $SCRIPT_BASE
echo "Bitwarden update completed!"