...
 
Commits (5)
...@@ -9,8 +9,14 @@ ...@@ -9,8 +9,14 @@
"healthCheckPath": "/healthcheck", "healthCheckPath": "/healthcheck",
"httpPort": 80, "httpPort": 80,
"addons": { "addons": {
"localstorage": {},
"ldap": {}, "ldap": {},
"localstorage": {},
"scheduler": {
"ldap_sync": {
"schedule": "*/5 * * * *",
"command": "/app/code/ldap_sync.sh"
}
},
"sendmail": {} "sendmail": {}
}, },
"manifestVersion": 1, "manifestVersion": 1,
......
...@@ -8,7 +8,6 @@ ENV CONFIG_FILE=/app/data/config.json ...@@ -8,7 +8,6 @@ ENV CONFIG_FILE=/app/data/config.json
ENV SIGNUPS_ALLOWED=false ENV SIGNUPS_ALLOWED=false
ENV INVITATIONS_ALLOWED=true ENV INVITATIONS_ALLOWED=true
ENV DISABLE_ADMIN_TOKEN=true
ENV WEBSOCKET_ENABLED=false ENV WEBSOCKET_ENABLED=false
# set to false, will need some apache config first # set to false, will need some apache config first
...@@ -26,11 +25,15 @@ RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite ...@@ -26,11 +25,15 @@ RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite
# Copies the files from the context (Rocket.toml file and web-vault) # Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage # and the binary from the "build" stage to the current stage
COPY --from=mprasil/bitwarden:1.8.0 /web-vault /app/code/web-vault COPY --from=mprasil/bitwarden:latest /web-vault /app/code/web-vault
COPY --from=mprasil/bitwarden:1.8.0 /bitwarden_rs /app/code/ COPY --from=mprasil/bitwarden:latest /bitwarden_rs /app/code/
COPY --from=mprasil/bitwarden:1.8.0 /Rocket.toml /app/code/ COPY --from=mprasil/bitwarden:latest /Rocket.toml /app/code/
# Copy ldap sync utility
COPY --from=vividboarder/bitwarden_rs_ldap:alpine /usr/local/bin/bitwarden_rs_ldap /app/code/
WORKDIR /app/code WORKDIR /app/code
ADD start.sh /app/code/start.sh COPY start.sh /app/code/start.sh
COPY ldap_sync.sh /app/code/ldap_sync.sh
COPY config.template.toml /app/code/config.template.toml
CMD [ "/app/code/start.sh" ] CMD [ "/app/code/start.sh" ]
bitwarden_url = "http://127.0.0.1:3000"
bitwarden_admin_token = "##ADMIN_TOKEN"
ldap_host = "##LDAP_SERVER"
ldap_port = ##LDAP_PORT
ldap_bind_dn = "##LDAP_BIND_DN"
ldap_bind_password = "##LDAP_BIND_PASSWORD"
ldap_search_base_dn = "##LDAP_USERS_BASE_DN"
ldap_search_filter = "(&(objectClass=*)(uid=*))"
ldap_sync_loop = false
#! /bin/bash
set -e
export CONFIG_PATH=/run/config.toml
exec /app/code/bitwarden_rs_ldap
...@@ -8,9 +8,25 @@ export SMTP_FROM=$MAIL_FROM ...@@ -8,9 +8,25 @@ export SMTP_FROM=$MAIL_FROM
export SMTP_FROM_NAME=Bitwarden export SMTP_FROM_NAME=Bitwarden
export SMTP_PORT=$MAIL_SMTPS_PORT export SMTP_PORT=$MAIL_SMTPS_PORT
export SMTP_SSL=true export SMTP_SSL=true
export SMTP_EXPLICIT_TLS=true
export SMTP_USERNAME=$MAIL_SMTP_USERNAME export SMTP_USERNAME=$MAIL_SMTP_USERNAME
export SMTP_PASSWORD=$MAIL_SMTP_PASSWORD export SMTP_PASSWORD=$MAIL_SMTP_PASSWORD
# Generate admin token if it doesn't exist
if [[ ! -f /app/data/admin_token ]]; then
pwgen -1 48 -s > /app/data/admin_token
fi
export ADMIN_TOKEN=$(cat /app/data/admin_token)
# Generate ldap sync config from template
sed -e "s/##LDAP_SERVER/${LDAP_SERVER}/"\
-e "s/##LDAP_PORT/${LDAP_PORT}/"\
-e "s/##LDAP_USERS_BASE_DN/${LDAP_USERS_BASE_DN}/"\
-e "s/##LDAP_BIND_DN/${LDAP_BIND_DN}/"\
-e "s/##LDAP_BIND_PASSWORD/${LDAP_BIND_PASSWORD}/"\
-e "s/##ADMIN_TOKEN/${ADMIN_TOKEN}/"\
/app/code/config.template.toml > /run/config.toml
echo "=> Starting apache" echo "=> Starting apache"
APACHE_CONFDIR="" source /etc/apache2/envvars APACHE_CONFDIR="" source /etc/apache2/envvars
rm -f "${APACHE_PID_FILE}" rm -f "${APACHE_PID_FILE}"
......