container/vaultwarden-ldap
Archived
1
0
Fork 0
Code Issues Pull Requests Releases 22 Activity

inital commit
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Robert Kaussow 2020-01-19 00:19:48 +01:00
commit f2f60dec9a
11 changed files with 376 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
.drone.jsonnet Normal file
View File

@ -0,0 +1,141 @@
local PipelineBuild(arch='amd64') = {
local tag = 'linux-' + arch,
kind: 'pipeline',
name: 'build-container-' + arch,
platform: {
os: 'linux',
arch: arch,
},
steps: [
{
name: 'binary',
image: 'clux/muslrust:nightly-2019-12-19',
environment: {
'DB': 'postgresql',
'DEBIAN_FRONTEND': 'noninteractive',
'LANG': 'C.UTF-8',
'TZ': 'UTC',
},
commands: [
'[ -z "${DRONE_TAG}" ] && LDAP_VERSION=master || LDAP_VERSION=${DRONE_TAG%-*}',
'mkdir -p source/',
'rustup set profile minimal',
'curl -sSL https://github.com/ViViDboarder/bitwarden_rs_ldap/archive/v$LDAP_VERSION.tar.gz | tar xz -C source/ --strip-components=1',
'cd source/ && cargo build -j 8 --release',
],
},
{
name: 'dryrun',
image: 'plugins/docker:' + tag,
settings: {
dry_run: true,
dockerfile: './Dockerfile.' + arch,
repo: 'xoxys/bitwardenrs_ldap',
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
},
},
{
name: 'publish',
image: 'plugins/docker:' + tag,
settings: {
auto_tag: true,
auto_tag_suffix: arch,
dockerfile: './Dockerfile.' + arch,
repo: 'xoxys/bitwardenrs_ldap',
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
},
when: {
ref: [
'refs/heads/master',
'refs/tags/**',
],
},
},
{
name: 'publish-gitea',
image: 'plugins/gitea-release',
settings: {
api_key: { from_secret: 'gitea_token' },
base_url: 'https://gitea.rknet.org',
overwrite: true,
title: '${DRONE_TAG}',
note: 'CHANGELOG.md',
},
when: {
ref: ['refs/tags/**'],
},
},
],
};
local PipelineNotifications(depends_on=[]) = {
kind: 'pipeline',
name: 'notifications',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
image: 'plugins/manifest',
name: 'manifest',
settings: {
ignore_missing: true,
tags: ['${DRONE_TAG}', '${DRONE_TAG%-*}', '${DRONE_TAG%.*}', '${DRONE_TAG%%.*}'],
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
spec: './manifest.tmpl',
},
when: {
status: ['success'],
},
},
{
name: 'readme',
image: 'sheogorath/readme-to-dockerhub',
environment: {
DOCKERHUB_USERNAME: { from_secret: 'docker_username' },
DOCKERHUB_PASSWORD: { from_secret: 'docker_password' },
DOCKERHUB_REPO_PREFIX: 'xoxys',
DOCKERHUB_REPO_NAME: 'bitwardenrs_ldap',
README_PATH: 'README.md',
SHORT_DESCRIPTION: 'Rootless Bitwarden_RS - Self-hosted password manager',
},
},
{
name: 'microbadger',
image: 'plugins/webhook',
settings: {
urls: { from_secret: 'microbadger_url' },
},
},
{
image: 'plugins/matrix',
name: 'matrix',
settings: {
homeserver: 'https://matrix.rknet.org',
roomid: 'MtidqQXWWAtQcByBhH:rknet.org',
template: 'Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}',
username: { from_secret: 'matrix_username' },
password: { from_secret: 'matrix_password' },
},
},
],
trigger: {
ref: [
'refs/heads/master',
'refs/tags/**',
],
status: ['success', 'failure'],
},
depends_on: depends_on,
};
[
PipelineBuild(arch='amd64'),
PipelineNotifications(depends_on=[
'build-container-amd64',
]),
]

135
.drone.yml Normal file
View File

@ -0,0 +1,135 @@
---
kind: pipeline
name: build-container-amd64
platform:
os: linux
arch: amd64
steps:
- name: binary
image: clux/muslrust:nightly-2019-12-19
commands:
- "[ -z \"${DRONE_TAG}\" ] && LDAP_VERSION=master || LDAP_VERSION=${DRONE_TAG%-*}"
- mkdir -p source/
- rustup set profile minimal
- curl -sSL https://github.com/ViViDboarder/bitwarden_rs_ldap/archive/v$LDAP_VERSION.tar.gz | tar xz -C source/ --strip-components=1
- cd source/ && cargo build -j 8 --release
environment:
DB: postgresql
DEBIAN_FRONTEND: noninteractive
LANG: C.UTF-8
TZ: UTC
- name: dryrun
image: plugins/docker:linux-amd64
settings:
dockerfile: ./Dockerfile.amd64
dry_run: true
password:
from_secret: docker_password
repo: xoxys/bitwardenrs_ldap
username:
from_secret: docker_username
- name: publish
image: plugins/docker:linux-amd64
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: ./Dockerfile.amd64
password:
from_secret: docker_password
repo: xoxys/bitwardenrs_ldap
username:
from_secret: docker_username
when:
ref:
- refs/heads/master
- refs/tags/**
- name: publish-gitea
image: plugins/gitea-release
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.rknet.org
note: CHANGELOG.md
overwrite: true
title: ${DRONE_TAG}
when:
ref:
- refs/tags/**
---
kind: pipeline
name: notifications
platform:
os: linux
arch: amd64
steps:
- name: manifest
image: plugins/manifest
settings:
ignore_missing: true
password:
from_secret: docker_password
spec: ./manifest.tmpl
tags:
- ${DRONE_TAG}
- ${DRONE_TAG%-*}
- ${DRONE_TAG%.*}
- ${DRONE_TAG%%.*}
username:
from_secret: docker_username
when:
status:
- success
- name: readme
image: sheogorath/readme-to-dockerhub
environment:
DOCKERHUB_PASSWORD:
from_secret: docker_password
DOCKERHUB_REPO_NAME: bitwardenrs_ldap
DOCKERHUB_REPO_PREFIX: xoxys
DOCKERHUB_USERNAME:
from_secret: docker_username
README_PATH: README.md
SHORT_DESCRIPTION: Rootless Bitwarden_RS - Self-hosted password manager
- name: microbadger
image: plugins/webhook
settings:
urls:
from_secret: microbadger_url
- name: matrix
image: plugins/matrix
settings:
homeserver: https://matrix.rknet.org
password:
from_secret: matrix_password
roomid: MtidqQXWWAtQcByBhH:rknet.org
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
username:
from_secret: matrix_username
trigger:
ref:
- refs/heads/master
- refs/tags/**
status:
- success
- failure
depends_on:
- build-container-amd64
---
kind: signature
hmac: f5d4a7e677b3a3c586884e3abdf9a97a71be88fdeec3b8f2550c5ca902ba9b49
...

