1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-05 14:23:30 +01:00
Commit Graph

451 Commits

Author SHA1 Message Date
Kyle Spearrin
61675342c3
added duofederal.com to allowed duo domains (#1091) 2021-01-15 16:59:51 -05:00
Joseph Flinn
97ba472606
Make nginx Content-Security-Policy configurable (#1048)
* Adding the nginx head Content-Security-Policy to the Configuration file

* fixing whitespace formatting

* adding a '+' that got removed
2020-12-18 07:58:35 -08:00
Kyle Spearrin
d2ab098ca5 configure send for self-host 2020-11-03 14:29:07 -05:00
Kyle Spearrin
01bae115a5 proxy for sso connector 2020-09-01 12:44:45 -04:00
Kyle Spearrin
6e7d618e52 correct nginx sso pathing 2020-08-28 13:44:50 -04:00
Kyle Spearrin
f0210cd798 correct identity pathing from nginx 2020-08-28 13:44:01 -04:00
Kyle Spearrin
526bdfdb05 update nginx proxy for portal pathing 2020-08-27 16:26:12 -04:00
Kyle Spearrin
0607050024
update self-host for sso and portal (#893) 2020-08-26 17:48:31 -04:00
Kyle Spearrin
047c2ad3ab comment out sso in nginx config 2020-07-29 10:01:36 -04:00
Kyle Spearrin
307ac437d5 remove sso container ref 2020-07-29 09:50:11 -04:00
Kyle Spearrin
5de236f294 update libs 2020-07-27 20:36:17 -04:00
François Van Ingelgom
aab6095073
Add support building from path that contains space (#815) 2020-07-17 08:28:31 -04:00
Kyle Spearrin
0d0c6c7167
sso integrations (#822)
* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
2020-07-16 08:01:39 -04:00
Chad Scharf
d0d93a64ee
Reverse encouragement of self-signed cert (#813) 2020-07-07 20:58:45 -04:00
Mart124
61f46ecb11
Update CertBuilder.cs (#809) 2020-07-06 13:48:23 -04:00
Mart124
62b3c305c3
Add default log parameters (#807)
* Add default log parameters

* Case typo
2020-07-02 16:28:16 -04:00
Kyle Spearrin
8559e144c6 bump dependency minor/patch versions 2020-06-24 16:37:23 -04:00
Kyle Spearrin
c205bf72e6 update some libs 2020-05-18 21:57:14 -04:00
Chad Scharf
9800b752c0 Changed all C# control flow block statements to include space between keyword and open paren 2020-03-27 14:36:37 -04:00
Kyle Spearrin
cd0ec26b07 upgrade libs 2020-03-04 22:01:28 -05:00
Kyle Spearrin
6b6c2d862d 8bit => bitwarden 2020-02-18 22:22:32 -05:00
Mart124
d9181045c9 Stop mssql gently (#641) 2020-01-16 14:25:06 -08:00
Kyle Spearrin
57a491d58b aspnet image 2020-01-13 15:07:52 -05:00
Kyle Spearrin
b1e8d16b9d update some libs 2020-01-13 09:33:12 -05:00
Kyle Spearrin
47b50e48ef update libs 2020-01-10 16:14:16 -05:00
Kyle Spearrin
29580684a3 upgrade to aspnet core 3.1 2020-01-10 08:33:13 -05:00
Kyle Spearrin
fe3378b483 try internal network by default 2019-11-20 08:09:53 -05:00
Kyle Spearrin
c27b72e019 private network for some containers 2019-11-20 07:35:42 -05:00
Kyle Spearrin
63c3d5342c undo admin host port header 2019-10-17 14:40:05 -04:00
Kyle Spearrin
0a7727dc27 port to host header for admin 2019-10-17 14:20:49 -04:00
Mart124
6f91b693d9 Increase self-signed certs duration (#570) 2019-10-02 10:26:07 -04:00
Kyle Spearrin
5f4c7eb122 add q9 secondary dns resolver 2019-08-05 07:36:31 -04:00
h-town
d081d0fc4d Revise hard-coded ssl resolver to Cloudflare & Quad9 (#543)
Google (terrible) and OpenDNS (questionable at best) are not ideal for privacy-minded users.  Both Cloudflare DNS and Quad9 at least claim to drop logs, each of them have widely-reported response times, and they're sufficiently established with over a year of service.
