local attachment storage & docker image

2025-06-04 02:00:32 -05:00 · 2017-08-08 17:27:01 -04:00 · 2017-08-08 17:27:01 -04:00 · fecd5b3a1a
commit fecd5b3a1a
parent e50b6240e4
13 changed files with 260 additions and 7 deletions
--- a/attachments/Dockerfile
+++ b/attachments/Dockerfile
@ -0,0 +1,8 @@
 FROM node
 RUN npm install http-server -g
 EXPOSE 80
 COPY entrypoint.sh /
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
--- a/attachments/build.ps1
+++ b/attachments/build.ps1
@ -0,0 +1,7 @@
 $dir = Split-Path -Parent $MyInvocation.MyCommand.Path
 echo "`n# Building Attachments"
 echo "`nBuilding docker image"
 docker --version
 docker build -t bitwarden/attachments $dir\.
--- a/attachments/build.sh
+++ b/attachments/build.sh
@ -0,0 +1,10 @@
 #!/usr/bin/env bash
 set -e
 DIR="$(dirname $(readlink -f $0))"
 echo -e "\n# Building Attachments"
 echo -e "\nBuilding docker image"
 docker --version
 docker build -t bitwarden/attachments $DIR/.
--- a/attachments/entrypoint.sh
+++ b/attachments/entrypoint.sh
@ -0,0 +1,4 @@
 #!/bin/sh
 http-server /etc/bitwarden/core/attachments/. -p 80 -d false --utc
--- a/docker/docker-compose.linux.yml
+++ b/docker/docker-compose.linux.yml
@ -7,6 +7,9 @@ services:
  web:
    volumes:
      - /etc/bitwarden/web:/etc/bitwarden/web
  attachments:
    volumes:
      - /etc/bitwarden/core/attachments:/etc/bitwarden/core/attachments
  api:
    volumes:
      - /etc/bitwarden/core:/etc/bitwarden/core
--- a/docker/docker-compose.override.yml
+++ b/docker/docker-compose.override.yml
@ -7,6 +7,9 @@ services:
  web:
    volumes:
      - c:/bitwarden/web:/etc/bitwarden/web
  attachments:
    volumes:
      - c:/bitwarden/core/attachments:/etc/bitwarden/core/attachments
  api:
    volumes:
      - c:/bitwarden/core:/etc/bitwarden/core
--- a/docker/docker-compose.windows.yml
+++ b/docker/docker-compose.windows.yml
@ -7,6 +7,9 @@ services:
  web:
    volumes:
      - c:/bitwarden/web:/etc/bitwarden/web
  attachments:
    volumes:
      - c:/bitwarden/core/attachments:/etc/bitwarden/core/attachments
  api:
    volumes:
      - c:/bitwarden/core:/etc/bitwarden/core
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@ -15,6 +15,11 @@ services:
    image: bitwarden/web
    container_name: web
    restart: always
  attachments:
    image: bitwarden/attachments
    container_name: attachments
    restart: always
  api:
    image: bitwarden/api
--- a/src/Core/GlobalSettings.cs
+++ b/src/Core/GlobalSettings.cs
@ -39,6 +39,7 @@
        public class AttachmentSettings
        {
            public string ConnectionString { get; set; }
            public string BaseDirectory { get; set; }
            public string BaseUrl { get; set; }
        }
--- a/src/Core/Services/Implementations/LocalAttachmentStorageService.cs
+++ b/src/Core/Services/Implementations/LocalAttachmentStorageService.cs
@ -0,0 +1,155 @@
 using System.Threading.Tasks;
 using System.IO;
 using System;
 using Bit.Core.Models.Table;
 namespace Bit.Core.Services
 {
    public class LocalAttachmentStorageService : IAttachmentStorageService
    {
        private readonly string _baseDirPath;
        private readonly string _baseTempDirPath;
        public LocalAttachmentStorageService(
            GlobalSettings globalSettings)
        {
            _baseDirPath = globalSettings.Attachment.BaseDirectory;
            _baseTempDirPath = $"{_baseDirPath}/temp";
        }
        public async Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId)
        {
            await InitAsync();
            var cipherDirPath = $"{_baseDirPath}/{cipher.Id}";
            CreateDirectoryIfNotExists(cipherDirPath);
            using(var fs = File.Create($"{cipherDirPath}/{attachmentId}"))
            {
                stream.Seek(0, SeekOrigin.Begin);
                stream.CopyTo(fs);
            }
        }
        public async Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId)
        {
            await InitAsync();
            var tempCipherOrgDirPath = $"{_baseTempDirPath}/{cipherId}/{organizationId}";
            CreateDirectoryIfNotExists(tempCipherOrgDirPath);
            using(var fs = File.Create($"{tempCipherOrgDirPath}/{attachmentId}"))
            {
                stream.Seek(0, SeekOrigin.Begin);
                stream.CopyTo(fs);
            }
        }
        public async Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId)
        {
            await InitAsync();
