Chad Scharf
cc964ccb9c
Add https://2fa.directory to CSP ( #1156 )
...
* Add https://2fa.directory to CSP
* remove old domain for towfactorauth.org
2021-02-22 19:15:58 -05:00
Kyle Spearrin
61675342c3
added duofederal.com to allowed duo domains ( #1091 )
2021-01-15 16:59:51 -05:00
Joseph Flinn
97ba472606
Make nginx Content-Security-Policy configurable ( #1048 )
...
* Adding the nginx head Content-Security-Policy to the Configuration file
* fixing whitespace formatting
* adding a '+' that got removed
2020-12-18 07:58:35 -08:00
Kyle Spearrin
d2ab098ca5
configure send for self-host
2020-11-03 14:29:07 -05:00
Kyle Spearrin
01bae115a5
proxy for sso connector
2020-09-01 12:44:45 -04:00
Kyle Spearrin
6e7d618e52
correct nginx sso pathing
2020-08-28 13:44:50 -04:00
Kyle Spearrin
f0210cd798
correct identity pathing from nginx
2020-08-28 13:44:01 -04:00
Kyle Spearrin
526bdfdb05
update nginx proxy for portal pathing
2020-08-27 16:26:12 -04:00
Kyle Spearrin
0607050024
update self-host for sso and portal ( #893 )
2020-08-26 17:48:31 -04:00
Kyle Spearrin
047c2ad3ab
comment out sso in nginx config
2020-07-29 10:01:36 -04:00
Kyle Spearrin
307ac437d5
remove sso container ref
2020-07-29 09:50:11 -04:00
Kyle Spearrin
5de236f294
update libs
2020-07-27 20:36:17 -04:00
François Van Ingelgom
aab6095073
Add support building from path that contains space ( #815 )
2020-07-17 08:28:31 -04:00
Kyle Spearrin
0d0c6c7167
sso integrations ( #822 )
...
* stub out hybrid sso
* support for PKCE authorization_code clients
* sso service urls
* sso client key
* abstract request validator
* support for verifying password
* custom AuthorizationCodeStore that does not remove codes
* cleanup
* comment
* created master password
* ResetMasterPassword
* rename Sso client to OidcIdentity
* update env builder
* bitwarden sso project in docker-compose
* sso path in nginx config
2020-07-16 08:01:39 -04:00
Chad Scharf
d0d93a64ee
Reverse encouragement of self-signed cert ( #813 )
2020-07-07 20:58:45 -04:00
Mart124
61f46ecb11
Update CertBuilder.cs ( #809 )
2020-07-06 13:48:23 -04:00
Mart124
62b3c305c3
Add default log parameters ( #807 )
...
* Add default log parameters
* Case typo
2020-07-02 16:28:16 -04:00
Kyle Spearrin
8559e144c6
bump dependency minor/patch versions
2020-06-24 16:37:23 -04:00
Kyle Spearrin
c205bf72e6
update some libs
2020-05-18 21:57:14 -04:00
Chad Scharf
9800b752c0
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
Kyle Spearrin
cd0ec26b07
upgrade libs
2020-03-04 22:01:28 -05:00
Kyle Spearrin
6b6c2d862d
8bit => bitwarden
2020-02-18 22:22:32 -05:00
Mart124
d9181045c9
Stop mssql gently ( #641 )
2020-01-16 14:25:06 -08:00
Kyle Spearrin
57a491d58b
aspnet image
2020-01-13 15:07:52 -05:00
Kyle Spearrin
b1e8d16b9d
update some libs
2020-01-13 09:33:12 -05:00
Kyle Spearrin
47b50e48ef
update libs
2020-01-10 16:14:16 -05:00
Kyle Spearrin
29580684a3
upgrade to aspnet core 3.1
2020-01-10 08:33:13 -05:00
Kyle Spearrin
fe3378b483
try internal network by default
2019-11-20 08:09:53 -05:00
Kyle Spearrin
c27b72e019
private network for some containers
2019-11-20 07:35:42 -05:00
Kyle Spearrin
63c3d5342c
undo admin host port header
2019-10-17 14:40:05 -04:00
Kyle Spearrin
0a7727dc27
port to host header for admin
2019-10-17 14:20:49 -04:00
Mart124
6f91b693d9
Increase self-signed certs duration ( #570 )
2019-10-02 10:26:07 -04:00
Kyle Spearrin
5f4c7eb122
add q9 secondary dns resolver
2019-08-05 07:36:31 -04:00
h-town
d081d0fc4d
Revise hard-coded ssl resolver to Cloudflare & Quad9 ( #543 )
...