2019-08-05 07:34:29 -04:00
Kyle Spearrin
bba0206bb7 alive check for nginx 2019-07-26 12:43:06 -04:00
Kyle Spearrin
a23e081397 update some libs 2019-07-23 16:58:40 -04:00
Kyle Spearrin
94188fa0b5 update to net core 2.2 2019-07-23 16:38:49 -04:00
Kyle Spearrin
3422df325b HIBP api key in env variables 2019-07-22 21:24:04 -04:00
Kyle Spearrin
242e509b9d set en-US as default current culture 2019-07-11 15:03:17 -04:00
Kyle Spearrin
f97539d558 build events container into docker deployment 2019-07-09 14:49:34 -04:00
Kyle Spearrin
e6fc0f9548 real_ips uses this in template 2019-05-15 22:11:22 -04:00
Kyle Spearrin
6381634a92 update libs 2019-05-11 20:56:49 -04:00
Kyle Spearrin
33845d372f bump dockerfile dep versions 2019-05-07 11:14:37 -04:00
Kyle Spearrin
044f21df29 indenting 2019-04-27 23:13:14 -04:00
Kyle Spearrin
b935b16cb8 more real_ip config values for nginx 2019-04-27 23:11:57 -04:00
Kyle Spearrin
d8204341a4 add semicolon 2019-04-26 12:44:44 -04:00
Kyle Spearrin
6dc2e1b328 real ips config 2019-04-26 12:26:54 -04:00
Kyle Spearrin
085c13f508 next step is just start 2019-03-25 16:24:16 -04:00
Kyle Spearrin
b2045b92b4 update depends on 2019-03-25 14:48:06 -04:00
Kyle Spearrin
3a1e24976b move migrator project to util 2019-03-25 13:23:50 -04:00
Kyle Spearrin
28884c3330 move migrations to migrator project 2019-03-25 13:21:05 -04:00
Kyle Spearrin
f7c6dcb067 depends on 2019-03-25 09:23:50 -04:00
Kyle Spearrin
ce9016acfb log to console is not quiet 2019-03-25 09:03:30 -04:00
Kyle Spearrin
7724109caa placeholders for random values 2019-03-15 11:19:52 -04:00
Kyle Spearrin
1adc6d04ed db password for stub 2019-03-15 11:13:35 -04:00
Kyle Spearrin
ff163a2859 cleanup 2019-03-15 11:10:18 -04:00
Kyle Spearrin
0f7963f79c stub install 2019-03-15 09:28:39 -04:00
Kyle Spearrin
b6f54324a5 quiet output for setup scripts 2019-03-12 10:26:14 -04:00
Kyle Spearrin
bae1884630 filter nulls from transaction gateway index 2019-03-08 16:57:14 -05:00
Kyle Spearrin
4bde147fc7 re-create UserCollectionDetails function 2019-03-08 07:56:25 -05:00
Kyle Spearrin
52e1ceace8 Revert "ignore xml comment warnings"
This reverts commit bca4f850a5.
2019-03-07 22:57:24 -05:00
Kyle Spearrin
bca4f850a5 ignore xml comment warnings 2019-03-07 17:09:29 -05:00
Kyle Spearrin
75f01a5774 collection externalId 2019-03-07 15:18:27 -05:00
Kyle Spearrin
00f3c476ae apis for getting user details 2019-03-05 23:22:43 -05:00
Kyle Spearrin
c4ac86d4f4 db changes for org api 2019-03-01 23:44:45 -05:00
Kyle Spearrin
3b951ce5cc update some libs 2019-02-14 15:33:51 -05:00
Kyle Spearrin
f70ececa9d get rid of premium renewal jobs for braintree 2019-02-14 10:18:27 -05:00
Kyle Spearrin
bc30f47331 is null, not = 2019-02-09 21:38:33 -05:00
Kyle Spearrin
44630e9728 handle transactions on paypal webhook 2019-02-01 22:22:08 -05:00
Kyle Spearrin
25f3b76e6b added transactions table 2019-01-31 16:45:01 -05:00
Kyle Spearrin
a07f37e093 ssl override, deprecate defaultCreds and authType 2019-01-22 21:28:56 -05:00
Kyle Spearrin
411e8a67f9 core => server updates 2019-01-18 22:20:05 -05:00
Kyle Spearrin
1a932de925 no longer need hibp in connect csp 2019-01-18 22:04:10 -05:00
Kyle Spearrin
ca22a007f6 noindex,nofollow 2019-01-17 16:45:53 -05:00
Kyle Spearrin
bc3013b82b robots noindex self-hosted web vault 2019-01-17 16:27:40 -05:00
Kyle Spearrin
