nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 08:32:50 -05:00
Code Activity

docker setup

Browse Source
This commit is contained in:
Kyle Spearrin
2017-08-07 16:31:00 -04:00
parent ee8b0a25a8
commit 9bc6ba554a
25 changed files with 456 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/run.ps1
View File

@ -1,7 +1,8 @@
$dockerDir="../docker"
$dir = Split-Path -Parent $MyInvocation.MyCommand.Path
$dockerDir="${dir}\..\docker"
docker --version
docker-compose --version
docker-compose -f $dockerDir/docker-compose.yml -f $dockerDir/docker-compose.windows.yml down
docker-compose -f $dockerDir/docker-compose.yml -f $dockerDir/docker-compose.windows.yml up -d
docker-compose -f ${dockerDir}\docker-compose.yml -f ${dockerDir}\docker-compose.windows.yml down
docker-compose -f ${dockerDir}\docker-compose.yml -f ${dockerDir}\docker-compose.windows.yml up -d

26
scripts/setup.ps1
View File

@ -1,13 +1,12 @@
param (
[string]$outputDir = "c:/bitwarden",
[string]$domain = $( Read-Host "Please enter your domain name (i.e. bitwarden.company.com)" ),
[string]$email = $( Read-Host "Please enter your email address (used to generate an HTTPS certificate with LetsEncrypt)" )
[string]$email = $( Read-Host "Please enter your email address: " ),
[string]$letsencrypt = $( Read-Host "Generate Let's Encrypt Cert (y/n)" )
)
$dockerDir="../docker"
$certPassword=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
$databasePassword=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
$duoKey=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
docker --version
@ -15,23 +14,6 @@ docker --version
#docker run -it --rm -p 80:80 -v $outputDir/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email $email --agree-tos -d $domain
#docker run -it --rm -v $outputDir/letsencrypt/live:/certificates/ bitwarden/openssl openssl dhparam -out /certificates/$domain/dhparam.pem 2048
mkdir -p $outputDir/core
docker run -it --rm -v $outputDir/core:/certificates bitwarden/openssl openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /certificates/identity.key -out /certificates/identity.crt -subj "/CN=bitwarden IdentityServer" -days 10950
docker run -it --rm -v $outputDir/core:/certificates bitwarden/openssl openssl pkcs12 -export -out /certificates/identity.pfx -inkey /certificates/identity.key -in /certificates/identity.crt -certfile /certificates/identity.crt -passout pass:$certPassword
rm $outputDir/core/identity.key
rm $outputDir/core/identity.crt
docker run -it --rm -v ${outputDir}:/bitwarden bitwarden/setup dotnet Setup.dll -domain ${domain} -letsencrypt ${letsencrypt} -db_pass ${databasePassword}
Add-Content $dockerDir/global.override.env "
globalSettings:baseServiceUri:vault=https://$domain
globalSettings:baseServiceUri:api=https://$domain/api
globalSettings:baseServiceUri:identity=https://$domain/identity
globalSettings:sqlServer:connectionString=Server=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=$databasePassword;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;
globalSettings:identityServer:certificatePassword=$certPassword
globalSettings:duo:aKey=$duoKey
globalSettings:yubico:clientId=REPLACE
globalSettings:yubico:REPLACE"
Add-Content $dockerDir/mssql.override.env "
ACCEPT_EULA=Y
MSSQL_PID=Express
SA_PASSWORD=$databasePassword"
echo "Setup complete"

26
scripts/setup.sh
View File

@ -7,10 +7,7 @@ echo -e "\nPlease enter your email address (used to generate an HTTPS certificat
read EMAIL
OUTPUT_DIR=./bitwarden
DOCKER_DIR=../docker
CERT_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
DATABASE_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
DUO_KEY=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 64)
docker --version
@ -18,25 +15,6 @@ docker --version
#docker run -it --rm -p 80:80 -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email $EMAIL --agree-tos -d $DOMAIN
#docker run -it --rm -v $OUTPUT_DIR/letsencrypt/live:/certificates/ bitwarden/openssl openssl dhparam -out /certificates/$DOMAIN/dhparam.pem 2048
mkdir -p $OUTPUT_DIR/core
docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /certificates/identity.key -out /certificates/identity.crt -subj "/CN=bitwarden IdentityServer" -days 10950
docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl pkcs12 -export -out /certificates/identity.pfx -inkey /certificates/identity.key -in /certificates/identity.crt -certfile /certificates/identity.crt -passout pass:$CERT_PASSWORD
rm $OUTPUT_DIR/core/identity.key
rm $OUTPUT_DIR/core/identity.crt
docker run -it --rm -v $OUTPUT_DIR:/bitwarden bitwarden/setup dotnet Setup.dll -domain $DOMAIN -letsencrypt y -db_pass $DATABASE_PASSWORD
cat >> $DOCKER_DIR/global.override.env << EOF
globalSettings:baseServiceUri:vault=https://$DOMAIN
globalSettings:baseServiceUri:api=https://$DOMAIN/api
globalSettings:baseServiceUri:identity=https://$DOMAIN/identity
globalSettings:sqlServer:connectionString=Server=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=$DATABASE_PASSWORD;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;
globalSettings:identityServer:certificatePassword=$CERT_PASSWORD
globalSettings:duo:aKey=$DUO_KEY
globalSettings:yubico:clientId=REPLACE
globalSettings:yubico:REPLACE
EOF
cat >> $DOCKER_DIR/mssql.override.env << EOF
ACCEPT_EULA=Y
MSSQL_PID=Express
SA_PASSWORD=$DATABASE_PASSWORD
EOF
echo -e "\nSetup complete"