From a55480d25eadef20bb369e1eb6026f1d4d75f249 Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Mon, 8 Jun 2020 09:09:58 +0200 Subject: [PATCH 1/8] Use latest release of bitwarden as base image (#67, #66) --- build.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/build.sh b/build.sh index b80efb5..f62dc81 100755 --- a/build.sh +++ b/build.sh @@ -2,6 +2,9 @@ DIR=`dirname "$0"` DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd` +BW_VERSION="$(curl --silent "https://api.github.com/repos/bitwarden/server/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')" + +echo "Building BitBetter for BitWarden version $BW_VERSION" # If there aren't any keys, generate them first. [ -e "$DIR/.keys/cert.cert" ] || "$DIR/.keys/generate-keys.sh" @@ -12,7 +15,11 @@ cp "$DIR/.keys/cert.cert" "$DIR/src/bitBetter/.keys" docker run --rm -v "$DIR/src/bitBetter:/bitBetter" -w=/bitBetter mcr.microsoft.com/dotnet/core/sdk:3.1 sh build.sh -docker build --build-arg BITWARDEN_TAG=bitwarden/api -t bitbetter/api "$DIR/src/bitBetter" # --squash -docker build --build-arg BITWARDEN_TAG=bitwarden/identity -t bitbetter/identity "$DIR/src/bitBetter" # --squash +docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/api:$BW_VERSION -t bitbetter/api "$DIR/src/bitBetter" # --squash +docker build --no-cache --build-arg BITWARDEN_TAG=bitwarden/identity:$BW_VERSION -t bitbetter/identity "$DIR/src/bitBetter" # --squash +docker tag bitbetter/api bitbetter/api:latest +docker tag bitbetter/identity bitbetter/identity:latest +docker tag bitbetter/api bitbetter/api:$BW_VERSION +docker tag bitbetter/identity bitbetter/identity:$BW_VERSION From 779e344389f32814736a5e60f063349cca67f79d Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Mon, 8 Jun 2020 10:27:27 +0200 Subject: [PATCH 2/8] Add a script which simplifies Bitwarden updates --- README.md | 1 + update-bitwarden.sh | 66 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100755 update-bitwarden.sh diff --git a/README.md b/README.md index b7fcb18..fba73a9 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,7 @@ You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `func You can now start or restart Bitwarden as normal and the modified api will be used. **It is now ready to accept self-issued licenses.** +To update Bitwarden, the provided `update-bitwarden.sh` script can be used. It will rebuild the BitBetter images and automatically update Bitwarden afterwards. Docker pull errors can be ignored for api and identity images. --- ### Note: Manually generating Certificate & Key diff --git a/update-bitwarden.sh b/update-bitwarden.sh new file mode 100755 index 0000000..26f9d10 --- /dev/null +++ b/update-bitwarden.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +SCRIPT_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +BW_VERSION="$(curl --silent "https://api.github.com/repos/bitwarden/server/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')" + +echo "Starting Bitwarden update, newest server version: $BW_VERSION" + +# Default path is the parent directory of the BitBetter location +BITWARDEN_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." >/dev/null 2>&1 && pwd )" + +# Get Bitwarden base from user (or keep default value) +read -p "Enter Bitwarden base directory [$BITWARDEN_BASE]: " tmpbase +BITWARDEN_BASE=${tmpbase:-$BITWARDEN_BASE} + +# Check if directory exists and is valid +[ -d "$BITWARDEN_BASE" ] || { echo "Bitwarden base directory $BITWARDEN_BASE not found!"; exit 1; } +[ -f "$BITWARDEN_BASE/bitwarden.sh" ] || { echo "Bitwarden base directory $BITWARDEN_BASE is not valid!"; exit 1; } + +# Check if user wants to recreate the docker-compose override file +RECREATE_OV="y" +read -p "Rebuild docker-compose override? [Y/n]: " tmprecreate +RECREATE_OV=${tmprecreate:-$RECREATE_OV} + +if [[ $RECREATE_OV =~ ^[Yy]$ ]] +then + { + echo "version: '3'" + echo "" + echo "services:" + echo " api:" + echo " image: bitbetter/api:$BW_VERSION" + echo "" + echo " identity:" + echo " image: bitbetter/identity:$BW_VERSION" + echo "" + } > $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml + echo "BitBetter docker-compose override created!" +else + echo "Make sure to check if the docker override contains the correct image version ($BW_VERSION) in $BITWARDEN_BASE/bwdata/docker/docker-compose.override.yml!" +fi + +# Check if user wants to rebuild the bitbetter images +REBUILD_BB="n" +read -p "Rebuild BitBetter images? [y/N]: " tmprebuild +REBUILD_BB=${tmprebuild:-$REBUILD_BB} + +if [[ $REBUILD_BB =~ ^[Yy]$ ]] +then + ./build.sh + echo "BitBetter images updated to version: $BW_VERSION" +fi + +# Now start the bitwarden update +cd $BITWARDEN_BASE + +./bitwarden.sh updateself + +# Update the bitwarden.sh: automatically patch run.sh to fix docker-compose pull errors for private images +awk '1;/function downloadRunFile/{c=6}c&&!