            var sourceFilePath = $"{_baseTempDirPath}/{cipherId}/{organizationId}/{attachmentId}";
            if(!File.Exists(sourceFilePath))
            {
                return;
            }
            var destFilePath = $"{_baseDirPath}/{cipherId}/{attachmentId}";
            if(!File.Exists(destFilePath))
            {
                return;
            }
            var originalFilePath = $"{_baseTempDirPath}/{cipherId}/{attachmentId}";
            DeleteFileIfExists(originalFilePath);
            File.Move(destFilePath, originalFilePath);
            DeleteFileIfExists(destFilePath);
            File.Move(sourceFilePath, destFilePath);
        }
        public async Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId)
        {
            await InitAsync();
            DeleteFileIfExists($"{_baseTempDirPath}/{cipherId}/{organizationId}/{attachmentId}");
            var originalFilePath = $"{_baseTempDirPath}/{cipherId}/{attachmentId}";
            if(!File.Exists(originalFilePath))
            {
                return;
            }
            var destFilePath = $"{_baseDirPath}/{cipherId}/{attachmentId}";
            DeleteFileIfExists(destFilePath);
            File.Move(originalFilePath, destFilePath);
            DeleteFileIfExists(originalFilePath);
        }
        public async Task DeleteAttachmentAsync(Guid cipherId, string attachmentId)
        {
            await InitAsync();
            DeleteFileIfExists($"{_baseDirPath}/{cipherId}/{attachmentId}");
        }
        public async Task CleanupAsync(Guid cipherId)
        {
            await InitAsync();
            DeleteDirectoryIfExists($"{_baseTempDirPath}/{cipherId}");
        }
        public async Task DeleteAttachmentsForCipherAsync(Guid cipherId)
        {
            await InitAsync();
            DeleteDirectoryIfExists($"{_baseDirPath}/{cipherId}");
        }
        public async Task DeleteAttachmentsForOrganizationAsync(Guid organizationId)
        {
            await InitAsync();
        }
        public async Task DeleteAttachmentsForUserAsync(Guid userId)
        {
            await InitAsync();
        }
        private void DeleteFileIfExists(string path)
        {
            if(File.Exists(path))
            {
                File.Delete(path);
            }
        }
        private void DeleteDirectoryIfExists(string path)
        {
            if(Directory.Exists(path))
            {
                Directory.Delete(path, true);
            }
        }
        private void CreateDirectoryIfNotExists(string path)
        {
            if(!Directory.Exists(path))
            {
                Directory.CreateDirectory(path);
            }
        }
        private Task InitAsync()
        {
            if(!Directory.Exists(_baseDirPath))
            {
                Directory.CreateDirectory(_baseDirPath);
            }
            if(!Directory.Exists(_baseTempDirPath))
            {
                Directory.CreateDirectory(_baseTempDirPath);
            }
            return Task.FromResult(0);
        }
    }
 }
--- a/src/Core/Utilities/CoreHelpers.cs
+++ b/src/Core/Utilities/CoreHelpers.cs
@ -268,5 +268,24 @@ namespace Bit.Core.Utilities
        {
            return JsonConvert.DeserializeObject<T>(JsonConvert.SerializeObject(obj));
        }
        public static bool FullFramework()
        {
 #if NET461
            return true;
 #else
            return false;
 #endif
        }
        public static bool SettingHasValue(string setting)
        {
            if(string.IsNullOrWhiteSpace(setting) || setting.Equals("SECRET"))
            {
                return false;
            }
            return true;
        }
    }
 }
--- a/src/Core/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Core/Utilities/ServiceCollectionExtensions.cs
@ -15,7 +15,9 @@ using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 #if NET461
 using Microsoft.WindowsAzure.Storage;
 #endif
 using System;
 using System.IO;
 using SqlServerRepos = Bit.Core.Repositories.SqlServer;
@ -53,23 +55,38 @@ namespace Bit.Core.Utilities
        {
            services.AddSingleton<IMailService, RazorViewMailService>();
-            if(!string.IsNullOrWhiteSpace(globalSettings.Mail.SendGridApiKey))
+            if(CoreHelpers.SettingHasValue(globalSettings.Mail.SendGridApiKey))
            {
                services.AddSingleton<IMailDeliveryService, SendGridMailDeliveryService>();
            }
