inital commit

.drone.jsonnet

@@ -0,0 +1,141 @@
+local PipelineBuild(arch='amd64') = {
+  local tag = 'linux-' + arch,
+  kind: 'pipeline',
+  name: 'build-container-' + arch,
+  platform: {
+    os: 'linux',
+    arch: arch,
+  },
+  steps: [
+    {
+      name: 'binary',
+      image: 'clux/muslrust:nightly-2019-12-19',
+      environment: {
+        'DB': 'postgresql',
+        'DEBIAN_FRONTEND': 'noninteractive',
+        'LANG': 'C.UTF-8',
+        'TZ': 'UTC',
+      },
+      commands: [
+        '[ -z "${DRONE_TAG}" ] && LDAP_VERSION=master || LDAP_VERSION=${DRONE_TAG%-*}',
+        'mkdir -p source/',
+        'rustup set profile minimal',
+        'curl -sSL https://github.com/ViViDboarder/bitwarden_rs_ldap/archive/v$LDAP_VERSION.tar.gz | tar xz -C source/ --strip-components=1',
+        'cd source/ && cargo build -j 8 --release',
+      ],
+    },
+    {
+      name: 'dryrun',
+      image: 'plugins/docker:' + tag,
+      settings: {
+        dry_run: true,
+        dockerfile: './Dockerfile.' + arch,
+        repo: 'xoxys/bitwardenrs_ldap',
+        username: { from_secret: 'docker_username' },
+        password: { from_secret: 'docker_password' },
+      },
+    },
+    {
+      name: 'publish',
+      image: 'plugins/docker:' + tag,
+      settings: {
+        auto_tag: true,
+        auto_tag_suffix: arch,
+        dockerfile: './Dockerfile.' + arch,
+        repo: 'xoxys/bitwardenrs_ldap',
+        username: { from_secret: 'docker_username' },
+        password: { from_secret: 'docker_password' },
+      },
+      when: {
+        ref: [
+          'refs/heads/master',
+          'refs/tags/**',
+        ],
+      },
+    },
+    {
+      name: 'publish-gitea',
+      image: 'plugins/gitea-release',
+      settings: {
+        api_key: { from_secret: 'gitea_token' },
+        base_url: 'https://gitea.rknet.org',
+        overwrite: true,
+        title: '${DRONE_TAG}',
+        note: 'CHANGELOG.md',
+      },
+      when: {
+        ref: ['refs/tags/**'],
+      },
+    },
+  ],
+};
+
+local PipelineNotifications(depends_on=[]) = {
+  kind: 'pipeline',
+  name: 'notifications',
+  platform: {
+    os: 'linux',
+    arch: 'amd64',
+  },
+  steps: [
+    {
+      image: 'plugins/manifest',
+      name: 'manifest',
+      settings: {
+        ignore_missing: true,
+        tags: ['${DRONE_TAG}', '${DRONE_TAG%-*}', '${DRONE_TAG%.*}', '${DRONE_TAG%%.*}'],
+        username: { from_secret: 'docker_username' },
+        password: { from_secret: 'docker_password' },
+        spec: './manifest.tmpl',
+      },
+      when: {
+        status: ['success'],
+      },
+    },
+    {
+      name: 'readme',
+      image: 'sheogorath/readme-to-dockerhub',
+      environment: {
+        DOCKERHUB_USERNAME: { from_secret: 'docker_username' },
+        DOCKERHUB_PASSWORD: { from_secret: 'docker_password' },
+        DOCKERHUB_REPO_PREFIX: 'xoxys',
+        DOCKERHUB_REPO_NAME: 'bitwardenrs_ldap',
+        README_PATH: 'README.md',
+        SHORT_DESCRIPTION: 'Rootless Bitwarden_RS - Self-hosted password manager',
+      },
+    },
+    {
+      name: 'microbadger',
+      image: 'plugins/webhook',
+      settings: {
+        urls: { from_secret: 'microbadger_url' },
+      },
+    },
+    {
+      image: 'plugins/matrix',
+      name: 'matrix',
+      settings: {
+        homeserver: 'https://matrix.rknet.org',
+        roomid: 'MtidqQXWWAtQcByBhH:rknet.org',
+        template: 'Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}',
+        username: { from_secret: 'matrix_username' },
+        password: { from_secret: 'matrix_password' },
+      },
+    },
+  ],
+  trigger: {
+    ref: [
+      'refs/heads/master',
+      'refs/tags/**',
+    ],
+    status: ['success', 'failure'],
+  },
+  depends_on: depends_on,
+};
+
+[
+  PipelineBuild(arch='amd64'),
+  PipelineNotifications(depends_on=[
+    'build-container-amd64',
+  ]),
+]

