setup, build, and run scripts

scripts/install.sh

@@ -1,11 +0,0 @@
-dotnet publish ../src/Api/Api.csproj -f netcoreapp2.0 -o obj/Docker/publish -c "Release"
-dotnet publish ../src/Identity/Identity.csproj -f netcoreapp2.0 -o obj/Docker/publish -c "Release"
-
-docker-compose pull
-docker-compose down
-
-#mkdir -p c:/bitwarden/letsencrypt/live
-#docker run -it --rm -p 80:80 -v c:/bitwarden/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email kyle.spearrin@gmail.com --agree-tos -d bw.kylespearrin.com
-#openssl dhparam -out c:/bitwarden/letsencrypt/live/bw.kylespearrin.com/dhparam.pem 2048
-
-docker-compose up -d

scripts/run.ps1

@@ -0,0 +1,7 @@
+$dockerDir="../docker"
+
+docker --version
+docker-compose --version
+
+docker-compose -f $dockerDir/docker-compose.yml -f $dockerDir/docker-compose.windows.yml down
+docker-compose -f $dockerDir/docker-compose.yml -f $dockerDir/docker-compose.windows.yml up -d

scripts/run.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -e
+
+DOCKER_DIR=../docker
+
+docker --version
+docker-compose --version
+
+docker-compose -f $DOCKER_DIR/docker-compose.yml -f $DOCKER_DIR/docker-compose.windows.yml down
+docker-compose -f $DOCKER_DIR/docker-compose.yml -f $DOCKER_DIR/docker-compose.windows.yml up -d

scripts/setup.ps1

@@ -0,0 +1,37 @@
+param (
+  [string]$outputDir = "c:/bitwarden",
+  [string]$domain = $( Read-Host "Please enter your domain name (i.e. bitwarden.company.com)" ),
+  [string]$email = $( Read-Host "Please enter your email address (used to generate an HTTPS certificate with LetsEncrypt)" )
+)
+
+$dockerDir="../docker"
+$certPassword=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
+$databasePassword=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
+$duoKey=-join ((48..57) + (97..122) | Get-Random -Count 32 | % {[char]$_})
+
+docker --version
+
+#mkdir -p $outputDir/letsencrypt/live/$domain
+#docker run -it --rm -p 80:80 -v $outputDir/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email $email --agree-tos -d $domain
+#docker run -it --rm -v $outputDir/letsencrypt/live:/certificates/ bitwarden/openssl openssl dhparam -out /certificates/$domain/dhparam.pem 2048
+
+mkdir -p $outputDir/core
+docker run -it --rm -v $outputDir/core:/certificates bitwarden/openssl openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /certificates/identity.key -out /certificates/identity.crt -subj "/CN=bitwarden IdentityServer" -days 10950
+docker run -it --rm -v $outputDir/core:/certificates bitwarden/openssl openssl pkcs12 -export -out /certificates/identity.pfx -inkey /certificates/identity.key -in /certificates/identity.crt -certfile /certificates/identity.crt -passout pass:$certPassword
+rm $outputDir/core/identity.key
+rm $outputDir/core/identity.crt
+
+Add-Content $dockerDir/global.override.env "
+globalSettings:baseServiceUri:vault=https://$domain
+globalSettings:baseServiceUri:api=https://$domain/api
+globalSettings:baseServiceUri:identity=https://$domain/identity
+globalSettings:sqlServer:connectionString=Server=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=$databasePassword;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;
+globalSettings:identityServer:certificatePassword=$certPassword
+globalSettings:duo:aKey=$duoKey
+globalSettings:yubico:clientId=REPLACE
+globalSettings:yubico:REPLACE"
+
+Add-Content $dockerDir/mssql.override.env "
+ACCEPT_EULA=Y
+MSSQL_PID=Express
+SA_PASSWORD=$databasePassword"

scripts/setup.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+set -e
+
+echo "Please enter your domain name (i.e. bitwarden.company.com): "
+read DOMAIN
+echo -e "\nPlease enter your email address (used to generate an HTTPS certificate with LetsEncrypt): "
+read EMAIL
+
+OUTPUT_DIR=./bitwarden
+DOCKER_DIR=../docker
+CERT_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
+DATABASE_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
+DUO_KEY=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 64)
+
+docker --version
+
+#mkdir -p $OUTPUT_DIR/letsencrypt/live/$DOMAIN
+#docker run -it --rm -p 80:80 -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email $EMAIL --agree-tos -d $DOMAIN
+#docker run -it --rm -v $OUTPUT_DIR/letsencrypt/live:/certificates/ bitwarden/openssl openssl dhparam -out /certificates/$DOMAIN/dhparam.pem 2048
+
+mkdir -p $OUTPUT_DIR/core
+docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /certificates/identity.key -out /certificates/identity.crt -subj "/CN=bitwarden IdentityServer" -days 10950
+docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl pkcs12 -export -out /certificates/identity.pfx -inkey /certificates/identity.key -in /certificates/identity.crt -certfile /certificates/identity.crt -passout pass:$CERT_PASSWORD
+rm $OUTPUT_DIR/core/identity.key
+rm $OUTPUT_DIR/core/identity.crt
+
+cat >> $DOCKER_DIR/global.override.env << EOF
+globalSettings:baseServiceUri:vault=https://$DOMAIN
+globalSettings:baseServiceUri:api=https://$DOMAIN/api
+globalSettings:baseServiceUri:identity=https://$DOMAIN/identity
+globalSettings:sqlServer:connectionString=Server=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=$DATABASE_PASSWORD;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;
+globalSettings:identityServer:certificatePassword=$CERT_PASSWORD
+globalSettings:duo:aKey=$DUO_KEY
+globalSettings:yubico:clientId=REPLACE
+globalSettings:yubico:REPLACE
+EOF
+
+cat >> $DOCKER_DIR/mssql.override.env << EOF
+ACCEPT_EULA=Y
+MSSQL_PID=Express
+SA_PASSWORD=$DATABASE_PASSWORD
+EOF