summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorAntoine2018-05-13 20:53:38 +0200
committerAntoine2018-05-13 20:53:38 +0200
commitf6324b57654ee419f7438e8804e6513961680c04 (patch)
treed3f3a69130662d9875072907d5272c48e0c78d5e
downloadaur-f6324b57654ee419f7438e8804e6513961680c04.tar.gz
First version
-rw-r--r--.SRCINFO33
-rw-r--r--PKGBUILD118
-rw-r--r--app-id.json15
-rw-r--r--bitwarden-admin.service18
-rw-r--r--bitwarden-api.service18
-rw-r--r--bitwarden-attachments.service16
-rw-r--r--bitwarden-icons.service15
-rw-r--r--bitwarden-identity.service19
-rw-r--r--bitwarden-mssql.service19
-rw-r--r--bitwarden-nginx.service18
-rw-r--r--bitwarden-server.service11
-rw-r--r--bitwarden-sysuser.conf1
-rw-r--r--bitwarden-web.service16
-rw-r--r--bitwarden.install65
-rw-r--r--global.env34
-rw-r--r--mssql.env3
-rw-r--r--nginx-default.conf49
-rw-r--r--settings.js6
-rw-r--r--uid.env2
19 files changed, 476 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..4c9cd7282687
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,33 @@
+pkgbase = bitwarden-server
+ pkgdesc = Open source password management solutions for individuals, teams, and business organizations.
+ pkgver = 1.19.0
+ pkgrel = 1
+ url = https://github.com/bitwarden
+ install = bitwarden.install
+ arch = x86_64
+ license = AGPL-3.0
+ makedepends = openssl
+ depends = docker
+ backup = etc/bitwarden/global.env
+ backup = etc/bitwarden/uid.env
+ backup = etc/bitwarden/mssql.env
+ backup = var/lib/bitwarden/identity/identity.pfx
+ source = app-id.json
+ source = uid.env
+ source = global.env
+ source = mssql.env
+ source = nginx-default.conf
+ source = settings.js
+ source = bitwarden-server.service
+ source = bitwarden-admin.service
+ source = bitwarden-api.service
+ source = bitwarden-attachments.service
+ source = bitwarden-icons.service
+ source = bitwarden-identity.service
+ source = bitwarden-mssql.service
+ source = bitwarden-nginx.service
+ source = bitwarden-web.service
+ source = bitwarden-sysuser.conf
+
+pkgname = bitwarden-server
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..60ec1d571b70
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,118 @@
+# Maintainer: Antoine Detante <antoine.detante@gmail.com>
+pkgname=bitwarden-server
+pkgver=1.19.0
+pkgrel=1
+pkgdesc="Open source password management solutions for individuals, teams, and business organizations."
+arch=('x86_64')
+url="https://github.com/bitwarden"
+license=(AGPL-3.0)
+depends=(
+ docker
+)
+makedepends=(
+ openssl
+)
+backup=(
+ etc/bitwarden/global.env
+ etc/bitwarden/uid.env
+ etc/bitwarden/mssql.env
+ var/lib/bitwarden/identity/identity.pfx
+)
+install=bitwarden.install
+source=(
+ app-id.json
+ uid.env
+ global.env
+ mssql.env
+ nginx-default.conf
+ settings.js
+ bitwarden-server.service
+ bitwarden-admin.service
+ bitwarden-api.service
+ bitwarden-attachments.service
+ bitwarden-icons.service
+ bitwarden-identity.service
+ bitwarden-mssql.service
+ bitwarden-nginx.service
+ bitwarden-web.service
+ bitwarden-sysuser.conf
+)
+md5sums=('0dcdbbb718832cecf19da5c3bbb481e1'
+ '84d8a6a0eefc33752a1d5f564509ba4f'
+ '2fc12753445f3d48fc929d320cb31e12'
+ '8846cdf9e1b00cd70ba92cbd6d8ea652'
+ 'ac85d667e8842f9647429746a0f962b5'
+ '128086b1346a3542b8a5958ecbe2d7a9'
+ '9124b5ec3c799b1b1a433e85a5ade921'
