...
 
Commits (4)
......@@ -11,6 +11,7 @@
"addons": {
"ldap": {},
"localstorage": {},
"mysql": {},
"scheduler": {
"ldap_sync": {
"schedule": "*/5 * * * *",
......
# FROM "bitwardenrs/server:1.9.1" as bitwarden
FROM "vividboarder/bitwarden_rs:mail-auth-over-insecure" as bitwarden
FROM "vividboarder/bitwarden_rs_ldap:alpine" as bitwarden_ldap
FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
ENV ROCKET_ENV "staging"
ENV ROCKET_PORT=3000
ENV ROCKET_WORKERS=10
ENV DATA_FOLDER=/app/data
ENV CONFIG_FILE=/app/data/config.json
ENV SIGNUPS_ALLOWED=false
ENV INVITATIONS_ALLOWED=true
ENV WEBSOCKET_ENABLED=true
RUN mkdir -p /app/data
VOLUME /app/data
EXPOSE 80
EXPOSE 3012
# configure apache
RUN rm /etc/apache2/sites-enabled/*
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
RUN a2disconf other-vhosts-access-log
COPY apache.conf /etc/apache2/sites-enabled/bitwarden.conf
RUN a2enmod ldap authnz_ldap proxy proxy_http proxy_wstunnel rewrite
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
COPY --from=bitwarden /web-vault /app/code/web-vault
COPY --from=bitwarden /bitwarden_rs /app/code/
COPY --from=bitwarden /Rocket.toml /app/code/
# Copy ldap sync utility
COPY --from=bitwarden_ldap /usr/local/bin/bitwarden_rs_ldap /app/code/
ENV RUST_BACKTRACE=1
# configure supervisor
ADD supervisor/ /etc/supervisor/conf.d/
RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf
WORKDIR /app/code
COPY start.sh /app/code/start.sh
COPY ldap_sync.sh /app/code/ldap_sync.sh
COPY ldap_config.template.toml /app/code/ldap_config.template.toml
CMD [ "/app/code/start.sh" ]
Dockerfile.multi-stage
\ No newline at end of file
......@@ -40,6 +40,10 @@ FROM "vividboarder/bitwarden_rs_ldap:alpine" as bitwarden_ldap
FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
RUN apt-get update && apt-get install -y \
--no-install-recommends libmariadbclient-dev \
&& rm -fr /var/lib/apt/lists/*
ENV ROCKET_ENV "staging"
ENV ROCKET_PORT=3000
ENV ROCKET_WORKERS=10
......@@ -69,6 +73,10 @@ COPY --from=build /src/Rocket.toml /app/code/
COPY --from=bitwarden_ldap /usr/local/bin/bitwarden_rs_ldap /app/code/
ENV RUST_BACKTRACE=1
# configure supervisor
ADD supervisor/ /etc/supervisor/conf.d/
RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf
WORKDIR /app/code
COPY start.sh /app/code/start.sh
COPY ldap_sync.sh /app/code/ldap_sync.sh
......
# FROM "bitwardenrs/server:1.9.1" as bitwarden
FROM "vividboarder/bitwarden_rs:mail-auth-over-insecure" as bitwarden
FROM "vividboarder/bitwarden_rs_ldap:alpine" as bitwarden_ldap
FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
ENV ROCKET_ENV "staging"
ENV ROCKET_PORT=3000
ENV ROCKET_WORKERS=10
ENV DATA_FOLDER=/app/data
ENV CONFIG_FILE=/app/data/config.json
ENV SIGNUPS_ALLOWED=false
ENV INVITATIONS_ALLOWED=true
ENV WEBSOCKET_ENABLED=true
RUN mkdir -p /app/data
VOLUME /app/data
EXPOSE 80
EXPOSE 3012
# configure apache
RUN rm /etc/apache2/sites-enabled/*
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
RUN a2disconf other-vhosts-access-log
COPY apache.conf /etc/apache2/sites-enabled/bitwarden.conf
RUN a2enmod ldap authnz_ldap proxy proxy_http proxy_wstunnel rewrite
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
COPY --from=bitwarden /web-vault /app/code/web-vault
COPY --from=bitwarden /bitwarden_rs /app/code/
COPY --from=bitwarden /Rocket.toml /app/code/
# Copy ldap sync utility
COPY --from=bitwarden_ldap /usr/local/bin/bitwarden_rs_ldap /app/code/
ENV RUST_BACKTRACE=1
# configure supervisor
ADD supervisor/ /etc/supervisor/conf.d/
RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf
WORKDIR /app/code
COPY start.sh /app/code/start.sh
COPY ldap_sync.sh /app/code/ldap_sync.sh
COPY ldap_config.template.toml /app/code/ldap_config.template.toml
CMD [ "/app/code/start.sh" ]
......@@ -3,12 +3,13 @@ set -e
export ADMIN_TOKEN=$(cat /app/data/admin_token)
echo "=> Generate LDAP config"
# Generate ldap sync config from template
sed -e "s/##LDAP_SERVER/${LDAP_SERVER}/"\
-e "s/##LDAP_PORT/${LDAP_PORT}/"\
-e "s/##LDAP_USERS_BASE_DN/${LDAP_USERS_BASE_DN}/"\
-e "s/##LDAP_BIND_DN/${LDAP_BIND_DN}/"\
-e "s/##LDAP_BIND_PASSWORD/${LDAP_BIND_PASSWORD}/"\
sed -e "s/##LDAP_SERVER/${CLOUDRON_LDAP_SERVER}/"\
-e "s/##LDAP_PORT/${CLOUDRON_LDAP_PORT}/"\
-e "s/##LDAP_USERS_BASE_DN/${CLOUDRON_LDAP_USERS_BASE_DN}/"\
-e "s/##LDAP_BIND_DN/${CLOUDRON_LDAP_BIND_DN}/"\
-e "s/##LDAP_BIND_PASSWORD/${CLOUDRON_LDAP_BIND_PASSWORD}/"\
-e "s/##BITWARDEN_HOSTNAME/${CLOUDRON_APP_HOSTNAME}/"\
-e "s/##ADMIN_TOKEN/${ADMIN_TOKEN}/"\
/app/code/ldap_config.template.toml > /run/ldap_config.toml
......
......@@ -13,6 +13,8 @@ export SMTP_EXPLICIT_TLS=false
export SMTP_USERNAME=$CLOUDRON_MAIL_SMTP_USERNAME
export SMTP_PASSWORD=$CLOUDRON_MAIL_SMTP_PASSWORD
export SMTP_AUTH_MECHANISM="Plain"
export DATABASE_URL=$CLOUDRON_MYSQL_URL
export ENABLE_DB_WAL=false
export LOG_LEVEL=debug
# Generate admin token if it doesn't exist
......