1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-29 13:25:17 +01:00
Commit Graph

601 Commits

Author SHA1 Message Date
Kyle Spearrin
f3f1ac57d2 refactor policy apis 2020-01-20 08:53:15 -05:00
Mart124
d9181045c9 Stop mssql gently (#641) 2020-01-16 14:25:06 -08:00
Kyle Spearrin
ff8731c82f add usepolicies to org profile object 2020-01-15 15:17:32 -05:00
Kyle Spearrin
e8054df5b4 use policies property for orgs 2020-01-15 15:00:54 -05:00
Kyle Spearrin
58faf5266b policy events 2020-01-15 09:43:49 -05:00
Kyle Spearrin
57a491d58b aspnet image 2020-01-13 15:07:52 -05:00
Kyle Spearrin
6efb7fcbfd add routing for server 2020-01-13 11:14:50 -05:00
Kyle Spearrin
b1e8d16b9d update some libs 2020-01-13 09:33:12 -05:00
Kyle Spearrin
47b50e48ef update libs 2020-01-10 16:14:16 -05:00
Kyle Spearrin
29580684a3 upgrade to aspnet core 3.1 2020-01-10 08:33:13 -05:00
Kyle Spearrin
4e4644e17d stub out organization policy db schema 2020-01-06 14:26:48 -05:00
Mart124
9bb6476f53 Typo (#613)
* Update logrotate.sh

* Update backup-db.sh
2019-11-25 10:36:06 -05:00
Mart124
8b5e37d349 Update .dockerignore (#612) 2019-11-25 10:08:14 -05:00
Kyle Spearrin
2cf8b88fbb dont exec 2019-11-25 09:25:11 -05:00
Kyle Spearrin
980e19884d exec gosu 2019-11-25 09:22:42 -05:00
Mart124
35a5dd95bb DB backups without cron (#608)
* Update backup-db.sh

* Update entrypoint.sh

* Update Dockerfile

* Delete crontab

* Update backup-db.sh

* don't bother with log files

all is already in /var/opt/mssql/log/errorlog

* Use gosu
2019-11-25 08:35:52 -05:00
Mart124
47bda1e6d0 Rotate nginx logs (#601)
* Rotate nginx logs