+ '8b4bd7b222fba118009ca7a976a77039'
+ 'd650ed51bef9b9d5960928a2a75df947'
+ '7fa95353a04d76ddcd3a7478b14459f7'
+ 'c654f0958ba0af603af24ca43b89af0e'
+ '5011742e7be53c6e439540f8a231ff01'
+ '9072db1c0560945fcfac572d34ba5678'
+ '2359641bcd0ab5546217aed1574c2f0f'
+ 'fce431796ab48c0a39c446fb0e9fcd27'
+ '4f9373e3810b0b55d2350c5057cfded3')
+
+prepare() {
+ # Generate random passwords
+ DB_PASSWORD=$(openssl rand -hex 16)
+ ID_CERT_PASSWORD=$(openssl rand -hex 16)
+ DUO_AKEY=$(openssl rand -hex 32)
+
+ # Configure global.env
+ sed -i "s/#DB_PASSWORD#/$DB_PASSWORD/" $srcdir/global.env
+ sed -i "s/#ID_CERT_PASSWORD#/$ID_CERT_PASSWORD/" $srcdir/global.env
+ sed -i "s/#DUO_AKEY#/$DUO_AKEY/" $srcdir/global.env
+
+ # Configure mssql.env
+ sed -i "s/#DB_PASSWORD#/$DB_PASSWORD/" $srcdir/mssql.env
+
+ # Generate IdentityServer keypair and certificate
+ openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout $srcdir/identity.key -out $srcdir/identity.crt -subj '/CN=Bitwarden IdentityServer/' -days 10950
+ # Export to PKCS12
+ openssl pkcs12 -export -out $srcdir/identity.pfx -inkey $srcdir/identity.key -in $srcdir/identity.crt -certfile $srcdir/identity.crt -passout pass:$ID_CERT_PASSWORD
+ # Remove key and certificate
+ rm $srcdir/identity.{key,crt}
+}
+
+package() {
+ # Create bitwarden directories
+ mkdir -p $pkgdir/etc/bitwarden
+ mkdir -p $pkgdir/var/lib/bitwarden/mssql/data
+ mkdir -p $pkgdir/var/lib/bitwarden/mssql/backups
+ mkdir -p $pkgdir/var/lib/bitwarden/web
+ mkdir -p $pkgdir/var/lib/bitwarden/core
+ mkdir -p $pkgdir/var/lib/bitwarden/core/attachments
+ mkdir -p $pkgdir/var/lib/bitwarden/identity
+ mkdir -p $pkgdir/var/lib/bitwarden/nginx
+
+ mkdir -p $pkgdir/var/log/bitwarden/mssql
+ mkdir -p $pkgdir/var/log/bitwarden/api
+ mkdir -p $pkgdir/var/log/bitwarden/identity
+ mkdir -p $pkgdir/var/log/bitwarden/admin
+ mkdir -p $pkgdir/var/log/bitwarden/nginx
+
+ # Install config files
+ install -m 700 $srcdir/global.env $pkgdir/etc/bitwarden/global.env
+ install -m 700 $srcdir/uid.env $pkgdir/etc/bitwarden/uid.env
+ install -m 700 $srcdir/mssql.env $pkgdir/etc/bitwarden/mssql.env
+ install -m 700 $srcdir/nginx-default.conf $pkgdir/var/lib/bitwarden/nginx/default.conf
+ install -m 700 $srcdir/app-id.json $pkgdir/var/lib/bitwarden/web/app-id.json
+ install -m 700 $srcdir/settings.js $pkgdir/var/lib/bitwarden/web/settings.js
+ install -m 700 $srcdir/identity.pfx $pkgdir/var/lib/bitwarden/identity/identity.pfx
+
+ # Install systemd services
+ install -D -m 644 $srcdir/bitwarden-server.service $pkgdir/usr/lib/systemd/system/bitwarden-server.service
+ install -D -m 644 $srcdir/bitwarden-admin.service $pkgdir/usr/lib/systemd/system/bitwarden-admin.service
+ install -D -m 644 $srcdir/bitwarden-api.service $pkgdir/usr/lib/systemd/system/bitwarden-api.service
+ install -D -m 644 $srcdir/bitwarden-attachments.service $pkgdir/usr/lib/systemd/system/bitwarden-attachments.service
+ install -D -m 644 $srcdir/bitwarden-icons.service $pkgdir/usr/lib/systemd/system/bitwarden-icons.service
+ install -D -m 644 $srcdir/bitwarden-identity.service $pkgdir/usr/lib/systemd/system/bitwarden-identity.service
+ install -D -m 644 $srcdir/bitwarden-mssql.service $pkgdir/usr/lib/systemd/system/bitwarden-mssql.service