Google (terrible) and OpenDNS (questionable at best) are not ideal for privacy-minded users. Both Cloudflare DNS and Quad9 at least claim to drop logs, each of them have widely-reported response times, and they're sufficiently established with over a year of service.
2019-08-05 07:34:29 -04:00
Kyle Spearrin
bba0206bb7
alive check for nginx
2019-07-26 12:43:06 -04:00
Kyle Spearrin
a23e081397
update some libs
2019-07-23 16:58:40 -04:00
Kyle Spearrin
94188fa0b5
update to net core 2.2
2019-07-23 16:38:49 -04:00
Kyle Spearrin
3422df325b
HIBP api key in env variables
2019-07-22 21:24:04 -04:00
Kyle Spearrin
242e509b9d
set en-US as default current culture
2019-07-11 15:03:17 -04:00
Kyle Spearrin
f97539d558
build events container into docker deployment
2019-07-09 14:49:34 -04:00
Kyle Spearrin
e6fc0f9548
real_ips uses this in template
2019-05-15 22:11:22 -04:00
Kyle Spearrin
6381634a92
update libs
2019-05-11 20:56:49 -04:00
Kyle Spearrin
33845d372f
bump dockerfile dep versions
2019-05-07 11:14:37 -04:00
Kyle Spearrin
044f21df29
indenting
2019-04-27 23:13:14 -04:00
Kyle Spearrin
b935b16cb8
more real_ip config values for nginx
2019-04-27 23:11:57 -04:00
Kyle Spearrin
d8204341a4
add semicolon
2019-04-26 12:44:44 -04:00
Kyle Spearrin
6dc2e1b328
real ips config
2019-04-26 12:26:54 -04:00
Kyle Spearrin
085c13f508
next step is just start
2019-03-25 16:24:16 -04:00
Kyle Spearrin
b2045b92b4
update depends on
2019-03-25 14:48:06 -04:00
Kyle Spearrin
3a1e24976b
move migrator project to util
2019-03-25 13:23:50 -04:00
Kyle Spearrin
28884c3330
move migrations to migrator project
2019-03-25 13:21:05 -04:00
Kyle Spearrin
f7c6dcb067
depends on
2019-03-25 09:23:50 -04:00
Kyle Spearrin
ce9016acfb
log to console is not quiet
2019-03-25 09:03:30 -04:00
Kyle Spearrin
7724109caa
placeholders for random values
2019-03-15 11:19:52 -04:00
Kyle Spearrin
1adc6d04ed
db password for stub
2019-03-15 11:13:35 -04:00
Kyle Spearrin
ff163a2859
cleanup
2019-03-15 11:10:18 -04:00
Kyle Spearrin
0f7963f79c
stub install
2019-03-15 09:28:39 -04:00
Kyle Spearrin
b6f54324a5
quiet output for setup scripts
2019-03-12 10:26:14 -04:00
Kyle Spearrin
bae1884630
filter nulls from transaction gateway index
2019-03-08 16:57:14 -05:00
Kyle Spearrin
4bde147fc7
re-create UserCollectionDetails function
2019-03-08 07:56:25 -05:00
Kyle Spearrin
52e1ceace8
Revert "ignore xml comment warnings"
...
This reverts commit bca4f850a5
.
