Kyle Spearrin
f3f1ac57d2
refactor policy apis
2020-01-20 08:53:15 -05:00
Mart124
d9181045c9
Stop mssql gently ( #641 )
2020-01-16 14:25:06 -08:00
Kyle Spearrin
ff8731c82f
add usepolicies to org profile object
2020-01-15 15:17:32 -05:00
Kyle Spearrin
e8054df5b4
use policies property for orgs
2020-01-15 15:00:54 -05:00
Kyle Spearrin
58faf5266b
policy events
2020-01-15 09:43:49 -05:00
Kyle Spearrin
57a491d58b
aspnet image
2020-01-13 15:07:52 -05:00
Kyle Spearrin
6efb7fcbfd
add routing for server
2020-01-13 11:14:50 -05:00
Kyle Spearrin
b1e8d16b9d
update some libs
2020-01-13 09:33:12 -05:00
Kyle Spearrin
47b50e48ef
update libs
2020-01-10 16:14:16 -05:00
Kyle Spearrin
29580684a3
upgrade to aspnet core 3.1
2020-01-10 08:33:13 -05:00
Kyle Spearrin
4e4644e17d
stub out organization policy db schema
2020-01-06 14:26:48 -05:00
Mart124
9bb6476f53
Typo ( #613 )
...
* Update logrotate.sh
* Update backup-db.sh
2019-11-25 10:36:06 -05:00
Mart124
8b5e37d349
Update .dockerignore ( #612 )
2019-11-25 10:08:14 -05:00
Kyle Spearrin
2cf8b88fbb
dont exec
2019-11-25 09:25:11 -05:00
Kyle Spearrin
980e19884d
exec gosu
2019-11-25 09:22:42 -05:00
Mart124
35a5dd95bb
DB backups without cron ( #608 )
...
* Update backup-db.sh
* Update entrypoint.sh
* Update Dockerfile
* Delete crontab
* Update backup-db.sh
* don't bother with log files
all is already in /var/opt/mssql/log/errorlog
* Use gosu
2019-11-25 08:35:52 -05:00
Mart124
47bda1e6d0
Rotate nginx logs ( #601 )
...
* Rotate nginx logs
* Create logrotate.sh
* Update Dockerfile
* Update entrypoint.sh
* Update Dockerfile
* Update logrotate.sh
* No reason to disable logrotate
* Update logrotate.sh
* Update entrypoint.sh
* typo
* Avoid useless output
* Use gosu
2019-11-25 08:34:47 -05:00
Mart124
6950dcae8b
Install tzdata package ( #606 )
2019-11-22 09:52:17 -05:00
Kyle Spearrin
8f3df46075
remove black hole for telemetry
2019-11-20 09:47:46 -05:00
Kyle Spearrin
fe3378b483
try internal network by default
2019-11-20 08:09:53 -05:00
Kyle Spearrin
c27b72e019
private network for some containers
2019-11-20 07:35:42 -05:00
Kyle Spearrin
63c3d5342c
undo admin host port header
2019-10-17 14:40:05 -04:00
Kyle Spearrin
0a7727dc27
port to host header for admin
2019-10-17 14:20:49 -04:00
Kyle Spearrin
dfeb2aad5c
no server port test
2019-10-17 14:04:22 -04:00
Kyle Spearrin
b040229933
add server_port to host proxy header
2019-10-17 13:30:41 -04:00
Mart124
6f91b693d9
Increase self-signed certs duration ( #570 )
2019-10-02 10:26:07 -04:00
Kyle Spearrin
c0bc5a0361
bitwarden update script without .sh suffix
2019-08-22 15:19:06 -04:00
Kyle Spearrin
5f4c7eb122
add q9 secondary dns resolver
2019-08-05 07:36:31 -04:00
h-town
d081d0fc4d
Revise hard-coded ssl resolver to Cloudflare & Quad9 ( #543 )
...
Google (terrible) and OpenDNS (questionable at best) are not ideal for privacy-minded users. Both Cloudflare DNS and Quad9 at least claim to drop logs, each of them have widely-reported response times, and they're sufficiently established with over a year of service.