--c{print "sed -i '\''s/docker-compose pull/docker-compose pull --ignore-pull-failures/g'\'' $SCRIPTS_DIR/run.sh"}' $BITWARDEN_BASE/bitwarden.sh > tmp_bw.sh && mv tmp_bw.sh $BITWARDEN_BASE/bitwarden.sh +chmod +x $BITWARDEN_BASE/bitwarden.sh +echo "Patching bitwarden.sh completed..." + +./bitwarden.sh update + +cd $SCRIPT_BASE +echo "Bitwarden update completed!" From 88fea5582261a349e3a78ee7e97ab5f926c33611 Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Mon, 8 Jun 2020 10:27:40 +0200 Subject: [PATCH 3/8] fix typo --- src/bitBetter/Program.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/bitBetter/Program.cs b/src/bitBetter/Program.cs index 1c5747d..0c7b93e 100644 --- a/src/bitBetter/Program.cs +++ b/src/bitBetter/Program.cs @@ -51,10 +51,10 @@ namespace bitwardenSelfLicensor var existingCert = new X509Certificate2(x.GetResourceData()); - Console.WriteLine($"Existing Cert Thumbprin: {existingCert.Thumbprint}"); + Console.WriteLine($"Existing Cert Thumbprint: {existingCert.Thumbprint}"); X509Certificate2 certificate = new X509Certificate2(cert); - Console.WriteLine($"New cert Thumbprint: {certificate.Thumbprint}"); + Console.WriteLine($"New Cert Thumbprint: {certificate.Thumbprint}"); var ctor = licensingType.GetConstructors().Single(); From d3306d856ceaf92c1d6cddd574b3bdbf2e9c4954 Mon Sep 17 00:00:00 2001 From: Lework Date: Tue, 9 Jun 2020 15:40:26 +0800 Subject: [PATCH 4/8] Add UseApi --- src/licenseGen/Program.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/licenseGen/Program.cs b/src/licenseGen/Program.cs index da0ed54..510d8a3 100644 --- a/src/licenseGen/Program.cs +++ b/src/licenseGen/Program.cs @@ -372,6 +372,7 @@ namespace bitwardenSelfLicensor set("Refresh", DateTime.UtcNow.AddYears(100).AddMonths(-1)); set("Expires", DateTime.UtcNow.AddYears(100)); set("Trial", false); + set("UseApi", true); set("Hash", Convert.ToBase64String((byte[])type.GetMethod("ComputeHash").Invoke(license, new object[0]))); set("Signature", Convert.ToBase64String((byte[])type.GetMethod("Sign").Invoke(license, new object[] { cert }))); From a50041dead8d7cf48947c8d1c38018c9357f5172 Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Thu, 11 Jun 2020 09:29:51 +0200 Subject: [PATCH 5/8] Updated version, created update section --- README.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index fba73a9..fef1ef7 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Credit to https://github.com/h44z/BitBetter and https://github.com/jakeswenson/B + [Dependencies](#dependencies) + [Setting up BitBetter](#setting-up-bitbetter) + [Building BitBetter](#building-bitbetter) + + [Updating Bitwarden and BitBetter](#updating-bitwarden-and-bitbetter) + [Generating Signed Licenses](#generating-signed-licenses) 2. [FAQ](#faq-questions-you-might-have-) 3. [Footnotes](#footnotes) @@ -23,7 +24,7 @@ The following instructions are for unix-based systems (Linux, BSD, macOS), it is ## Dependencies Aside from docker, which you also need for Bitwarden, BitBetter requires the following: -* Bitwarden (tested with 1.33.0, might work on lower versions) +* Bitwarden (tested with 1.34.0, might work on lower versions) * openssl (probably already installed on most Linux or WSL systems, any version should work) ## Setting up BitBetter @@ -63,7 +64,6 @@ You'll also want to edit the `/path/to/bwdata/scripts/run.sh` file. In the `func You can now start or restart Bitwarden as normal and the modified api will be used. **It is now ready to accept self-issued licenses.