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
test/

0
CHANGELOG.md Normal file
View File

31
Dockerfile.amd64 Normal file
View File

@ -0,0 +1,31 @@
FROM alpine:3.11
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
org.label-schema.name="bitwardenrs_ldap" \
org.label-schema.version="1.2" \
org.label-schema.vendor="Robert Kaussow" \
org.label-schema.schema-version="1.0"
RUN addgroup -g 101 -S app && \
adduser -S -D -H -u 101 -h /app -s /sbin/nologin -G app -g app app && \
apk --update add --virtual .build-deps tar curl && \
apk --update add openssl postgresql-libs ca-certificates && \
curl -SsL -o /usr/local/bin/gomplate https://github.com/hairyhenderson/gomplate/releases/download/v3.5.0/gomplate_linux-amd64-slim && \
chmod 755 /usr/local/bin/gomplate && \
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/* && \
chown -R app:app /app
ADD overlay/ /
ADD source/target/x86_64-unknown-linux-musl/release/bitwarden_rs_ldap /app
VOLUME /app/data
USER app
STOPSIGNAL SIGTERM
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
WORKDIR /app
CMD []

21
LICENSE Normal file
View File

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2019 Robert Kaussow
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice (including the next
paragraph) shall be included in all copies or substantial portions of the
Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

1
README.md Normal file
View File

@ -0,0 +1 @@
# bitwarden_rs_ldap

7
docker-compose.yml Normal file
View File

@ -0,0 +1,7 @@
---
version: '2.1'
services:
bitwardenrs_ldap:
container_name: bitwardenrs_ldap
image: xoxys/bitwardenrs_ldap:latest

15
manifest.tmpl Normal file
View File

@ -0,0 +1,15 @@
image: xoxys/bitwardenrs_ldap:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
{{#if this}}
- {{trimPrefix "v" this}}
- {{trimPrefix "v" this}}-amd64
{{/if}}
{{/each}}
{{/if}}
manifests:
- image: xoxys/bitwardenrs_ldap:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
platform:
architecture: amd64
os: linux

19
overlay/etc/templates/config.toml.tmpl Normal file
View File

@ -0,0 +1,19 @@
## Bitwarden_RS LDAP Configuration File
bitwarden_url = "{{ getenv "BITWARDENRS_LDAP_BITWARDEN_URL" }}"
bitwarden_admin_token = "{{ getenv "BITWARDENRS_LDAP_BITWARDEN_ADMIN_TOKEN" }}"
ldap_host = "{{ getenv "BITWARDENRS_LDAP_HOST" }}"
{{ if (getenv "BITWARDENRS_LDAP_SCHEME") -}}
ldap_scheme = "{{ getenv "BITWARDENRS_LDAP_SCHEME" }}"
{{ end -}}
ldap_ssl = {{ getenv "BITWARDENRS_LDAP_SSL" "true" | conv.Bool }}
{{ if (getenv "BITWARDENRS_LDAP_PORT") -}}
ldap_port = {{ getenv "BITWARDENRS_LDAP_PORT" }}
{{ end -}}
ldap_bind_dn = "{{ getenv "BITWARDENRS_LDAP_BIND_DN" }}"
ldap_bind_password = "{{ getenv "BITWARDENRS_LDAP_BIND_PASSWORD" }}"
ldap_search_base_dn = "{{ getenv "BITWARDENRS_LDAP_SEARCH_BASE_DN" }}"
ldap_search_filter = "{{ getenv "BITWARDENRS_LDAP_SEARCH_FILTER" "(&(objectClass=*)(uid=*))" }}"
ldap_mail_field = "{{ getenv "BITWARDENRS_LDAP_MAIL_FIELD" "mail" }}"
ldap_sync_interval_seconds = {{ getenv "BITWARDENRS_LDAP_SYNC_INTERVAL_SECONDS" "60" }}
ldap_sync_loop = {{ getenv "BITWARDENRS_LDAP_SYNC_LOOP" "true" | conv.Bool }}

5
overlay/usr/local/bin/entrypoint.sh Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/env sh
/usr/local/bin/gomplate -V -o /app/config.toml -f /etc/templates/config.toml.tmpl
exec CONFIG_PATH=/app/config.toml /app/bitwarden_rs_ldap