2019-08-05 07:34:29 -04:00
Kyle Spearrin
8dabba984d
fix nginx healthcheck
2019-07-27 21:54:06 -04:00
Kyle Spearrin
0793cb6167
healthcheck for attachments server
2019-07-26 20:31:45 -04:00
Kyle Spearrin
310e0115d5
add port to health check
2019-07-26 14:24:39 -04:00
Kyle Spearrin
2ea244c723
healthcheck cmd
2019-07-26 14:04:45 -04:00
Kyle Spearrin
b7f3fa0087
try fixing curl install again
2019-07-26 13:21:46 -04:00
Kyle Spearrin
82a8249a69
fix curl error
2019-07-26 13:12:20 -04:00
Kyle Spearrin
d2bf308c10
fix sqlcmd path on healthcheck
2019-07-26 12:52:39 -04:00
Kyle Spearrin
bba0206bb7
alive check for nginx
2019-07-26 12:43:06 -04:00
Kyle Spearrin
29f0a2aa12
mssql healthcheck
2019-07-26 12:16:38 -04:00
Kyle Spearrin
a23e081397
update some libs
2019-07-23 16:58:40 -04:00
Kyle Spearrin
94188fa0b5
update to net core 2.2
2019-07-23 16:38:49 -04:00
Kyle Spearrin
3422df325b
HIBP api key in env variables
2019-07-22 21:24:04 -04:00
Kyle Spearrin
242e509b9d
set en-US as default current culture
2019-07-11 15:03:17 -04:00
Kyle Spearrin
f97539d558
build events container into docker deployment
2019-07-09 14:49:34 -04:00
Kyle Spearrin
35804e10cf
collection cipher query improvements
2019-05-28 23:55:47 -04:00
Kyle Spearrin
d34cde7579
group name fix
2019-05-15 22:38:52 -04:00
Kyle Spearrin
e6fc0f9548
real_ips uses this in template
2019-05-15 22:11:22 -04:00
Kyle Spearrin
6381634a92
update libs
2019-05-11 20:56:49 -04:00
Kyle Spearrin
33845d372f
bump dockerfile dep versions
2019-05-07 11:14:37 -04:00
Cédric Laubacher
afdf29da78
Update NGINX Dockerfile to latest stable version ( #490 )
2019-05-03 07:37:32 -04:00
Kyle Spearrin
b4148d3532
fix issues on cipher admin endpoints
2019-05-01 09:38:13 -04:00
Kyle Spearrin
044f21df29
indenting
2019-04-27 23:13:14 -04:00
Kyle Spearrin
b935b16cb8
more real_ip config values for nginx
2019-04-27 23:11:57 -04:00
Kyle Spearrin
d8204341a4
add semicolon
2019-04-26 12:44:44 -04:00
Kyle Spearrin
6dc2e1b328
real ips config
2019-04-26 12:26:54 -04:00
Kyle Spearrin
acfacf69a2
Revert "--with-http_realip_module"
...
This reverts commit f951304f11
.
2019-04-26 12:10:22 -04:00
Kyle Spearrin
f951304f11
--with-http_realip_module
2019-04-26 11:09:12 -04:00
Kyle Spearrin
bc94c36cfc
formatting
2019-04-14 22:46:11 -04:00
Robin van Boven
03bcce1e73
Support reading a file for the SA_PASSWORD for swarm security. ( #477 )
2019-04-14 22:41:59 -04:00
Kyle Spearrin
085c13f508
next step is just start
2019-03-25 16:24:16 -04:00
Kyle Spearrin
5da0edb412
include bit. namespace prefix
2019-03-25 15:59:12 -04:00
Kyle Spearrin
1bd4d39136
bypass log filter on migrator
2019-03-25 15:20:54 -04:00
Kyle Spearrin
b2045b92b4
update depends on
2019-03-25 14:48:06 -04:00
Kyle Spearrin
3a1e24976b
move migrator project to util
2019-03-25 13:23:50 -04:00
Kyle Spearrin
28884c3330
move migrations to migrator project
2019-03-25 13:21:05 -04:00
Kyle Spearrin
f7c6dcb067
depends on
2019-03-25 09:23:50 -04:00
Kyle Spearrin
ce9016acfb
log to console is not quiet
2019-03-25 09:03:30 -04:00
Kyle Spearrin
7724109caa
placeholders for random values
2019-03-15 11:19:52 -04:00
Kyle Spearrin
1adc6d04ed
db password for stub
2019-03-15 11:13:35 -04:00
Kyle Spearrin
ff163a2859
cleanup
2019-03-15 11:10:18 -04:00
Kyle Spearrin
0f7963f79c
stub install
2019-03-15 09:28:39 -04:00
Kyle Spearrin
b6f54324a5
quiet output for setup scripts
2019-03-12 10:26:14 -04:00
Kyle Spearrin
bae1884630
filter nulls from transaction gateway index
2019-03-08 16:57:14 -05:00
Kyle Spearrin
4bde147fc7
re-create UserCollectionDetails function
2019-03-08 07:56:25 -05:00
Kyle Spearrin
52e1ceace8
Revert "ignore xml comment warnings"
...