* Create logrotate.sh

* Update Dockerfile

* Update entrypoint.sh

* Update Dockerfile

* Update logrotate.sh

* No reason to disable logrotate

* Update logrotate.sh

* Update entrypoint.sh

* typo

* Avoid useless output

* Use gosu
2019-11-25 08:34:47 -05:00
Mart124
6950dcae8b Install tzdata package (#606) 2019-11-22 09:52:17 -05:00
Kyle Spearrin
8f3df46075 remove black hole for telemetry 2019-11-20 09:47:46 -05:00
Kyle Spearrin
fe3378b483 try internal network by default 2019-11-20 08:09:53 -05:00
Kyle Spearrin
c27b72e019 private network for some containers 2019-11-20 07:35:42 -05:00
Kyle Spearrin
63c3d5342c undo admin host port header 2019-10-17 14:40:05 -04:00
Kyle Spearrin
0a7727dc27 port to host header for admin 2019-10-17 14:20:49 -04:00
Kyle Spearrin
dfeb2aad5c no server port test 2019-10-17 14:04:22 -04:00
Kyle Spearrin
b040229933 add server_port to host proxy header 2019-10-17 13:30:41 -04:00
Mart124
6f91b693d9 Increase self-signed certs duration (#570) 2019-10-02 10:26:07 -04:00
Kyle Spearrin
c0bc5a0361 bitwarden update script without .sh suffix 2019-08-22 15:19:06 -04:00
Kyle Spearrin
5f4c7eb122 add q9 secondary dns resolver 2019-08-05 07:36:31 -04:00
h-town
d081d0fc4d Revise hard-coded ssl resolver to Cloudflare & Quad9 (#543)
Google (terrible) and OpenDNS (questionable at best) are not ideal for privacy-minded users.  Both Cloudflare DNS and Quad9 at least claim to drop logs, each of them have widely-reported response times, and they're sufficiently established with over a year of service.
2019-08-05 07:34:29 -04:00
Kyle Spearrin
8dabba984d fix nginx healthcheck 2019-07-27 21:54:06 -04:00
Kyle Spearrin
0793cb6167 healthcheck for attachments server 2019-07-26 20:31:45 -04:00
Kyle Spearrin
310e0115d5 add port to health check 2019-07-26 14:24:39 -04:00
Kyle Spearrin
2ea244c723 healthcheck cmd 2019-07-26 14:04:45 -04:00
Kyle Spearrin
b7f3fa0087 try fixing curl install again 2019-07-26 13:21:46 -04:00
Kyle Spearrin
82a8249a69 fix curl error 2019-07-26 13:12:20 -04:00
Kyle Spearrin
d2bf308c10 fix sqlcmd path on healthcheck 2019-07-26 12:52:39 -04:00
Kyle Spearrin
bba0206bb7 alive check for nginx 2019-07-26 12:43:06 -04:00
Kyle Spearrin
29f0a2aa12 mssql healthcheck 2019-07-26 12:16:38 -04:00
Kyle Spearrin
a23e081397 update some libs 2019-07-23 16:58:40 -04:00
Kyle Spearrin
94188fa0b5 update to net core 2.2 2019-07-23 16:38:49 -04:00
Kyle Spearrin
3422df325b HIBP api key in env variables 2019-07-22 21:24:04 -04:00
Kyle Spearrin
242e509b9d set en-US as default current culture 2019-07-11 15:03:17 -04:00
Kyle Spearrin
f97539d558 build events container into docker deployment 2019-07-09 14:49:34 -04:00
Kyle Spearrin
35804e10cf collection cipher query improvements 2019-05-28 23:55:47 -04:00
Kyle Spearrin
d34cde7579 group name fix 2019-05-15 22:38:52 -04:00
Kyle Spearrin
e6fc0f9548 real_ips uses this in template 2019-05-15 22:11:22 -04:00
Kyle Spearrin
6381634a92 update libs 2019-05-11 20:56:49 -04:00
Kyle Spearrin
33845d372f bump dockerfile dep versions 2019-05-07 11:14:37 -04:00
Cédric Laubacher
afdf29da78 Update NGINX Dockerfile to latest stable version (#490) 2019-05-03 07:37:32 -04:00
Kyle Spearrin
b4148d3532 fix issues on cipher admin endpoints 2019-05-01 09:38:13 -04:00
Kyle Spearrin
044f21df29 indenting 2019-04-27 23:13:14 -04:00
Kyle Spearrin
b935b16cb8 more real_ip config values for nginx 2019-04-27 23:11:57 -04:00
Kyle Spearrin
d8204341a4 add semicolon 2019-04-26 12:44:44 -04:00
Kyle Spearrin
6dc2e1b328 real ips config 2019-04-26 12:26:54 -04:00
Kyle Spearrin
acfacf69a2 Revert "--with-http_realip_module"