** -To update Bitwarden, the provided `update-bitwarden.sh` script can be used. It will rebuild the BitBetter images and automatically update Bitwarden afterwards. Docker pull errors can be ignored for api and identity images. --- ### Note: Manually generating Certificate & Key @@ -79,6 +79,10 @@ openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:te --- +## Updating Bitwarden and BitBetter + +To update Bitwarden, the provided `update-bitwarden.sh` script can be used. It will rebuild the BitBetter images and automatically update Bitwarden afterwards. Docker pull errors can be ignored for api and identity images. + ## Generating Signed Licenses There is a tool included in the directory `src/licenseGen/` that will generate new individual and organization licenses. These licenses will be accepted by the modified Bitwarden because they will be signed by the certificate you generated in earlier steps. From 8d5f03a12a04847d23024265ccaa32b7fe072b1a Mon Sep 17 00:00:00 2001 From: h44z Date: Fri, 26 Jun 2020 09:50:00 +0200 Subject: [PATCH 6/8] Workaround for docker-compose --ignore-pull-failures bugs (4377 and 7127) --- update-bitwarden.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update-bitwarden.sh b/update-bitwarden.sh index 26f9d10..1443fed 100755 --- a/update-bitwarden.sh +++ b/update-bitwarden.sh @@ -56,7 +56,7 @@ cd $BITWARDEN_BASE ./bitwarden.sh updateself # Update the bitwarden.sh: automatically patch run.sh to fix docker-compose pull errors for private images -awk '1;/function downloadRunFile/{c=6}c&&!--c{print "sed -i '\''s/docker-compose pull/docker-compose pull --ignore-pull-failures/g'\'' $SCRIPTS_DIR/run.sh"}' $BITWARDEN_BASE/bitwarden.sh > tmp_bw.sh && mv tmp_bw.sh $BITWARDEN_BASE/bitwarden.sh +awk '1;/function downloadRunFile/{c=6}c&&!--c{print "sed -i '\''s/docker-compose pull/docker-compose pull --ignore-pull-failures || true/g'\'' $SCRIPTS_DIR/run.sh"}' $BITWARDEN_BASE/bitwarden.sh > tmp_bw.sh && mv tmp_bw.sh $BITWARDEN_BASE/bitwarden.sh chmod +x $BITWARDEN_BASE/bitwarden.sh echo "Patching bitwarden.sh completed..." From 9ddef3cb1997f0ef80a56e1f2fd4eac86f69c40e Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Mon, 29 Jun 2020 08:42:32 +0200 Subject: [PATCH 7/8] use version from docker script --- build.sh | 2 +- update-bitwarden.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build.sh b/build.sh index f62dc81..c1a6bc8 100755 --- a/build.sh +++ b/build.sh @@ -2,7 +2,7 @@ DIR=`dirname "$0"` DIR=`exec 2>/dev/null;(cd -- "$DIR") && cd -- "$DIR"|| cd "$DIR"; unset PWD; /usr/bin/pwd || /bin/pwd || pwd` -BW_VERSION="$(curl --silent "https://api.github.com/repos/bitwarden/server/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')" +BW_VERSION="$(curl --silent https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh | grep 'COREVERSION="' | sed 's/^[^"]*"//; s/".*//')" echo "Building BitBetter for BitWarden version $BW_VERSION" diff --git a/update-bitwarden.sh b/update-bitwarden.sh index 1443fed..4819fe9 100755 --- a/update-bitwarden.sh +++ b/update-bitwarden.sh @@ -1,7 +1,7 @@ #!/bin/bash SCRIPT_BASE="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -BW_VERSION="$(curl --silent "https://api.github.com/repos/bitwarden/server/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')" +BW_VERSION="$(curl --silent https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh | grep 'COREVERSION="' | sed 's/^[^"]*"//; s/".*//')" echo "Starting Bitwarden update, newest server version: $BW_VERSION" From 37ca45957045643ce7422bcec7e6dc4152e86e00 Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Mon, 29 Jun 2020 09:11:03 +0200 Subject: [PATCH 8/8] check if bitbetter images are outdated --- update-bitwarden.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/update-bitwarden.sh b/update-bitwarden.sh index 4819fe9..a7a9f6f 100755 --- a/update-bitwarden.sh +++ b/update-bitwarden.sh @@ -40,8 +40,15 @@ else fi # Check if user wants to rebuild the bitbetter images +docker images bitbetter/api --format="{{ .Tag }}" | grep -F -- "${BW_VERSION}" > /dev/null +retval=$? REBUILD_BB="n" -read -p "Rebuild BitBetter images? [y/N]: " tmprebuild +REBUILD_BB_DESCR="[y/N]" +if [ $retval -ne 0 ]; then + REBUILD_BB="y" + REBUILD_BB_DESCR="[Y/n]" +fi +read -p "Rebuild BitBetter images? $REBUILD_BB_DESCR: " tmprebuild REBUILD_BB=${tmprebuild:-$REBUILD_BB} if [[ $REBUILD_BB =~ ^[Yy]$ ]]