-
Notifications
You must be signed in to change notification settings - Fork 107
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Added a Key Generating script To make the keygen process a bit easier I've added a `generate-keys.sh` script that can be found in the `.keys` directory. It will generate the key & cert and bundle them into the required pkcs#12 file automatically when running the build script if none already exist. * Generate bitbetter/identiry container with modified Core.dll Added the generation of a second modified container, bitbetter/identity, which contains the modified dll. Fixes #12. This works on my testing environment but has not gone through extensive testing. I'd recommend a review and cleanup of this commit before it is merged into the develop or master branches.
- Loading branch information
1 parent
5f85d83
commit 15371c3
Showing
8 changed files
with
158 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
#!/bin/sh | ||
|
||
# Check for openssl | ||
command -v openssl >/dev/null 2>&1 || { echo >&2 "openssl required but not found. Aborting."; exit 1; } | ||
|
||
# Remove any existing key files | ||
[ ! -e cert.pem ] || rm cert.pem | ||
[ ! -e key.pem ] || rm key.pem | ||
[ ! -e cert.cert ] || rm cert.cert | ||
[ ! -e cert.pfx ] || rm cert.pfx | ||
|
||
# Generate new keys | ||
openssl req -x509 -newkey rsa:4096 -keyout .keys/key.pem -out .keys/cert.cert -days 36500 -subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' -outform DER -passout pass:test | ||
openssl x509 -inform DER -in .keys/cert.cert -out .keys/cert.pem | ||
openssl pkcs12 -export -out .keys/cert.pfx -inkey .keys/key.pem -in .keys/cert.pem -passin pass:test -passout pass:test | ||
|
||
ls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
These are the commands I used (and a few of my notes) for a minimal Debian Stretch install.. | ||
Software Selection - "SSH server" and 'standard system utilities" only | ||
|
||
|
||
|
||
sudo apt-get update | ||
sudo apt-get install vim vim-doc vim-scripts wget curl git | ||
sudo apt-get dist-upgrade | ||
sudo reboot | ||
|
||
---The next few lines I setup my server authentication and other misc profile settings you can skip until sudo apt-get | ||
|
||
ssh-keygen | ||
|
||
echo "ssh-rsa AA...1Q== " >> .ssh/authorized_keys | ||
|
||
echo ":set mouse=" >> .vimrc | ||
echo "set nocompatible" >> .vimrc | ||
|
||
vi .bashrc | ||
|
||
sudo visudo ---- tom ALL=(ALL) NOPASSWD:ALL | ||
|
||
sudo vi /etc/ssh/sshd_config - Enable 'PermitRootLogin prohibit-password' and 'PasswordAuthentication no' | ||
|
||
sudo apt-get update | ||
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common | ||
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - | ||
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | ||
sudo apt update | ||
apt-cache policy docker-ce | ||
sudo apt install docker-ce | ||
sudo systemctl status docker | ||
sudo usermod -aG docker ${USER} | ||
exit | ||
|
||
id -nG | ||
docker version | ||
docker info | ||
docker run hello-world | ||
|
||
sudo curl -L --fail https://github.com/docker/compose/releases/download/1.23.1/run.sh -o /usr/local/bin/docker-compose | ||
sudo chmod +x /usr/local/bin/docker-compose | ||
|
||
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg | ||
sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/ | ||
wget -q https://packages.microsoft.com/config/debian/9/prod.list | ||
sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list | ||
sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg | ||
sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list | ||
|
||
curl -s -o bitwarden.sh https://raw.githubusercontent.com/bitwarden/core/master/scripts/bitwarden.sh && sudo chmod u+x bitwarden.sh | ||
./bitwarden.sh install | ||
|
||
sudo apt-get update | ||
sudo apt-get install dotnet-sdk-2.1 | ||
|
||
git clone https://github.com/online-stuff/BitBetter.git | ||
|
||
cd BitBetter/src/licenseGen/ | ||
dotnet add package Newtonsoft.Json --version 11.0.0 | ||
|
||
cd ~/BitBetter/src/bitBetter | ||
dotnet add package Newtonsoft.Json --version 11.0.0 | ||
|
||
cd ~/BitBetter/.keys | ||
rm * | ||
|
||
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.cert -days 36500 -outform DER -passout pass:test | ||
openssl x509 -inform DER -in cert.cert -out cert.pem | ||
openssl pkcs12 -export -out cert.pfx -inkey key.pem -in cert.pem -passin pass:test -passout pass:test | ||
|
||
|
||
cd ~/BitBetter | ||
./build.sh | ||
|
||
cd src/licenseGen/ | ||
./build.sh | ||
|
||
cd ~ | ||
|
||
vi ~/bwdata/docker/docker-compose.yml - Change image: bitwarden/api:1.26.0 to image: bitbetter/api and image: bitwarden/identity:x.xx.x to image: bitbetter/identity | ||
vi ~/bwdata/env/global.override.env - Enter mail__smtp relay settings | ||
vi ~/bwdata/scripts/run.sh - function restart() { dockerComposePull to #dockerComposePull | ||
|
||
./bitwarden start | ||
|
||
----Server should be up and running.. Create a user account | ||
|
||
cd ~/BitBetter/src/licenseGen/ | ||
./build.sh | ||
./run.sh ~/BitBetter/.keys/cert.pfx user "Name" "EMail" "User-GUID" | ||
Get User-GUID from the admin portal of the BitWarden server | ||
|
||
./run.sh ~/BitBetter/.keys/cert.pfx org "Name" "EMail" "Install-ID used to install the server from bitwarden.com/host" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,23 @@ | ||
#!/bin/bash | ||
|
||
mkdir ./src/bitBetter/.keys | ||
# If there aren't any keys, generate them first. | ||
[ -e ./keys/cert.cert] || ./.keys/generate-keys.sh | ||
|
||
cp .keys/cert.cert ./src/bitBetter/.keys | ||
[ -e ./source/bitBetter/api/.keys ] || mkdir ./src/bitBetter/api/.keys | ||
[ -e ./source/bitBetter/identity/.keys ] || mkdir ./src/bitBetter/identity/.keys | ||
cp .keys/cert.cert ./src/bitBetter/api/.keys | ||
cp .keys/cert.cert ./src/bitBetter/identity/.keys | ||
|
||
cd ./src/bitBetter | ||
|
||
dotnet restore | ||
dotnet publish | ||
|
||
cp -r bin/ api/ | ||
cp -r bin/ identity/ | ||
|
||
cd ./api | ||
docker build --pull . -t bitbetter/api # --squash | ||
|
||
cd ../identity | ||
docker build --pull . -t bitbetter/identity # --squash |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
FROM bitwarden/identity | ||
|
||
COPY bin/Debug/netcoreapp2.0/publish/* /bitBetter/ | ||
COPY ./.keys/cert.cert /newLicensing.cer | ||
|
||
RUN dotnet /bitBetter/bitBetter.dll && \ | ||
echo "modified dll" && \ | ||
mv /app/Core.dll /app/Core.orig.dll && \ | ||
mv /app/modified.dll /app/Core.dll && \ | ||
echo "replaced dll" && \ | ||
rm -rf /bitBetter && rm -rf /newLicensing.cer && \ | ||
echo "cleaned up" |