.drone.yml

@@ -0,0 +1,135 @@
+---
+kind: pipeline
+name: build-container-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: binary
+  image: clux/muslrust:nightly-2019-12-19
+  commands:
+  - "[ -z \"${DRONE_TAG}\" ] && LDAP_VERSION=master || LDAP_VERSION=${DRONE_TAG%-*}"
+  - mkdir -p source/
+  - rustup set profile minimal
+  - curl -sSL https://github.com/ViViDboarder/bitwarden_rs_ldap/archive/v$LDAP_VERSION.tar.gz | tar xz -C source/ --strip-components=1
+  - cd source/ && cargo build -j 8 --release
+  environment:
+    DB: postgresql
+    DEBIAN_FRONTEND: noninteractive
+    LANG: C.UTF-8
+    TZ: UTC
+
+- name: dryrun
+  image: plugins/docker:linux-amd64
+  settings:
+    dockerfile: ./Dockerfile.amd64
+    dry_run: true
+    password:
+      from_secret: docker_password
+    repo: xoxys/bitwardenrs_ldap
+    username:
+      from_secret: docker_username
+
+- name: publish
+  image: plugins/docker:linux-amd64
+  settings:
+    auto_tag: true
+    auto_tag_suffix: amd64
+    dockerfile: ./Dockerfile.amd64
+    password:
+      from_secret: docker_password
+    repo: xoxys/bitwardenrs_ldap
+    username:
+      from_secret: docker_username
+  when:
+    ref:
+    - refs/heads/master
+    - refs/tags/**
+
+- name: publish-gitea
+  image: plugins/gitea-release
+  settings:
+    api_key:
+      from_secret: gitea_token
+    base_url: https://gitea.rknet.org
+    note: CHANGELOG.md
+    overwrite: true
+    title: ${DRONE_TAG}
+  when:
+    ref:
+    - refs/tags/**
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: manifest
+  image: plugins/manifest
+  settings:
+    ignore_missing: true
+    password:
+      from_secret: docker_password
+    spec: ./manifest.tmpl
+    tags:
+    - ${DRONE_TAG}
+    - ${DRONE_TAG%-*}
+    - ${DRONE_TAG%.*}
+    - ${DRONE_TAG%%.*}
+    username:
+      from_secret: docker_username
+  when:
+    status:
+    - success
+
+- name: readme
+  image: sheogorath/readme-to-dockerhub
+  environment:
+    DOCKERHUB_PASSWORD:
+      from_secret: docker_password
+    DOCKERHUB_REPO_NAME: bitwardenrs_ldap
+    DOCKERHUB_REPO_PREFIX: xoxys
+    DOCKERHUB_USERNAME:
+      from_secret: docker_username
+    README_PATH: README.md
+    SHORT_DESCRIPTION: Rootless Bitwarden_RS - Self-hosted password manager
+
+- name: microbadger
+  image: plugins/webhook
+  settings:
+    urls:
+      from_secret: microbadger_url
+
+- name: matrix
+  image: plugins/matrix
+  settings:
+    homeserver: https://matrix.rknet.org
+    password:
+      from_secret: matrix_password
+    roomid: MtidqQXWWAtQcByBhH:rknet.org
+    template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
+    username:
+      from_secret: matrix_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - refs/tags/**
+  status:
+  - success
+  - failure
+
+depends_on:
+- build-container-amd64
+
+---
+kind: signature
+hmac: f5d4a7e677b3a3c586884e3abdf9a97a71be88fdeec3b8f2550c5ca902ba9b49
+
+...