This reverts commit bca4f850a5
.
2019-03-07 22:57:24 -05:00
Kyle Spearrin
faf26ce84f
Revert "ignore xml comment warnings"
...
This reverts commit ec60be2f5d
.
2019-03-07 22:57:11 -05:00
Kyle Spearrin
ec60be2f5d
ignore xml comment warnings
2019-03-07 17:10:29 -05:00
Kyle Spearrin
bca4f850a5
ignore xml comment warnings
2019-03-07 17:09:29 -05:00
Kyle Spearrin
75f01a5774
collection externalId
2019-03-07 15:18:27 -05:00
Kyle Spearrin
00f3c476ae
apis for getting user details
2019-03-05 23:22:43 -05:00
Kyle Spearrin
c4ac86d4f4
db changes for org api
2019-03-01 23:44:45 -05:00
Kyle Spearrin
897d913e57
fix paths in motd
2019-02-21 14:12:35 -05:00
Kyle Spearrin
f180f080f9
fabric updates
2019-02-21 13:53:38 -05:00
Kyle Spearrin
49fab18d40
DO fabric fixes
2019-02-21 13:10:35 -05:00
Kyle Spearrin
fa60241c9c
do marketplace fabric scripts
2019-02-21 12:39:02 -05:00
Kyle Spearrin
3b951ce5cc
update some libs
2019-02-14 15:33:51 -05:00
Kyle Spearrin
f70ececa9d
get rid of premium renewal jobs for braintree
2019-02-14 10:18:27 -05:00
Kyle Spearrin
bc30f47331
is null, not =
2019-02-09 21:38:33 -05:00
Kyle Spearrin
44630e9728
handle transactions on paypal webhook
2019-02-01 22:22:08 -05:00
Kyle Spearrin
25f3b76e6b
added transactions table
2019-01-31 16:45:01 -05:00
Kyle Spearrin
a07f37e093
ssl override, deprecate defaultCreds and authType
2019-01-22 21:28:56 -05:00
Kyle Spearrin
411e8a67f9
core => server updates
2019-01-18 22:20:05 -05:00
Kyle Spearrin
1a932de925
no longer need hibp in connect csp
2019-01-18 22:04:10 -05:00
Kyle Spearrin
ca22a007f6
noindex,nofollow
2019-01-17 16:45:53 -05:00
Kyle Spearrin
bc3013b82b
robots noindex self-hosted web vault
2019-01-17 16:27:40 -05:00
Kyle Spearrin
4a38713c4b
return twofactor enabled property on org users api
2018-12-19 11:48:36 -05:00
Kyle Spearrin
9a48e6f29a
add twofactorauth.org to CSP
2018-12-12 10:16:02 -05:00
gruzilla
e83325dd09
adds EXPOSE 8080 to Dockerfile to be coherent to nginx default config ( #403 )
...