            else if(CoreHelpers.SettingHasValue(globalSettings.Mail?.Smtp?.Host) &&
                CoreHelpers.SettingHasValue(globalSettings.Mail?.Smtp?.Username) &&
                CoreHelpers.SettingHasValue(globalSettings.Mail?.Smtp?.Password))
            {
                services.AddSingleton<IMailDeliveryService, SmtpMailDeliveryService>();
            }
            else
            {
                services.AddSingleton<IMailDeliveryService, NoopMailDeliveryService>();
            }
 #if NET461
-            services.AddSingleton<IPushNotificationService, NotificationHubPushNotificationService>();
+            if(globalSettings.SelfHosted)
-            services.AddSingleton<IPushRegistrationService, NotificationHubPushRegistrationService>();
+            {
                services.AddSingleton<IPushNotificationService, NoopPushNotificationService>();
                services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
            }
            else
            {
                services.AddSingleton<IPushNotificationService, NotificationHubPushNotificationService>();
                services.AddSingleton<IPushRegistrationService, NotificationHubPushRegistrationService>();
            }
 #else
            services.AddSingleton<IPushNotificationService, NoopPushNotificationService>();
            services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
 #endif
-            if(!string.IsNullOrWhiteSpace(globalSettings.Storage.ConnectionString))
+
            if(CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString))
            {
                services.AddSingleton<IBlockIpService, AzureQueueBlockIpService>();
            }
@ -78,10 +95,14 @@ namespace Bit.Core.Utilities
                services.AddSingleton<IBlockIpService, NoopBlockIpService>();
            }
-            if(!string.IsNullOrWhiteSpace(globalSettings.Attachment.ConnectionString))
+            if(CoreHelpers.SettingHasValue(globalSettings.Attachment.ConnectionString))
            {
                services.AddSingleton<IAttachmentStorageService, AzureAttachmentStorageService>();
            }
            else if(CoreHelpers.SettingHasValue(globalSettings.Attachment.BaseDirectory))
            {
                services.AddSingleton<IAttachmentStorageService, LocalAttachmentStorageService>();
            }
            else
            {
                services.AddSingleton<IAttachmentStorageService, NoopAttachmentStorageService>();
@ -169,8 +190,8 @@ namespace Bit.Core.Utilities
            {
                identityServerBuilder.AddTemporarySigningCredential();
            }
-            else if(!string.IsNullOrWhiteSpace(globalSettings.IdentityServer.CertificatePassword) &&
+            else if(!string.IsNullOrWhiteSpace(globalSettings.IdentityServer.CertificatePassword)
-                System.IO.File.Exists("identity.pfx"))
+                && File.Exists("identity.pfx"))
            {
                var identityServerCert = CoreHelpers.GetCertificate("identity.pfx",
                    globalSettings.IdentityServer.CertificatePassword);
--- a/util/Setup/Program.cs
+++ b/util/Setup/Program.cs
@ -204,6 +204,16 @@ server {{
        proxy_redirect off;
    }}
    location /attachments/ {{
        proxy_pass http://attachments/;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Url-Scheme $scheme;
        proxy_redirect off;
    }}
    location /api/ {{
        proxy_pass http://api/;
        proxy_set_header X-Real-IP $remote_addr;
@ -243,6 +253,8 @@ globalSettings:baseServiceUri:api={_url}/api
 globalSettings:baseServiceUri:identity={_url}/identity
 globalSettings:sqlServer:connectionString={dbConnectionString}
 globalSettings:identityServer:certificatePassword={_identityCertPassword}
 globalSettings:attachment:baseDirectory=/etc/bitwarden/core/attachments
 globalSettings:attachment:baseUrl={_url}/attachments
 globalSettings:duo:aKey={Helpers.SecureRandomString(32, alpha: true, numeric: true)}
 globalSettings:yubico:clientId=REPLACE
 globalSettings:yubico:REPLACE");
@ -265,6 +277,8 @@ SA_PASSWORD={dbPass}");
                sw.Write($@"var bitwardenAppSettings = {{
    apiUri: ""{_url}/api"",
    identityUri: ""{_url}/identity"",
    stripeKey: null,
    braintreeKey: null,
    whitelistDomains: [""{_domain}""]
 }};");
            }
		`@ -0,0 +1,4 @@`
							`#!/bin/sh`

							`http-server /etc/bitwarden/core/attachments/. -p 80 -d false --utc`