This reverts commit f951304f11.
2019-04-26 12:10:22 -04:00
Kyle Spearrin
f951304f11 --with-http_realip_module 2019-04-26 11:09:12 -04:00
Kyle Spearrin
bc94c36cfc formatting 2019-04-14 22:46:11 -04:00
Robin van Boven
03bcce1e73 Support reading a file for the SA_PASSWORD for swarm security. (#477) 2019-04-14 22:41:59 -04:00
Kyle Spearrin
085c13f508 next step is just start 2019-03-25 16:24:16 -04:00
Kyle Spearrin
5da0edb412 include bit. namespace prefix 2019-03-25 15:59:12 -04:00
Kyle Spearrin
1bd4d39136 bypass log filter on migrator 2019-03-25 15:20:54 -04:00
Kyle Spearrin
b2045b92b4 update depends on 2019-03-25 14:48:06 -04:00
Kyle Spearrin
3a1e24976b move migrator project to util 2019-03-25 13:23:50 -04:00
Kyle Spearrin
28884c3330 move migrations to migrator project 2019-03-25 13:21:05 -04:00
Kyle Spearrin
f7c6dcb067 depends on 2019-03-25 09:23:50 -04:00
Kyle Spearrin
ce9016acfb log to console is not quiet 2019-03-25 09:03:30 -04:00
Kyle Spearrin
7724109caa placeholders for random values 2019-03-15 11:19:52 -04:00
Kyle Spearrin
1adc6d04ed db password for stub 2019-03-15 11:13:35 -04:00
Kyle Spearrin
ff163a2859 cleanup 2019-03-15 11:10:18 -04:00
Kyle Spearrin
0f7963f79c stub install 2019-03-15 09:28:39 -04:00
Kyle Spearrin
b6f54324a5 quiet output for setup scripts 2019-03-12 10:26:14 -04:00
Kyle Spearrin
bae1884630 filter nulls from transaction gateway index 2019-03-08 16:57:14 -05:00
Kyle Spearrin
4bde147fc7 re-create UserCollectionDetails function 2019-03-08 07:56:25 -05:00
Kyle Spearrin
52e1ceace8 Revert "ignore xml comment warnings"
This reverts commit bca4f850a5.
2019-03-07 22:57:24 -05:00
Kyle Spearrin
faf26ce84f Revert "ignore xml comment warnings"
This reverts commit ec60be2f5d.
2019-03-07 22:57:11 -05:00
Kyle Spearrin
ec60be2f5d ignore xml comment warnings 2019-03-07 17:10:29 -05:00
Kyle Spearrin
bca4f850a5 ignore xml comment warnings 2019-03-07 17:09:29 -05:00
Kyle Spearrin
75f01a5774 collection externalId 2019-03-07 15:18:27 -05:00
Kyle Spearrin
00f3c476ae apis for getting user details 2019-03-05 23:22:43 -05:00
Kyle Spearrin
c4ac86d4f4 db changes for org api 2019-03-01 23:44:45 -05:00
Kyle Spearrin
897d913e57 fix paths in motd 2019-02-21 14:12:35 -05:00
Kyle Spearrin
f180f080f9 fabric updates 2019-02-21 13:53:38 -05:00
Kyle Spearrin
49fab18d40 DO fabric fixes 2019-02-21 13:10:35 -05:00
Kyle Spearrin
fa60241c9c do marketplace fabric scripts 2019-02-21 12:39:02 -05:00
Kyle Spearrin
3b951ce5cc update some libs 2019-02-14 15:33:51 -05:00
Kyle Spearrin
f70ececa9d get rid of premium renewal jobs for braintree 2019-02-14 10:18:27 -05:00
Kyle Spearrin
bc30f47331 is null, not = 2019-02-09 21:38:33 -05:00
Kyle Spearrin
44630e9728 handle transactions on paypal webhook 2019-02-01 22:22:08 -05:00
Kyle Spearrin
25f3b76e6b added transactions table 2019-01-31 16:45:01 -05:00
Kyle Spearrin
a07f37e093 ssl override, deprecate defaultCreds and authType 2019-01-22 21:28:56 -05:00
Kyle Spearrin
411e8a67f9 core => server updates 2019-01-18 22:20:05 -05:00
Kyle Spearrin
1a932de925 no longer need hibp in connect csp 2019-01-18 22:04:10 -05:00
Kyle Spearrin
ca22a007f6 noindex,nofollow 2019-01-17 16:45:53 -05:00
Kyle Spearrin
bc3013b82b robots noindex self-hosted web vault 2019-01-17 16:27:40 -05:00
Kyle Spearrin
4a38713c4b return twofactor enabled property on org users api 2018-12-19 11:48:36 -05:00
Kyle Spearrin
9a48e6f29a add twofactorauth.org to CSP 2018-12-12 10:16:02 -05:00
gruzilla
e83325dd09 adds EXPOSE 8080 to Dockerfile to be coherent to nginx default config (#403)
* adds EXPOSE 8080 to Dockerfile to be coherent to nginx default config