* adds EXPOSE 8080 to Dockerfile to be coherent to nginx default config
* adds EXPOSE 8443 to Dockerfile to be coherent to nginx default SSL config
2018-11-16 08:56:12 -05:00
Kyle Spearrin
32f686cba6
allow blobs in object-src CSP
2018-11-06 22:26:41 -05:00
Kyle Spearrin
f60d6d92f8
trim quotes from env file value
2018-11-06 16:31:11 -05:00
Kyle Spearrin
bb1860d861
read connection string from env file for migration
2018-10-31 23:32:22 -04:00
Kyle Spearrin
5136b191f1
com.bitwarden.project label to setup dockerfile
2018-10-31 10:00:18 -04:00
SoulSeekkor
8bd6d830e6
Updated to SQL CU12 and to use new Microsoft servers for docker image. ( #384 )
2018-10-25 16:19:30 -04:00
Kyle Spearrin
826f439618
fix org id in sproc
2018-10-22 14:39:42 -04:00
Kyle Spearrin
0b166a080e
limit collection scope option when creating cipher
2018-10-22 14:09:55 -04:00
Kyle Spearrin
c710226223
set cipher id to limit collection scope
2018-10-22 10:15:03 -04:00
Kyle Spearrin
4e8a313d3d
dont set userid on cipher if orgid is set
2018-10-22 10:06:05 -04:00
Kyle Spearrin
22033d075d
increase group name length to 100
2018-10-22 09:34:26 -04:00
Kyle Spearrin
96b492fa07
apis for creating ciphers with org & collections
2018-10-19 12:07:31 -04:00
SoulSeekkor
976869c968
Fixed various typos. ( #378 )
2018-10-18 11:41:49 -04:00
Kyle Spearrin
45a77c8903
manager group user apis
2018-10-18 08:38:22 -04:00
Kyle Spearrin
33bfd12b7d
apis for managing collection users
2018-10-17 22:18:03 -04:00
Kyle Spearrin
7db36e0005
api adjustments for manager role and collections
2018-10-17 14:58:45 -04:00
Kyle Spearrin
01d2306a07
update packages
2018-10-14 22:21:59 -04:00
Kyle Spearrin
5812915677
database maintenance jobs setup in admin
2018-10-09 10:12:27 -04:00
Kyle Spearrin
59279b4990
bump docker image version refs
2018-10-08 16:14:22 -04:00
Kyle Spearrin
7176e0ea22
update packages
2018-10-05 14:05:52 -04:00
Kyle Spearrin
c16825f8be
check if has port, resolves #365
2018-09-26 16:53:37 -04:00
Kyle Spearrin
7164f378fc
purge org vault
2018-09-25 09:12:50 -04:00
Kyle Spearrin
fd8f5be117
new line
2018-09-17 15:18:49 -04:00
Kyle Spearrin
5d9804bded
added more info to warning
2018-09-17 15:00:29 -04:00
Kyle Spearrin
ce309c27d4
update to aspnet 2.1.4
2018-09-11 13:29:34 -04:00
Kyle Spearrin
fceef7133e
touch more cron files to fix hardlinks
2018-09-05 11:47:57 -04:00
Kyle Spearrin
6a75a60a36
learn more about docker volumes
2018-09-04 08:21:49 -04:00
Kyle Spearrin
34a7bcdc1b
move config class out to its own file
2018-09-03 21:12:24 -04:00
Kyle Spearrin
6b8fdc1a98
add X-Frame-Options specifically
2018-08-31 22:37:49 -04:00
Kyle Spearrin
b2d63b2383
reassign security headers
2018-08-31 17:02:49 -04:00
Kyle Spearrin
9eae04a9c7
dont ignore new security header conf
2018-08-31 13:00:45 -04:00
Kyle Spearrin
aeca706302
include security headers
2018-08-31 12:55:54 -04:00
Kyle Spearrin
566471cae8
enabled X-Frame-Options header
2018-08-31 12:16:36 -04:00
Kyle Spearrin
d4c35a98b7
allow configurable ssl protocols and ciphersuites
2018-08-31 12:11:44 -04:00
Kyle Spearrin
7a6d09a28e
refs and installation complete message
2018-08-31 09:16:01 -04:00
Ndr
f0ca4450d7
Move nginx.pid to directory with write permission ( #350 )
...
