bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-02-22 04:13:43 +00:00
Code Issues Releases Wiki Activity

docker setup

Browse Source
This commit is contained in:
Kyle Spearrin
2017-08-07 16:31:00 -04:00
parent ee8b0a25a8
commit 9bc6ba554a
25 changed files with 456 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
scripts/setup.sh
View File

@@ -7,10 +7,7 @@ echo -e "\nPlease enter your email address (used to generate an HTTPS certificat
read EMAIL
OUTPUT_DIR=./bitwarden
DOCKER_DIR=../docker
CERT_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
DATABASE_PASSWORD=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 32)
DUO_KEY=$(LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 64)
docker --version
@@ -18,25 +15,6 @@ docker --version
#docker run -it --rm -p 80:80 -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot certonly --standalone --noninteractive --preferred-challenges http --email $EMAIL --agree-tos -d $DOMAIN
#docker run -it --rm -v $OUTPUT_DIR/letsencrypt/live:/certificates/ bitwarden/openssl openssl dhparam -out /certificates/$DOMAIN/dhparam.pem 2048
mkdir -p $OUTPUT_DIR/core
docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /certificates/identity.key -out /certificates/identity.crt -subj "/CN=bitwarden IdentityServer" -days 10950
docker run -it --rm -v $OUTPUT_DIR/core:/certificates bitwarden/openssl openssl pkcs12 -export -out /certificates/identity.pfx -inkey /certificates/identity.key -in /certificates/identity.crt -certfile /certificates/identity.crt -passout pass:$CERT_PASSWORD
rm $OUTPUT_DIR/core/identity.key
rm $OUTPUT_DIR/core/identity.crt
docker run -it --rm -v $OUTPUT_DIR:/bitwarden bitwarden/setup dotnet Setup.dll -domain $DOMAIN -letsencrypt y -db_pass $DATABASE_PASSWORD
cat >> $DOCKER_DIR/global.override.env << EOF
globalSettings:baseServiceUri:vault=https://$DOMAIN
globalSettings:baseServiceUri:api=https://$DOMAIN/api
globalSettings:baseServiceUri:identity=https://$DOMAIN/identity
globalSettings:sqlServer:connectionString=Server=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=$DATABASE_PASSWORD;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;
globalSettings:identityServer:certificatePassword=$CERT_PASSWORD
globalSettings:duo:aKey=$DUO_KEY
globalSettings:yubico:clientId=REPLACE
globalSettings:yubico:REPLACE
EOF
cat >> $DOCKER_DIR/mssql.override.env << EOF
ACCEPT_EULA=Y
MSSQL_PID=Express
SA_PASSWORD=$DATABASE_PASSWORD
EOF
echo -e "\nSetup complete"