* adds EXPOSE 8443 to Dockerfile to be coherent to nginx default SSL config
2018-11-16 08:56:12 -05:00
Kyle Spearrin
32f686cba6 allow blobs in object-src CSP 2018-11-06 22:26:41 -05:00
Kyle Spearrin
f60d6d92f8 trim quotes from env file value 2018-11-06 16:31:11 -05:00
Kyle Spearrin
bb1860d861 read connection string from env file for migration 2018-10-31 23:32:22 -04:00
Kyle Spearrin
5136b191f1 com.bitwarden.project label to setup dockerfile 2018-10-31 10:00:18 -04:00
SoulSeekkor
8bd6d830e6 Updated to SQL CU12 and to use new Microsoft servers for docker image. (#384) 2018-10-25 16:19:30 -04:00
Kyle Spearrin
826f439618 fix org id in sproc 2018-10-22 14:39:42 -04:00
Kyle Spearrin
0b166a080e limit collection scope option when creating cipher 2018-10-22 14:09:55 -04:00
Kyle Spearrin
c710226223 set cipher id to limit collection scope 2018-10-22 10:15:03 -04:00
Kyle Spearrin
4e8a313d3d dont set userid on cipher if orgid is set 2018-10-22 10:06:05 -04:00
Kyle Spearrin
22033d075d increase group name length to 100 2018-10-22 09:34:26 -04:00
Kyle Spearrin
96b492fa07 apis for creating ciphers with org & collections 2018-10-19 12:07:31 -04:00
SoulSeekkor
976869c968 Fixed various typos. (#378) 2018-10-18 11:41:49 -04:00
Kyle Spearrin
45a77c8903 manager group user apis 2018-10-18 08:38:22 -04:00
Kyle Spearrin
33bfd12b7d apis for managing collection users 2018-10-17 22:18:03 -04:00
Kyle Spearrin
7db36e0005 api adjustments for manager role and collections 2018-10-17 14:58:45 -04:00
Kyle Spearrin
01d2306a07 update packages 2018-10-14 22:21:59 -04:00
Kyle Spearrin
5812915677 database maintenance jobs setup in admin 2018-10-09 10:12:27 -04:00
Kyle Spearrin
59279b4990 bump docker image version refs 2018-10-08 16:14:22 -04:00
Kyle Spearrin
7176e0ea22 update packages 2018-10-05 14:05:52 -04:00
Kyle Spearrin
c16825f8be check if has port, resolves #365 2018-09-26 16:53:37 -04:00
Kyle Spearrin
7164f378fc purge org vault 2018-09-25 09:12:50 -04:00
Kyle Spearrin
fd8f5be117 new line 2018-09-17 15:18:49 -04:00
Kyle Spearrin
5d9804bded added more info to warning 2018-09-17 15:00:29 -04:00
Kyle Spearrin
ce309c27d4 update to aspnet 2.1.4 2018-09-11 13:29:34 -04:00
Kyle Spearrin
fceef7133e touch more cron files to fix hardlinks 2018-09-05 11:47:57 -04:00
Kyle Spearrin
6a75a60a36 learn more about docker volumes 2018-09-04 08:21:49 -04:00
Kyle Spearrin
34a7bcdc1b move config class out to its own file 2018-09-03 21:12:24 -04:00
Kyle Spearrin
6b8fdc1a98 add X-Frame-Options specifically 2018-08-31 22:37:49 -04:00
Kyle Spearrin
b2d63b2383 reassign security headers 2018-08-31 17:02:49 -04:00
Kyle Spearrin
9eae04a9c7 dont ignore new security header conf 2018-08-31 13:00:45 -04:00
Kyle Spearrin
aeca706302 include security headers 2018-08-31 12:55:54 -04:00
Kyle Spearrin
566471cae8 enabled X-Frame-Options header 2018-08-31 12:16:36 -04:00
Kyle Spearrin
d4c35a98b7 allow configurable ssl protocols and ciphersuites 2018-08-31 12:11:44 -04:00
Kyle Spearrin
7a6d09a28e refs and installation complete message 2018-08-31 09:16:01 -04:00
Ndr
f0ca4450d7 Move nginx.pid to directory with write permission (#350)
* Moving nginx.pid in /var/run/nginx

