Bitwarden_rs
-
@nebulon So butwarden RS is probably going to need more documentation than normal. So recommended parts:
- Go into detail on proper setup, invites, env configs, etc...
- Explain the admin panel and how to secure it (change the pw, proper settings, etc...)
- Recommend encrypting Cloudron backups due to them now containing the keys to the castle.
- Perhaps recommend offline backups for password database and how that would happen.
Its not a whole lot, but any of those details not configured properly could screw somebody hard, leaving vulnerable, or locked out of their passwords.
AWESOME work guys, I've been waiting on this one for a long time and it works better than expected!
-
This is awesome and much awaited, thanks!
Quick question: if I've been using the self-build version of the Bitwarden_rs app for a while, are there easy upgrade instructions to switch over to the official App Store version now?
-
@thetomester13 Export your passwords delete the self built bitwarden, install the Cloudron version, make an account, configure to your liking, import your exported password list.
-
@will said in Bitwarden_rs:
@thetomester13 Export your passwords delete the self built bitwarden, install the Cloudron version, make an account, configure to your liking, import your exported password list.
That doesnโt work for attachments...
-
@necrevistonnezr ouch
-
@will In addition to what @necrevistonnezr mentioned, it also doesn't necessarily help in cases where we're hosting passwords for friends or family. As in that case we'd have to walk them all through it step by step individually (at least for those who aren't super tech savvy anyways), so it'd definitely be awesome if we could find a proper migration path so that users don't really need to do anything.
-
@d19dotca Agreed, however, I wouldnt be using self built builds for friends and family. Unstable/Beta builds are for testing a feedback, not production use.
Every moment the devs spend supporting beta builds are moments they could be spending working on the next big thing. -
@will That's why my example is "friends and family" not "paying customers". I don't think anyone is asking Cloudron devs alone to support beta builds. In fact, it really doesn't matter what the source is in this case, as long as it's the same app (Bitwarden_rs). For example, what would be the case if I had been hosting my own Bitwarden_rs app (as I did two years ago or so before I started using Cloudron) and then eventually wanted to migrate to the Cloudron-version of the app because I started using Cloudron?
It's a valid question to ask for some assistance from all the keen Bitwarden users who are in this thread and likely some in similar situations, some more tech-savvy than others who can maybe try to put together a bit of a guide, much like I did for WordPress migrations from other servers to Cloudron.
-
@will I'm not currently running it for anyone at this moment. I did a year two back before ever using Cloudron and then started to use the Bitwarden build from @iamthefij when I was teaching myself how to deploy custom apps to Cloudron which worked for me at the time, but I definitely didn't trust myself as I was still new with Cloudron so never used it in any production level. haha.
I'm just making a point that there are some valid use-cases where it'd be great to have a migration guide from anybody who's got a lot of experience with Bitwarden_RS already, regardless of where the source is located because not all sources are going to be beta builds on Cloudron. And at the app level (not even Cloudron) simply exporting a json file isn't enough for those who have attachments nor is that process really user-friendly for those who aren't very computer savvy (I'm thinking my mom for example, I'd love to be hosting her passwords and fully plan on doing it, but what if I need to eventually migrate the instance? How do I make it so that there's no impact to her and I take all the load instead?), so a guide would be great if anyone's come across one or already been pushing through a similar situation that can share some insights.
It's likely more an app-related question than a Cloudron question for sure, but there are many keen Bitwarden admins on here who may already have the experience to share some insight with how to migrate bitwarden_rs instances.
If I can do this myself, I'll be happy to write up a guide. Maybe I'll make this a project in a week or two. I assume we'll need to just identify the critical files that hold all that info and replace the ones in our Cloudron instances with them in the /app/data directory (so it's not overwritten).
-
There's some discussions here: https://github.com/dani-garcia/bitwarden_rs/issues/497#issuecomment-511827057
-
A simple export from the earlier bitwardn app (courtesy of @fbartels) and import into this app did not work for me:
Apr 24 09:41:40 172.18.0.1 - - [24/Apr/2020:07:41:40 +0000] "GET /healthcheck HTTP/1.1" 200 173 "-" "Mozilla (CloudronHealth)" Apr 24 09:41:43 [2020-04-24 07:41:43][request][INFO] POST /api/ciphers/import Apr 24 09:41:43 [2020-04-24 07:41:43][response][INFO] POST /api/ciphers/import (post_ciphers_import) => 400 Bad Request Apr 24 09:41:43 172.18.0.1 - - [24/Apr/2020:07:41:43 +0000] "POST /api/ciphers/import HTTP/1.1" 400 1521 "https://bit.domain.tld/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:76.0) Gecko/20100101 Firefox/76.0" Apr 24 09:41:50 172.18.0.1 - - [24/Apr/2020:07:41:50 +0000] "GET /healthcheck HTTP/1.1" 200 173 "-" "Mozilla (CloudronHealth)"
-
@d19dotca said in Bitwarden_rs:
@iamthefij Yes, I agree. Though the attachments aren't in the sqlite DB itself, are they? I assume there's a directory we need to bring over too.
In both cases, attachments are located in
app/data/attachments
with unique identifiers as filenames. I don't know if those UIDs remain the same after an export/import (which currenlty fails, see above) -
@necrevistonnezr I had similar (the same?) errors and ended up exporting portions of the db and importing said portions, like only the As, then the Bs, etc. Then the importing worked.
-
I managed to migrate from my current bitwarden instance (BW OLD) to the cloudron app (BW NEW) as follows:
- Disable 2-Factor Authentification for BW OLD (this is important!). I also removed "Organizations" in Bitwarden, I don't know if that's important, too.
- Open the terminal for BW OLD, go to
app/data/
- Zip your attachments:
zip -r attachments.zip attachments/
- Dump your existing sqlite database:
sqlite3 db.sqlite3 .dump > sqlitedump.sql
- Drop schema creation and metadata from your dump, leaving only your actual data:
grep "INSERT INTO" sqlitedump.sql | grep -v "__diesel_schema_migrations" > mysqldump.sql
- Still in the terminal view, hit the "Download" button (top right), enter the path to the attachments and the SQL dump (
app/data/attachments.zip
andapp/data/mysqldump.sql
) and download them. - Open the terminal for BW NEW, go to
app/data/
. - Still in the terminal view, hit the "Upload to /tmp" button (top right), upload the previously downloaded attachments.zip and mysqldump.sql
- Move uploaded files to data folder:
mv /tmp/attachments.zip /app/data/
andmv /tmp/mysqldump.sql /app/data/
- Unzip your attachments:
unzip attachments.zip
andrm attachments.zip
11.Import SQL Dump:mysql --user=${CLOUDRON_MYSQL_USERNAME} --password=${CLOUDRON_MYSQL_PASSWORD} --host=${CLOUDRON_MYSQL_HOST} ${CLOUDRON_MYSQL_DATABASE} < mysqldump.sql
(Enter like that, don't replace the variables with your username or password) - Hit "Restart"
You can now login with your Bitwarden credentials. All passwords and the attachments shoud be there.