4a38713c4b return twofactor enabled property on org users api 2018-12-19 11:48:36 -05:00
Kyle Spearrin
9a48e6f29a add twofactorauth.org to CSP 2018-12-12 10:16:02 -05:00
Kyle Spearrin
32f686cba6 allow blobs in object-src CSP 2018-11-06 22:26:41 -05:00
Kyle Spearrin
f60d6d92f8 trim quotes from env file value 2018-11-06 16:31:11 -05:00
Kyle Spearrin
bb1860d861 read connection string from env file for migration 2018-10-31 23:32:22 -04:00
Kyle Spearrin
5136b191f1 com.bitwarden.project label to setup dockerfile 2018-10-31 10:00:18 -04:00
Kyle Spearrin
826f439618 fix org id in sproc 2018-10-22 14:39:42 -04:00
Kyle Spearrin
0b166a080e limit collection scope option when creating cipher 2018-10-22 14:09:55 -04:00
Kyle Spearrin
c710226223 set cipher id to limit collection scope 2018-10-22 10:15:03 -04:00
Kyle Spearrin
4e8a313d3d dont set userid on cipher if orgid is set 2018-10-22 10:06:05 -04:00
Kyle Spearrin
22033d075d increase group name length to 100 2018-10-22 09:34:26 -04:00
Kyle Spearrin
96b492fa07 apis for creating ciphers with org & collections 2018-10-19 12:07:31 -04:00
SoulSeekkor
976869c968 Fixed various typos. (#378) 2018-10-18 11:41:49 -04:00
Kyle Spearrin
45a77c8903 manager group user apis 2018-10-18 08:38:22 -04:00
Kyle Spearrin
33bfd12b7d apis for managing collection users 2018-10-17 22:18:03 -04:00
Kyle Spearrin
7db36e0005 api adjustments for manager role and collections 2018-10-17 14:58:45 -04:00
Kyle Spearrin
01d2306a07 update packages 2018-10-14 22:21:59 -04:00
Kyle Spearrin
5812915677 database maintenance jobs setup in admin 2018-10-09 10:12:27 -04:00
Kyle Spearrin
59279b4990 bump docker image version refs 2018-10-08 16:14:22 -04:00
Kyle Spearrin
7176e0ea22 update packages 2018-10-05 14:05:52 -04:00
Kyle Spearrin
c16825f8be check if has port, resolves #365 2018-09-26 16:53:37 -04:00
Kyle Spearrin
7164f378fc purge org vault 2018-09-25 09:12:50 -04:00
Kyle Spearrin
fd8f5be117 new line 2018-09-17 15:18:49 -04:00
Kyle Spearrin
5d9804bded added more info to warning 2018-09-17 15:00:29 -04:00
Kyle Spearrin
ce309c27d4 update to aspnet 2.1.4 2018-09-11 13:29:34 -04:00
Kyle Spearrin
6a75a60a36 learn more about docker volumes 2018-09-04 08:21:49 -04:00
Kyle Spearrin
34a7bcdc1b move config class out to its own file 2018-09-03 21:12:24 -04:00
Kyle Spearrin
6b8fdc1a98 add X-Frame-Options specifically 2018-08-31 22:37:49 -04:00
Kyle Spearrin
b2d63b2383 reassign security headers 2018-08-31 17:02:49 -04:00
Kyle Spearrin
aeca706302 include security headers 2018-08-31 12:55:54 -04:00
Kyle Spearrin
566471cae8 enabled X-Frame-Options header 2018-08-31 12:16:36 -04:00
Kyle Spearrin
d4c35a98b7 allow configurable ssl protocols and ciphersuites 2018-08-31 12:11:44 -04:00
Kyle Spearrin
7a6d09a28e refs and installation complete message 2018-08-31 09:16:01 -04:00
Kyle Spearrin
477d665104 compose version config variable 2018-08-30 23:32:18 -04:00
Kyle Spearrin
edac914ebd update comments 2018-08-30 23:06:40 -04:00
Kyle Spearrin
053a89fdb0 cleanup comments 2018-08-30 22:46:51 -04:00
Kyle Spearrin
a3744facc7 remove install complete message 2018-08-30 22:36:45 -04:00
Kyle Spearrin
c87ce222eb contains checks for nginx conf config.yml build 2018-08-30 22:30:31 -04:00
Kyle Spearrin
5a44ce4f0e fix compose template indention 2018-08-30 16:40:06 -04:00
Kyle Spearrin