/var/run/nginx is owned by our application user, allowing it to delete nginx.pid

* Update nginx.pid filepath
2018-08-31 08:10:56 -04:00
Kyle Spearrin
477d665104 compose version config variable 2018-08-30 23:32:18 -04:00
Kyle Spearrin
edac914ebd update comments 2018-08-30 23:06:40 -04:00
Kyle Spearrin
053a89fdb0 cleanup comments 2018-08-30 22:46:51 -04:00
Kyle Spearrin
a3744facc7 remove install complete message 2018-08-30 22:36:45 -04:00
Kyle Spearrin
c87ce222eb contains checks for nginx conf config.yml build 2018-08-30 22:30:31 -04:00
Kyle Spearrin
5a44ce4f0e fix compose template indention 2018-08-30 16:40:06 -04:00
Kyle Spearrin
69605fab5b rebuild instructions 2018-08-30 16:09:18 -04:00
Kyle Spearrin
310e6bcf61 convert setup to use config.yml 2018-08-30 11:35:44 -04:00
Kyle Spearrin
c41a1e0936 CanAccessPremium checks instead of User.Premium 2018-08-28 16:23:58 -04:00
Kyle Spearrin
816bf1546e global.env for all aspnet containers 2018-08-24 16:28:49 -04:00
Kyle Spearrin
53caacb870 fix availablecollections queries for groups join 2018-08-23 23:46:18 -04:00
Kyle Spearrin
a275af6366 proxy_pass to /hub 2018-08-21 12:47:13 -04:00
Kyle Spearrin
43eaedeee4 proxy headers for websockets 2018-08-21 12:43:18 -04:00
Kyle Spearrin
7a5d3c3795 set connection header for signalr hub 2018-08-21 12:12:33 -04:00
Kyle Spearrin
fb92f67053 add websockets to CSP 2018-08-21 11:54:03 -04:00
Kyle Spearrin
ca3ecc0163 build and include notifications docker 2018-08-17 18:14:25 -04:00
Kyle Spearrin
1ffa712b75 more notification hub renames 2018-08-16 13:50:41 -04:00
Kyle Spearrin
28e6783a00 hub api notifications 2018-08-16 12:05:01 -04:00
Kyle Spearrin
ff01ce5ca7 internal identity authorization 2018-08-15 18:43:26 -04:00
Kyle Spearrin
580e9e51e5 remove mail and function projects 2018-08-14 22:09:41 -04:00
Kyle Spearrin
0932189ccb support for user defined kdf parameters 2018-08-14 15:30:04 -04:00
Kyle Spearrin
20f45ca2de update ssl ciphers to mozilla recommendations 2018-08-14 08:42:01 -04:00
Simon
f08ff966b0 Hardening nginx, allow TLSv1.2 with the most secure cipher suites only (#340)
* Hardening nginx, allow TLSv1.2 with the most secure cipher suites only