.gitignore

@@ -0,0 +1 @@
+test/

Dockerfile.amd64

@@ -0,0 +1,31 @@
+FROM alpine:3.11
+
+LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
+    org.label-schema.name="bitwardenrs_ldap" \
+    org.label-schema.version="1.2" \
+    org.label-schema.vendor="Robert Kaussow" \
+    org.label-schema.schema-version="1.0"
+
+RUN addgroup -g 101 -S app && \
+    adduser -S -D -H -u 101 -h /app -s /sbin/nologin -G app -g app app && \
+    apk --update add --virtual .build-deps tar curl && \
+    apk --update add openssl postgresql-libs ca-certificates && \
+    curl -SsL -o /usr/local/bin/gomplate https://github.com/hairyhenderson/gomplate/releases/download/v3.5.0/gomplate_linux-amd64-slim && \
+    chmod 755 /usr/local/bin/gomplate && \
+    apk del .build-deps && \
+    rm -rf /var/cache/apk/* && \
+    rm -rf /tmp/* && \
+    chown -R app:app /app
+
+ADD overlay/ /
+ADD source/target/x86_64-unknown-linux-musl/release/bitwarden_rs_ldap /app
+
+VOLUME /app/data
+
+USER app
+
+STOPSIGNAL SIGTERM
+
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+WORKDIR /app
+CMD []

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Robert Kaussow
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice (including the next
+paragraph) shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
+OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
+OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1 @@
+# bitwarden_rs_ldap

docker-compose.yml

@@ -0,0 +1,7 @@
+---
+version: '2.1'
+
+services:
+  bitwardenrs_ldap:
+    container_name: bitwardenrs_ldap
+    image: xoxys/bitwardenrs_ldap:latest

manifest.tmpl

@@ -0,0 +1,15 @@
+image: xoxys/bitwardenrs_ldap:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  {{#if this}}
+  - {{trimPrefix "v" this}}
+  - {{trimPrefix "v" this}}-amd64
+  {{/if}}
+{{/each}}
+{{/if}}
+manifests:
+  - image: xoxys/bitwardenrs_ldap:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
+    platform:
+      architecture: amd64
+      os: linux

overlay/etc/templates/config.toml.tmpl

@@ -0,0 +1,19 @@
+## Bitwarden_RS LDAP Configuration File
+
+bitwarden_url = "{{ getenv "BITWARDENRS_LDAP_BITWARDEN_URL" }}"
+bitwarden_admin_token = "{{ getenv "BITWARDENRS_LDAP_BITWARDEN_ADMIN_TOKEN" }}"
+ldap_host = "{{ getenv "BITWARDENRS_LDAP_HOST" }}"
+{{ if (getenv "BITWARDENRS_LDAP_SCHEME") -}}
+ldap_scheme = "{{ getenv "BITWARDENRS_LDAP_SCHEME" }}"
+{{ end -}}
+ldap_ssl = {{ getenv "BITWARDENRS_LDAP_SSL" "true" | conv.Bool }}
+{{ if (getenv "BITWARDENRS_LDAP_PORT") -}}
+ldap_port = {{ getenv "BITWARDENRS_LDAP_PORT" }}
+{{ end -}}
+ldap_bind_dn = "{{ getenv "BITWARDENRS_LDAP_BIND_DN" }}"
+ldap_bind_password = "{{ getenv "BITWARDENRS_LDAP_BIND_PASSWORD" }}"
+ldap_search_base_dn = "{{ getenv "BITWARDENRS_LDAP_SEARCH_BASE_DN" }}"
+ldap_search_filter = "{{ getenv "BITWARDENRS_LDAP_SEARCH_FILTER" "(&(objectClass=*)(uid=*))" }}"
+ldap_mail_field = "{{ getenv "BITWARDENRS_LDAP_MAIL_FIELD" "mail" }}"
+ldap_sync_interval_seconds = {{ getenv "BITWARDENRS_LDAP_SYNC_INTERVAL_SECONDS" "60" }}
+ldap_sync_loop = {{ getenv "BITWARDENRS_LDAP_SYNC_LOOP" "true" | conv.Bool }}

overlay/usr/local/bin/entrypoint.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env sh
+
+/usr/local/bin/gomplate -V -o /app/config.toml -f /etc/templates/config.toml.tmpl
+
+exec CONFIG_PATH=/app/config.toml /app/bitwarden_rs_ldap