2019-03-07 22:57:24 -05:00
Kyle Spearrin
bca4f850a5
ignore xml comment warnings
2019-03-07 17:09:29 -05:00
Kyle Spearrin
75f01a5774
collection externalId
2019-03-07 15:18:27 -05:00
Kyle Spearrin
00f3c476ae
apis for getting user details
2019-03-05 23:22:43 -05:00
Kyle Spearrin
c4ac86d4f4
db changes for org api
2019-03-01 23:44:45 -05:00
Kyle Spearrin
3b951ce5cc
update some libs
2019-02-14 15:33:51 -05:00
Kyle Spearrin
f70ececa9d
get rid of premium renewal jobs for braintree
2019-02-14 10:18:27 -05:00
Kyle Spearrin
bc30f47331
is null, not =
2019-02-09 21:38:33 -05:00
Kyle Spearrin
44630e9728
handle transactions on paypal webhook
2019-02-01 22:22:08 -05:00
Kyle Spearrin
25f3b76e6b
added transactions table
2019-01-31 16:45:01 -05:00
Kyle Spearrin
a07f37e093
ssl override, deprecate defaultCreds and authType
2019-01-22 21:28:56 -05:00
Kyle Spearrin
411e8a67f9
core => server updates
2019-01-18 22:20:05 -05:00
Kyle Spearrin
1a932de925
no longer need hibp in connect csp
2019-01-18 22:04:10 -05:00
Kyle Spearrin
ca22a007f6
noindex,nofollow
2019-01-17 16:45:53 -05:00
Kyle Spearrin
bc3013b82b
robots noindex self-hosted web vault
2019-01-17 16:27:40 -05:00
Kyle Spearrin
4a38713c4b
return twofactor enabled property on org users api
2018-12-19 11:48:36 -05:00
Kyle Spearrin
9a48e6f29a
add twofactorauth.org to CSP
2018-12-12 10:16:02 -05:00
Kyle Spearrin
32f686cba6
allow blobs in object-src CSP
2018-11-06 22:26:41 -05:00
Kyle Spearrin
f60d6d92f8
trim quotes from env file value
2018-11-06 16:31:11 -05:00
Kyle Spearrin
bb1860d861
read connection string from env file for migration
2018-10-31 23:32:22 -04:00
Kyle Spearrin
5136b191f1
com.bitwarden.project label to setup dockerfile
2018-10-31 10:00:18 -04:00
Kyle Spearrin
826f439618
fix org id in sproc
2018-10-22 14:39:42 -04:00
Kyle Spearrin
0b166a080e
limit collection scope option when creating cipher
2018-10-22 14:09:55 -04:00
Kyle Spearrin
c710226223
set cipher id to limit collection scope
2018-10-22 10:15:03 -04:00
Kyle Spearrin
4e8a313d3d
dont set userid on cipher if orgid is set
2018-10-22 10:06:05 -04:00
Kyle Spearrin
22033d075d
increase group name length to 100
2018-10-22 09:34:26 -04:00
Kyle Spearrin
96b492fa07
apis for creating ciphers with org & collections
2018-10-19 12:07:31 -04:00
SoulSeekkor
976869c968
Fixed various typos. ( #378 )
2018-10-18 11:41:49 -04:00
Kyle Spearrin
45a77c8903
manager group user apis
2018-10-18 08:38:22 -04:00
Kyle Spearrin
33bfd12b7d
apis for managing collection users
2018-10-17 22:18:03 -04:00
Kyle Spearrin
7db36e0005
api adjustments for manager role and collections
2018-10-17 14:58:45 -04:00
Kyle Spearrin
01d2306a07
update packages
2018-10-14 22:21:59 -04:00
Kyle Spearrin
5812915677
database maintenance jobs setup in admin
2018-10-09 10:12:27 -04:00
Kyle Spearrin
59279b4990
bump docker image version refs
2018-10-08 16:14:22 -04:00
Kyle Spearrin
7176e0ea22
update packages
2018-10-05 14:05:52 -04:00
Kyle Spearrin
c16825f8be
check if has port, resolves #365
2018-09-26 16:53:37 -04:00
Kyle Spearrin
7164f378fc
purge org vault
2018-09-25 09:12:50 -04:00
Kyle Spearrin
fd8f5be117
new line
2018-09-17 15:18:49 -04:00
Kyle Spearrin
5d9804bded
added more info to warning
2018-09-17 15:00:29 -04:00
Kyle Spearrin
ce309c27d4
update to aspnet 2.1.4
2018-09-11 13:29:34 -04:00
Kyle Spearrin
6a75a60a36
learn more about docker volumes
2018-09-04 08:21:49 -04:00
Kyle Spearrin
34a7bcdc1b
move config class out to its own file
2018-09-03 21:12:24 -04:00
Kyle Spearrin
6b8fdc1a98
add X-Frame-Options specifically
2018-08-31 22:37:49 -04:00
Kyle Spearrin
b2d63b2383
reassign security headers
2018-08-31 17:02:49 -04:00
Kyle Spearrin
aeca706302
include security headers
2018-08-31 12:55:54 -04:00
Kyle Spearrin
566471cae8
enabled X-Frame-Options header
2018-08-31 12:16:36 -04:00
Kyle Spearrin
d4c35a98b7
allow configurable ssl protocols and ciphersuites