* Ciphers added to allow more browsers to connect
2018-08-14 08:37:24 -04:00
Kyle Spearrin
06d5b4af29 turn off database autoclose 2018-08-09 16:57:15 -04:00
Kyle Spearrin
5e0668077f special config for webVault 2018-08-07 15:04:11 -04:00
Kyle Spearrin
68bd755dc5 remove console log 2018-08-07 14:27:32 -04:00
Kyle Spearrin
de80139851 write path to console 2018-08-07 14:05:40 -04:00
Kyle Spearrin
36cf628a63 add static files caching 2018-08-07 12:49:00 -04:00
Kyle Spearrin
e6aaddaed1 switch kestrel back to libuv til bugs are fixed 2018-08-06 16:42:55 -04:00
Kyle Spearrin
fb2ee6aaea no longer need to provide netcoreapp flag 2018-08-06 09:11:27 -04:00
Kyle Spearrin
58d29cc4a8 consolidate some deps 2018-08-03 23:57:15 -04:00
Kyle Spearrin
3f0186f17a update mssql and nginx deps 2018-08-01 10:38:12 -04:00
Kyle Spearrin
1052951a96 restore on build. remove ps1 build scripts 2018-08-01 10:32:58 -04:00
Kyle Spearrin
61cda87574 update to .net / asp.net 2.1 2018-08-01 10:07:20 -04:00
Kyle Spearrin
0685023e1d update libs 2018-08-01 07:53:17 -04:00
Kyle Spearrin
6d22356caf allow gravatar in CSP 2018-07-30 23:56:09 -04:00
Kyle Spearrin
98fc54881b database tuning 2018-07-28 21:25:25 -04:00
Kyle Spearrin
545fb43dac improvements to collection user sproc 2018-07-23 10:31:45 -04:00
Kyle Spearrin
94c7fdebf5 device index and updated folder delete sproc 2018-07-23 09:52:22 -04:00
Kyle Spearrin
24aa0dc026 delete null creationdates too 2018-07-21 08:58:16 -04:00
Kyle Spearrin
941792bdd8 u2f db updates 2018-07-21 08:44:21 -04:00
Kyle Spearrin
4c399aaf0d new grant cleanup sproc 2018-07-20 23:08:10 -04:00
Mark Anthony Cianfrani
c227beb510 added basic constraints configuration for self signed certificates (#327) 2018-07-20 22:17:49 -04:00
Kyle Spearrin
05b1c1cf9b move all security headers to web vault location 2018-07-20 14:13:24 -04:00
Kyle Spearrin
0070d23dab csp is only for web vault 2018-07-20 14:11:20 -04:00
Kyle Spearrin
c4c0c81d14 null error output of cert copy 2018-07-19 17:33:53 -04:00
Kyle Spearrin
8c208d4d34 missing semicolon 2018-07-19 17:01:57 -04:00
Kyle Spearrin
dea76e8e01 wrap csp in quotes 2018-07-19 16:49:01 -04:00
Kyle Spearrin
511b1cbbb6 load ca certs on setup 2018-07-19 16:45:27 -04:00
Kyle Spearrin
b0aef93597 move script back and move userview update up 2018-07-19 16:22:30 -04:00
Kyle Spearrin
266fc579f2 cleanup installer. break apart update script 2018-07-19 16:01:54 -04:00
Kyle Spearrin
a66af41d2b csp header on nginx 2018-07-18 23:06:25 -04:00
Kyle Spearrin
61806cd8ac sql update script fixes 2018-07-17 21:41:16 -04:00
Kyle Spearrin
938b7f1230 premium renewal reminders job for braintree 2018-07-12 23:23:41 -04:00
Kyle Spearrin
476ee53931 add renewal reminder date prop to users 2018-07-12 17:35:01 -04:00
Kyle Spearrin
de552be25f apis for bulk sharing 2018-06-13 14:03:44 -04:00
Kyle Spearrin
ebb1f9e1a8 use temp tables for better execution plans 2018-06-12 13:24:13 -04:00
Kyle Spearrin
74874a1c38 return collection readonly details 2018-06-11 14:25:53 -04:00
Mart124
b3c48fd3fa Add a bitwarden label to docker images (#305)
* Add a bitwarden label to docker images

* Prefix label with reverse DNS
2018-06-09 08:17:16 -04:00
Kyle Spearrin
6f1f2305e3 sleep for 20 seconds between migrate re-tries 2018-05-31 22:11:08 -04:00
Mart124
92b08e6cf1 Rework service user (#299)
* Use user primary group if not root

* Do not run getent on MacOS

* Simplify UID/GID management

* Make uid.env backward compatible in run.sh

* Merge install.sh with run.sh to avoid duplicating code

Especially the UID/GID management one

* Generate correct OS name

* Be sure to keep old behavior for backward compatiblilty

* Get the colors back from install.sh
2018-05-31 12:05:26 -04:00
Kyle Spearrin
1ead0af77e update mssql to CU7 2018-05-29 08:19:34 -04:00
Mart124
8471f558e3 Improve mssql backups (#298)
* Improve mssql backups

* Launch DB backup at 23:59
2018-05-29 08:17:43 -04:00
Mart124
1b1ec7629b Workaround to disable mssql telemetry in DockerFile (#294) 2018-05-24 15:56:55 -04:00
Mart124
ffe5f37a64 Workaround to disable mssql telemetry (#293) 2018-05-24 15:36:46 -04:00
Kyle Spearrin
4dbea821a4 Revert "chown mssql.conf"
This reverts commit 3bd5a82afa.
2018-05-21 15:42:37 -04:00
Kyle Spearrin
8f13361705 set nsubjectAltName od self signed certs 2018-05-21 15:41:15 -04:00
Kyle Spearrin
3bd5a82afa chown mssql.conf 2018-05-21 14:09:04 -04:00