* Moving nginx.pid in /var/run/nginx
/var/run/nginx is owned by our application user, allowing it to delete nginx.pid
* Update nginx.pid filepath
2018-08-31 08:10:56 -04:00
Kyle Spearrin
477d665104
compose version config variable
2018-08-30 23:32:18 -04:00
Kyle Spearrin
edac914ebd
update comments
2018-08-30 23:06:40 -04:00
Kyle Spearrin
053a89fdb0
cleanup comments
2018-08-30 22:46:51 -04:00
Kyle Spearrin
a3744facc7
remove install complete message
2018-08-30 22:36:45 -04:00
Kyle Spearrin
c87ce222eb
contains checks for nginx conf config.yml build
2018-08-30 22:30:31 -04:00
Kyle Spearrin
5a44ce4f0e
fix compose template indention
2018-08-30 16:40:06 -04:00
Kyle Spearrin
69605fab5b
rebuild instructions
2018-08-30 16:09:18 -04:00
Kyle Spearrin
310e6bcf61
convert setup to use config.yml
2018-08-30 11:35:44 -04:00
Kyle Spearrin
c41a1e0936
CanAccessPremium checks instead of User.Premium
2018-08-28 16:23:58 -04:00
Kyle Spearrin
816bf1546e
global.env for all aspnet containers
2018-08-24 16:28:49 -04:00
Kyle Spearrin
53caacb870
fix availablecollections queries for groups join
2018-08-23 23:46:18 -04:00
Kyle Spearrin
a275af6366
proxy_pass to /hub
2018-08-21 12:47:13 -04:00
Kyle Spearrin
43eaedeee4
proxy headers for websockets
2018-08-21 12:43:18 -04:00
Kyle Spearrin
7a5d3c3795
set connection header for signalr hub
2018-08-21 12:12:33 -04:00
Kyle Spearrin
fb92f67053
add websockets to CSP
2018-08-21 11:54:03 -04:00
Kyle Spearrin
ca3ecc0163
build and include notifications docker
2018-08-17 18:14:25 -04:00
Kyle Spearrin
1ffa712b75
more notification hub renames
2018-08-16 13:50:41 -04:00
Kyle Spearrin
28e6783a00
hub api notifications
2018-08-16 12:05:01 -04:00
Kyle Spearrin
ff01ce5ca7
internal identity authorization
2018-08-15 18:43:26 -04:00
Kyle Spearrin
580e9e51e5
remove mail and function projects
2018-08-14 22:09:41 -04:00
Kyle Spearrin
0932189ccb
support for user defined kdf parameters
2018-08-14 15:30:04 -04:00
Kyle Spearrin
20f45ca2de
update ssl ciphers to mozilla recommendations
2018-08-14 08:42:01 -04:00
Simon
f08ff966b0
Hardening nginx, allow TLSv1.2 with the most secure cipher suites only ( #340 )
...
* Hardening nginx, allow TLSv1.2 with the most secure cipher suites only
* Ciphers added to allow more browsers to connect
2018-08-14 08:37:24 -04:00
Kyle Spearrin
06d5b4af29
turn off database autoclose
2018-08-09 16:57:15 -04:00
Kyle Spearrin
5e0668077f
special config for webVault
2018-08-07 15:04:11 -04:00
Kyle Spearrin
68bd755dc5
remove console log
2018-08-07 14:27:32 -04:00
Kyle Spearrin
de80139851
write path to console
2018-08-07 14:05:40 -04:00
Kyle Spearrin
36cf628a63
add static files caching
2018-08-07 12:49:00 -04:00
Kyle Spearrin
e6aaddaed1
switch kestrel back to libuv til bugs are fixed
2018-08-06 16:42:55 -04:00
Kyle Spearrin
fb2ee6aaea
no longer need to provide netcoreapp flag
2018-08-06 09:11:27 -04:00
Kyle Spearrin
58d29cc4a8
consolidate some deps
2018-08-03 23:57:15 -04:00
Kyle Spearrin
3f0186f17a
update mssql and nginx deps
2018-08-01 10:38:12 -04:00
Kyle Spearrin
1052951a96
restore on build. remove ps1 build scripts
2018-08-01 10:32:58 -04:00
Kyle Spearrin
61cda87574
update to .net / asp.net 2.1
2018-08-01 10:07:20 -04:00
Kyle Spearrin
0685023e1d
update libs
2018-08-01 07:53:17 -04:00
Kyle Spearrin
6d22356caf
allow gravatar in CSP