69605fab5b rebuild instructions 2018-08-30 16:09:18 -04:00
Kyle Spearrin
310e6bcf61 convert setup to use config.yml 2018-08-30 11:35:44 -04:00
Kyle Spearrin
c41a1e0936 CanAccessPremium checks instead of User.Premium 2018-08-28 16:23:58 -04:00
Kyle Spearrin
816bf1546e global.env for all aspnet containers 2018-08-24 16:28:49 -04:00
Kyle Spearrin
53caacb870 fix availablecollections queries for groups join 2018-08-23 23:46:18 -04:00
Kyle Spearrin
a275af6366 proxy_pass to /hub 2018-08-21 12:47:13 -04:00
Kyle Spearrin
43eaedeee4 proxy headers for websockets 2018-08-21 12:43:18 -04:00
Kyle Spearrin
7a5d3c3795 set connection header for signalr hub 2018-08-21 12:12:33 -04:00
Kyle Spearrin
fb92f67053 add websockets to CSP 2018-08-21 11:54:03 -04:00
Kyle Spearrin
ca3ecc0163 build and include notifications docker 2018-08-17 18:14:25 -04:00
Kyle Spearrin
1ffa712b75 more notification hub renames 2018-08-16 13:50:41 -04:00
Kyle Spearrin
28e6783a00 hub api notifications 2018-08-16 12:05:01 -04:00
Kyle Spearrin
ff01ce5ca7 internal identity authorization 2018-08-15 18:43:26 -04:00
Kyle Spearrin
0932189ccb support for user defined kdf parameters 2018-08-14 15:30:04 -04:00
Kyle Spearrin
20f45ca2de update ssl ciphers to mozilla recommendations 2018-08-14 08:42:01 -04:00
Simon
f08ff966b0 Hardening nginx, allow TLSv1.2 with the most secure cipher suites only (#340)
* Hardening nginx, allow TLSv1.2 with the most secure cipher suites only

* Ciphers added to allow more browsers to connect
2018-08-14 08:37:24 -04:00
Kyle Spearrin
06d5b4af29 turn off database autoclose 2018-08-09 16:57:15 -04:00
Kyle Spearrin
fb2ee6aaea no longer need to provide netcoreapp flag 2018-08-06 09:11:27 -04:00
Kyle Spearrin
58d29cc4a8 consolidate some deps 2018-08-03 23:57:15 -04:00
Kyle Spearrin
1052951a96 restore on build. remove ps1 build scripts 2018-08-01 10:32:58 -04:00
Kyle Spearrin
61cda87574 update to .net / asp.net 2.1 2018-08-01 10:07:20 -04:00
Kyle Spearrin
6d22356caf allow gravatar in CSP 2018-07-30 23:56:09 -04:00
Kyle Spearrin
98fc54881b database tuning 2018-07-28 21:25:25 -04:00
Kyle Spearrin
545fb43dac improvements to collection user sproc 2018-07-23 10:31:45 -04:00
Kyle Spearrin
94c7fdebf5 device index and updated folder delete sproc 2018-07-23 09:52:22 -04:00
Kyle Spearrin
24aa0dc026 delete null creationdates too 2018-07-21 08:58:16 -04:00
Kyle Spearrin
941792bdd8 u2f db updates 2018-07-21 08:44:21 -04:00
Kyle Spearrin
4c399aaf0d new grant cleanup sproc 2018-07-20 23:08:10 -04:00
Mark Anthony Cianfrani
c227beb510 added basic constraints configuration for self signed certificates (#327) 2018-07-20 22:17:49 -04:00
Kyle Spearrin
05b1c1cf9b move all security headers to web vault location 2018-07-20 14:13:24 -04:00
Kyle Spearrin
0070d23dab csp is only for web vault 2018-07-20 14:11:20 -04:00
Kyle Spearrin
c4c0c81d14 null error output of cert copy 2018-07-19 17:33:53 -04:00
Kyle Spearrin
8c208d4d34 missing semicolon 2018-07-19 17:01:57 -04:00
Kyle Spearrin
dea76e8e01 wrap csp in quotes 2018-07-19 16:49:01 -04:00
Kyle Spearrin
511b1cbbb6 load ca certs on setup 2018-07-19 16:45:27 -04:00
Kyle Spearrin
b0aef93597 move script back and move userview update up 2018-07-19 16:22:30 -04:00
Kyle Spearrin
266fc579f2 cleanup installer. break apart update script 2018-07-19 16:01:54 -04:00