Bitwarden - Self-hosted password manager

will

Devs,
What's keeping bitwarden out of the store? Been running the fbartels version all day with no issues that were not my own fault.
As seemless as any other app that doesn't tie in with Cloudron SSO/LDAP.

girish

@will Mostly, we are just super short on time To release an app, we need to test the package, write docs, write tests, make sure updates work, make sure we understand packaging, all so that we can support it. Cloudron customers also ask us many app related questions so we have to be in a position to (reasonably) answer them.

Of course, we can just publish the app and skip all the above. I understand there is a need to "just publish" and we have a great bunch of early adopters here who will put up with all the above. I just spoke to @nebulon about this, we will get unstable package for bitwarden shortly without any of the above.

iamthefij

@will just a note, I don't believe fbartels version supports a using a dump for backing up the database. This means that if the backup is taken while the db is in a transaction, it could be corrupted.

Bitwarden_rs now supports an admin API for making sqlite backups, but does not have any cron embedded. Similar to the way the LDAP sync tool works, an additional script could be added to periodically make dumps of the sqlite database so that it can be properly backed up.

Instead, the version I have is using MySQL, which leverages the native Cloudron backup and restore functionality.

That and the LDAP invite service are the real differences between the two forks. If you do not wish to use automated LDAP invites on my fork, you can select to opt out when installing. This is covered in the readme.

will

@iamthefij I just havent been able to get yours going using the steps I posted above

iamthefij

@will Which thing is failing? Building still works for me, even if I clear my cache. Make sure you do a git pull though. It looks like your build command is using the single build Dockerfile rather than the multi-phase one.

will

@iamthefij How do I use the multi stage dockerfile?

girish

It seems people are struggling to build. @iamthefij if you have your docker image public, you can just put it here. People can then install it as:

cloudron install --image <image> # run this in the repo directory

No need to build!

iamthefij

@girish good idea. Here's my build: https://hub.docker.com/r/iamthefij/cloudron-app-bitwarden

@will The multi-stage build should be default if you've pulled the latest. Dockerfile should be a symblink to the multi-stage one.

girish

thanks @iamthefij

For those looking to install this:

$ git clone ssh://git@git.cloudron.io:6000/iamthefij/bitwardenrs-app.git
$ cd bitwardenrs-app
$ cloudron install --image iamthefij/cloudron-app-bitwarden:0.3.0

Aaaannd it's running:

After installing, both my users got an invite to join bitwarden. Very cool.

jdaviescoates

@girish any reason not to have this in the app store as unstable? I'm assuming the only thing keeping for being officially released are tests need to be written etc?

yusf

@girish said in Bitwarden - Self-hosted password manager:

After installing, both my users got an invite to join bitwarden

Like, automatically?

girish

@jdaviescoates Yes, tests plus making sure we can actually maintain it in the long run (for example, if everything is pinned properly in the docker file, things like that). Usually, @nebulon and also do a round of manual testing and put some basic docs before putting it in unstable.

@yusf yes, both users got the invite automatically.

jdaviescoates

@girish said in Bitwarden - Self-hosted password manager:

@yusf yes, both users got the invite automatically.

I'm guessing perhaps @yusf was asking because what if you don't want to invite all users automatically?

yusf

@jdaviescoates Namesake reads my mind.

jdaviescoates

@yusf heh, I only just realised Yusf is obviously Yussef which of course is the same as Josef

iamthefij

When installing, uncheck SSO.

yusf

@iamthefij I haven't followed the thread continously but is there a specific reason for emailing all users who are granted access to the app through the SSO?

iamthefij

@yusf Yea, the Readme describe the reasoning.

There is no way to actually do true SSO without breaking the model for Bitwarden. The only thing that we can do is automatically invite users to sign up.

The Bitwarden_rs project doesn't have a way to invite without sending an email as when an SMTP server is configured, it will generate unique invite links for each user.

If you disable SSO, you only disable the auto-invite feature. You will then need to invite yourself via the Admin panel (admin token is echoed in the logs and in /app/data/admin_token). You can then invite anyone else you wish manually.

necrevistonnezr

Is there a reliable way to move from Bitwarden SQLite (fbartels build) to Bitwarden MySQL (iamthefij build) including all attachments?

will

This post is deleted!