2018-07-30 23:56:09 -04:00
Kyle Spearrin
98fc54881b
database tuning
2018-07-28 21:25:25 -04:00
Kyle Spearrin
545fb43dac
improvements to collection user sproc
2018-07-23 10:31:45 -04:00
Kyle Spearrin
94c7fdebf5
device index and updated folder delete sproc
2018-07-23 09:52:22 -04:00
Kyle Spearrin
24aa0dc026
delete null creationdates too
2018-07-21 08:58:16 -04:00
Kyle Spearrin
941792bdd8
u2f db updates
2018-07-21 08:44:21 -04:00
Kyle Spearrin
4c399aaf0d
new grant cleanup sproc
2018-07-20 23:08:10 -04:00
Mark Anthony Cianfrani
c227beb510
added basic constraints configuration for self signed certificates ( #327 )
2018-07-20 22:17:49 -04:00
Kyle Spearrin
05b1c1cf9b
move all security headers to web vault location
2018-07-20 14:13:24 -04:00
Kyle Spearrin
0070d23dab
csp is only for web vault
2018-07-20 14:11:20 -04:00
Kyle Spearrin
c4c0c81d14
null error output of cert copy
2018-07-19 17:33:53 -04:00
Kyle Spearrin
8c208d4d34
missing semicolon
2018-07-19 17:01:57 -04:00
Kyle Spearrin
dea76e8e01
wrap csp in quotes
2018-07-19 16:49:01 -04:00
Kyle Spearrin
511b1cbbb6
load ca certs on setup
2018-07-19 16:45:27 -04:00
Kyle Spearrin
b0aef93597
move script back and move userview update up
2018-07-19 16:22:30 -04:00
Kyle Spearrin
266fc579f2
cleanup installer. break apart update script
2018-07-19 16:01:54 -04:00
Kyle Spearrin
a66af41d2b
csp header on nginx
2018-07-18 23:06:25 -04:00
Kyle Spearrin
61806cd8ac
sql update script fixes
2018-07-17 21:41:16 -04:00
Kyle Spearrin
938b7f1230
premium renewal reminders job for braintree
2018-07-12 23:23:41 -04:00
Kyle Spearrin
476ee53931
add renewal reminder date prop to users
2018-07-12 17:35:01 -04:00
Kyle Spearrin
de552be25f
apis for bulk sharing
2018-06-13 14:03:44 -04:00
Kyle Spearrin
ebb1f9e1a8
use temp tables for better execution plans
2018-06-12 13:24:13 -04:00
Kyle Spearrin
74874a1c38
return collection readonly details
2018-06-11 14:25:53 -04:00
Mart124
b3c48fd3fa
Add a bitwarden label to docker images ( #305 )
...
* Add a bitwarden label to docker images
* Prefix label with reverse DNS
2018-06-09 08:17:16 -04:00
Kyle Spearrin
6f1f2305e3
sleep for 20 seconds between migrate re-tries
2018-05-31 22:11:08 -04:00
Mart124
92b08e6cf1
Rework service user ( #299 )
...
* Use user primary group if not root
* Do not run getent on MacOS
* Simplify UID/GID management
* Make uid.env backward compatible in run.sh
* Merge install.sh with run.sh to avoid duplicating code
Especially the UID/GID management one
* Generate correct OS name
* Be sure to keep old behavior for backward compatiblilty
* Get the colors back from install.sh
2018-05-31 12:05:26 -04:00
Kyle Spearrin
1ead0af77e
update mssql to CU7
2018-05-29 08:19:34 -04:00
Mart124
8471f558e3
Improve mssql backups ( #298 )
...
* Improve mssql backups
* Launch DB backup at 23:59
2018-05-29 08:17:43 -04:00
Mart124
1b1ec7629b
Workaround to disable mssql telemetry in DockerFile ( #294 )
2018-05-24 15:56:55 -04:00
Mart124
ffe5f37a64
Workaround to disable mssql telemetry ( #293 )
2018-05-24 15:36:46 -04:00
Kyle Spearrin
4dbea821a4
Revert "chown mssql.conf"
...
This reverts commit 3bd5a82afa
.
2018-05-21 15:42:37 -04:00
Kyle Spearrin
8f13361705
set nsubjectAltName od self signed certs
2018-05-21 15:41:15 -04:00
Kyle Spearrin
3bd5a82afa
chown mssql.conf
2018-05-21 14:09:04 -04:00