2018-08-31 12:11:44 -04:00
Kyle Spearrin
7a6d09a28e
refs and installation complete message
2018-08-31 09:16:01 -04:00
Kyle Spearrin
477d665104
compose version config variable
2018-08-30 23:32:18 -04:00
Kyle Spearrin
edac914ebd
update comments
2018-08-30 23:06:40 -04:00
Kyle Spearrin
053a89fdb0
cleanup comments
2018-08-30 22:46:51 -04:00
Kyle Spearrin
a3744facc7
remove install complete message
2018-08-30 22:36:45 -04:00
Kyle Spearrin
c87ce222eb
contains checks for nginx conf config.yml build
2018-08-30 22:30:31 -04:00
Kyle Spearrin
5a44ce4f0e
fix compose template indention
2018-08-30 16:40:06 -04:00
Kyle Spearrin
69605fab5b
rebuild instructions
2018-08-30 16:09:18 -04:00
Kyle Spearrin
310e6bcf61
convert setup to use config.yml
2018-08-30 11:35:44 -04:00
Kyle Spearrin
c41a1e0936
CanAccessPremium checks instead of User.Premium
2018-08-28 16:23:58 -04:00
Kyle Spearrin
816bf1546e
global.env for all aspnet containers
2018-08-24 16:28:49 -04:00
Kyle Spearrin
53caacb870
fix availablecollections queries for groups join
2018-08-23 23:46:18 -04:00
Kyle Spearrin
a275af6366
proxy_pass to /hub
2018-08-21 12:47:13 -04:00
Kyle Spearrin
43eaedeee4
proxy headers for websockets
2018-08-21 12:43:18 -04:00
Kyle Spearrin
7a5d3c3795
set connection header for signalr hub
2018-08-21 12:12:33 -04:00
Kyle Spearrin
fb92f67053
add websockets to CSP
2018-08-21 11:54:03 -04:00
Kyle Spearrin
ca3ecc0163
build and include notifications docker
2018-08-17 18:14:25 -04:00
Kyle Spearrin
1ffa712b75
more notification hub renames
2018-08-16 13:50:41 -04:00
Kyle Spearrin
28e6783a00
hub api notifications
2018-08-16 12:05:01 -04:00
Kyle Spearrin
ff01ce5ca7
internal identity authorization
2018-08-15 18:43:26 -04:00
Kyle Spearrin
0932189ccb
support for user defined kdf parameters
2018-08-14 15:30:04 -04:00
Kyle Spearrin
20f45ca2de
update ssl ciphers to mozilla recommendations
2018-08-14 08:42:01 -04:00
Simon
f08ff966b0
Hardening nginx, allow TLSv1.2 with the most secure cipher suites only ( #340 )
...
* Hardening nginx, allow TLSv1.2 with the most secure cipher suites only
* Ciphers added to allow more browsers to connect
2018-08-14 08:37:24 -04:00
Kyle Spearrin
06d5b4af29
turn off database autoclose
2018-08-09 16:57:15 -04:00
Kyle Spearrin
fb2ee6aaea
no longer need to provide netcoreapp flag
2018-08-06 09:11:27 -04:00
Kyle Spearrin
58d29cc4a8
consolidate some deps
2018-08-03 23:57:15 -04:00
Kyle Spearrin
1052951a96
restore on build. remove ps1 build scripts
2018-08-01 10:32:58 -04:00
Kyle Spearrin
61cda87574
update to .net / asp.net 2.1
2018-08-01 10:07:20 -04:00
Kyle Spearrin
6d22356caf
allow gravatar in CSP
2018-07-30 23:56:09 -04:00
Kyle Spearrin
98fc54881b
database tuning
2018-07-28 21:25:25 -04:00
Kyle Spearrin
545fb43dac
improvements to collection user sproc
2018-07-23 10:31:45 -04:00
Kyle Spearrin
94c7fdebf5
device index and updated folder delete sproc
2018-07-23 09:52:22 -04:00
Kyle Spearrin
24aa0dc026
delete null creationdates too
2018-07-21 08:58:16 -04:00
Kyle Spearrin
941792bdd8
u2f db updates
2018-07-21 08:44:21 -04:00
Kyle Spearrin
4c399aaf0d
new grant cleanup sproc
2018-07-20 23:08:10 -04:00
Mark Anthony Cianfrani
c227beb510
added basic constraints configuration for self signed certificates ( #327 )
2018-07-20 22:17:49 -04:00
Kyle Spearrin
05b1c1cf9b
move all security headers to web vault location
2018-07-20 14:13:24 -04:00
Kyle Spearrin
0070d23dab
csp is only for web vault
2018-07-20 14:11:20 -04:00
Kyle Spearrin
c4c0c81d14
null error output of cert copy
2018-07-19 17:33:53 -04:00
Kyle Spearrin
8c208d4d34
missing semicolon
2018-07-19 17:01:57 -04:00
Kyle Spearrin
dea76e8e01
wrap csp in quotes
2018-07-19 16:49:01 -04:00
Kyle Spearrin
511b1cbbb6
load ca certs on setup
2018-07-19 16:45:27 -04:00
Kyle Spearrin
b0aef93597
move script back and move userview update up
2018-07-19 16:22:30 -04:00