Bitwarden - Self-hosted password manager
-
@fbartels yes. But not an image on Docker Hub that I can pull from. Instead I'm building a multistage build that looks a lot like that Dockerfile but with the an LDAP layer and the Cloudron layer.
-
@fbartels well, I guess I didn't look hard enough! (Edit: Looks like the 1.10.0 release was only 2 hours ago. No wonder I missed it.
) It would be good to roll those all into one image with multiple tags, but I can chat with them about that on Matrix.Anyway, adding the multi-stage build wasn't terribly hard and cuts out an extra dependency on that build pipeline, which is probably a good thing for a security sensitive project.
Latest on my master is now fully operational. Working email, working ldap sync, working MySQL.
BIG WARNING! There is no migration path from SQLite to MySQL. You should export your vault to CSV or something and then re-import it after migration.
-
@fbartels well, I guess I didn't look hard enough! (Edit: Looks like the 1.10.0 release was only 2 hours ago. No wonder I missed it.
) It would be good to roll those all into one image with multiple tags, but I can chat with them about that on Matrix.Anyway, adding the multi-stage build wasn't terribly hard and cuts out an extra dependency on that build pipeline, which is probably a good thing for a security sensitive project.
Latest on my master is now fully operational. Working email, working ldap sync, working MySQL.
BIG WARNING! There is no migration path from SQLite to MySQL. You should export your vault to CSV or something and then re-import it after migration.
@iamthefij Maybe the migration scripts by the author work that are mentioned here?
* Start bitwarden_rs with and empty mysql database, so diesel can run migrations and set up the schema properly. Do not do anything else. * Stop bitwarden_rs. * Dump your existing sqlite database: sqlite3 db.sqlite3 .dump > sqlitedump.sql * Drop schema creation and diesel metadata from your dump, leaving only your actual data: grep "INSERT INTO" sqlitedump.sql | grep -v "__diesel_schema_migrations" > mysqldump.sql * Load your MySQL dump: mysql -u bitwarden -p bitwarden < mysqldump.sql * Start bitwarden_rs ĖĖĖ -
@iamthefij Maybe the migration scripts by the author work that are mentioned here?
* Start bitwarden_rs with and empty mysql database, so diesel can run migrations and set up the schema properly. Do not do anything else. * Stop bitwarden_rs. * Dump your existing sqlite database: sqlite3 db.sqlite3 .dump > sqlitedump.sql * Drop schema creation and diesel metadata from your dump, leaving only your actual data: grep "INSERT INTO" sqlitedump.sql | grep -v "__diesel_schema_migrations" > mysqldump.sql * Load your MySQL dump: mysql -u bitwarden -p bitwarden < mysqldump.sql * Start bitwarden_rs ĖĖĖ@necrevistonnezr I saw that. Yea, it's possible to do, but it's not something that I think is worth automating given that it could be a bit finicky.
If someone wants to do this, they are welcome to try using the console.
I'm planning to just export and re-import myself.
-
@necrevistonnezr I saw that. Yea, it's possible to do, but it's not something that I think is worth automating given that it could be a bit finicky.
If someone wants to do this, they are welcome to try using the console.
I'm planning to just export and re-import myself.
@iamthefij but import / export does not work for attachments, right? Or are these somehow migrateable?
-
@iamthefij but import / export does not work for attachments, right? Or are these somehow migrateable?
-
@iamthefij I've used your build with fixed emails and ldap and it installed well however I'm not sure how to get in.
Bitwarden asks for email so I supply email corresponding to my Cloudron login and Cloudron's password but it says username or password is invalid. Can you suggest something?
-
@iamthefij I've used your build with fixed emails and ldap and it installed well however I'm not sure how to get in.
Bitwarden asks for email so I supply email corresponding to my Cloudron login and Cloudron's password but it says username or password is invalid. Can you suggest something?
-
@jimcavoli We will take this up next week since we are working on getting 4.2 out this week. Will follow up with @iamthefij on what the status is.
-
@jimcavoli We will take this up next week since we are working on getting 4.2 out this week. Will follow up with @iamthefij on what the status is.
@girish it should be good to go. My branch is working with MySQL and LDAP.
I've got two working
Dockerfiles. One that compiles the entire project and another that just pulls the binary from the published images on Docker Hub. End result is the same. -
Unfortunately, not this week. The 4.2 release hit some hiccups. Good news is that we are rolling out 4.2 as we speak. So, we should get to this next week.
-
Unfortunately, not this week. The 4.2 release hit some hiccups. Good news is that we are rolling out 4.2 as we speak. So, we should get to this next week.
-
Again, there's trouble with cloudron cli. I tried to login but it gives me the following errors:
cloudron login --allow-selfsigned Cloudron Admin Domain: my.domain.com ERROR (node:51749) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification. [ internal/process/warning.js:27:3 ] ERROR Cloudron my.domain.com not found. Try providing the admin location, probably my.my.domain.com [ /Users/user/.nvm/versions/node/v12.7.0/lib/node_modules/cloudron/src/helper.js:71:29 ]What am I doing wrong?
-
@necrevistonnezr You almost never have to use
--allow-selfsignedDoesmy.domain.comhave the correct cert?@girish Yes, the situation is the same with or without "--allow-selfsigned"
BTW I'm on macOS 10.15 -
@necrevistonnezr Can you try using the CLI on the demo cloudron? Like:
cloudron login my.demo.cloudron.iousername and password is cloudron. you can then build and install there. does that entire flow work?
@girish that gives me the same error but pinging works
bitwardenrs-app on master [!?] via ā¬¢ v12.7.0 ā cloudron login my.cloudron.io ERROR (node:55034) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification. [ internal/process/warning.js:27:3 ] ERROR Cloudron my.cloudron.io not found. Try providing the admin location, probably my.my.cloudron.io [ /Users/kdj/.nvm/versions/node/v12.7.0/lib/node_modules/cloudron/src/helper.js:71:29 ] bitwardenrs-app on master [!?] via ā¬¢ v12.7.0 took 18s ā ping my.cloudron.io PING my.cloudron.io (45.55.2.141): 56 data bytes 64 bytes from 45.55.2.141: icmp_seq=0 ttl=50 time=188.063 ms 64 bytes from 45.55.2.141: icmp_seq=1 ttl=50 time=181.041 ms 64 bytes from 45.55.2.141: icmp_seq=2 ttl=50 time=237.531 ms
