Bitwarden_rs
-
I managed to migrate from my current bitwarden instance (BW OLD) to the cloudron app (BW NEW) as follows:
- Disable 2-Factor Authentification for BW OLD (this is important!). I also removed "Organizations" in Bitwarden, I don't know if that's important, too.
- Open the terminal for BW OLD, go to
app/data/
- Zip your attachments:
zip -r attachments.zip attachments/
- Dump your existing sqlite database:
sqlite3 db.sqlite3 .dump > sqlitedump.sql
- Drop schema creation and metadata from your dump, leaving only your actual data:
grep "INSERT INTO" sqlitedump.sql | grep -v "__diesel_schema_migrations" > mysqldump.sql
- Still in the terminal view, hit the "Download" button (top right), enter the path to the attachments and the SQL dump (
app/data/attachments.zip
andapp/data/mysqldump.sql
) and download them. - Open the terminal for BW NEW, go to
app/data/
. - Still in the terminal view, hit the "Upload to /tmp" button (top right), upload the previously downloaded attachments.zip and mysqldump.sql
- Move uploaded files to data folder:
mv /tmp/attachments.zip /app/data/
andmv /tmp/mysqldump.sql /app/data/
- Unzip your attachments:
unzip attachments.zip
andrm attachments.zip
11.Import SQL Dump:mysql --user=${CLOUDRON_MYSQL_USERNAME} --password=${CLOUDRON_MYSQL_PASSWORD} --host=${CLOUDRON_MYSQL_HOST} ${CLOUDRON_MYSQL_DATABASE} < mysqldump.sql
(Enter like that, don't replace the variables with your username or password) - Hit "Restart"
You can now login with your Bitwarden credentials. All passwords and the attachments shoud be there.
-
I looked into self hosting a Bitwarden instance myself a few months ago, but decided to wait for Cloudron to implement it. Excited to see it land!
I have a couple of questions about the differences between this version and the 'standard' self-hosted one from Bitwarden itself. For one, normally the user has to provide an an installation key upon set-up which doesn't seem to be the case here.
And it seems as though this version has access to premium and organisation features that users normally have to pay for, even while self-hosting.How does this implementation get around these? Is it possible the instance will break eventually or slowly fork away from the official Bitwarden server?
-
@apatheticatitude This already is a fork away from the official Bitwarden app. Bitwarden_RS is a fork of Bitwarden, written in Rust and allows for the premium features by simply removing parts of the code that would otherwise require a key / license. Any app that’s fully open source, one can technically remove any requirements to pay for it through modification to the code.
-
@necrevistonnezr That’s fantastic! Very detailed. Glad you were able to make that work.
-
@d19dotca said in Bitwarden_rs:
This already is a fork away from the official Bitwarden app
That is not quite right. A fork implies that at some point in time bitwarden_rs and the official server shared the same code, but have diverged since then. (And at at least one side won't include that changes of the other)
Bitwarden_rs is an implementation of a backend component that exposes the exact same API towards the frontend.
Some parts that require payment in the official server have been made available in _rs anyways. Other less heavily used parts are even missing.
@apatheticatitude said in Bitwarden_rs:
Is it possible the instance will break eventually
Possibly. All it takes is larger or unexpected change in the API. So far the bitwarden developer has been friendly towards third party implementations however.
-
@fbartels Ah yes, I guess technically "fork" wasn't really the right word there. The point I was trying to make is the same though... the source we are using for this app in Cloudron is already not the original/official Bitwarden server project to begin with.
-
@d19dotca Yeah, I actually want to make the unofficial part a bit more clearer in our app description or maybe even our post install that Bitwarden. Also want to make sure that if paid features are being used, people take up a subscription with the upstream author. My understanding is that the main project is also a small indie company.
-
@yusf I guess it depends on what features you're referring to. Bitwarden_rs and the official Bitwarden clients (mobile apps, browser extensions, etc.) all support TOTP token storage and file storage, for example, which are both considered premium features (the $10/year if using official vault.bitwarden.com account). Any particular feature you're referring to?
-
@yusf It works with organization in the sense that items shared in an organization will show up and you can add new items to an existing organization. One limitation though in the mobile app is that you can’t create an organization, you have to do that in the web app. That’s a general Bitwarden limitation though, not Bitwarden_rs specifically.
Screenshot below shows the test item I created in a test org, and has a share icon next to it to signify its from a shared organization.
Screenshot below shows how to assign to an org. The org I have is called test. The scribbled out option is the personal account. Test is the org.
-
If a user signs up on my bitwarden instance, the email invite is not sent. Neither if I add a user to an organisation.
config.env looks like this:
# Export bitwarden rs environment variables here to ovveride the defaults export SIGNUPS_ALLOWED=true export INVITATIONS_ALLOWED=true # To only allow users with the same email domain as where the app is installed: # export SIGNUPS_DOMAINS_WHITELIST=ckfl.net #export LOG_LEVEL=debug
Or is there a way to manually approve a user?
-
That should be working. Check your outbound mail settings and logs to see if it is stuck somewhere?
-
Indeed, the mail - relayed via sendgrid - was blocked by the recipient email provider mailbox.org:
554 5.7.1 Service unavailable; Client host [167.89.24.164] blocked by RBL; Blocked - see https://www.spamcop.net/bl.shtml?167.89.24.
-
Strange that sendgrid got RBLed...but that's going to be something they will need to straighten out.
-
@doodlemania2 said in Bitwarden_rs:
Strange that sendgrid got RBLed...but that's going to be something they will need to straighten out.
What's troubling IMHO that you don't get any notice on such rejected mails in the sender's mail account. You have to manually check https://app.sendgrid.com/suppressions/blocks
-
Yup - that's a sendgrid thing - they do that to help keep spam down, but you may have to pay or something to get the reputation filters up or something?
-
So I am curious how bitwarden is working for folks?