+ install -D -m 644 $srcdir/bitwarden-nginx.service $pkgdir/usr/lib/systemd/system/bitwarden-nginx.service
+ install -D -m 644 $srcdir/bitwarden-web.service $pkgdir/usr/lib/systemd/system/bitwarden-web.service
+
+ # Sysuser
+ install -D -m 644 $srcdir/bitwarden-sysuser.conf $pkgdir/usr/lib/sysusers.d/bitwarden.conf
+} \ No newline at end of file
diff --git a/app-id.json b/app-id.json
new file mode 100644
index 000000000000..348fa67cd919
--- /dev/null
+++ b/app-id.json
@@ -0,0 +1,15 @@
+{
+ "trustedFacets": [
+ {
+ "version": {
+ "major": 1,
+ "minor": 0
+ },
+ "ids": [
+ "https://#FQDN#",
+ "ios:bundle-id:com.8bit.bitwarden",
+ "android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI"
+ ]
+ }
+ ]
+} \ No newline at end of file
diff --git a/bitwarden-admin.service b/bitwarden-admin.service
new file mode 100644
index 000000000000..7a4a32e6186b
--- /dev/null
+++ b/bitwarden-admin.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Bitwarden Admin
+PartOf=bitwarden-server.service
+After=bitwarden-server.service bitwarden-mssql.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-admin \
+ --env-file /etc/bitwarden/global.env \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/core:/etc/bitwarden/core \
+ --volume /var/log/bitwarden/admin:/etc/bitwarden/logs \
+ --network bitwarden-net \
+ bitwarden/admin:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-admin
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-api.service b/bitwarden-api.service
new file mode 100644
index 000000000000..d9317e336e29
--- /dev/null
+++ b/bitwarden-api.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Bitwarden API
+PartOf=bitwarden-server.service
+After=bitwarden-server.service bitwarden-mssql.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-api \
+ --env-file /etc/bitwarden/global.env \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/core:/etc/bitwarden/core \
+ --volume /var/log/bitwarden/api:/etc/bitwarden/logs \
+ --network bitwarden-net \
+ bitwarden/api:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-api
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-attachments.service b/bitwarden-attachments.service
new file mode 100644
index 000000000000..f00210ab7bed
--- /dev/null
+++ b/bitwarden-attachments.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Bitwarden Attachments
+PartOf=bitwarden-server.service
+After=bitwarden-server.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-attachments \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/core/attachments:/etc/bitwarden/core/attachments \
+ --network bitwarden-net \
+ bitwarden/attachments:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-attachments
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-icons.service b/bitwarden-icons.service
new file mode 100644
index 000000000000..fffd37d500ce
--- /dev/null
+++ b/bitwarden-icons.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Bitwarden Icons
+PartOf=bitwarden-server.service
+After=bitwarden-server.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-icons \
+ --env-file /etc/bitwarden/uid.env \
+ --network bitwarden-net \
+ bitwarden/icons:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-icons
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-identity.service b/bitwarden-identity.service
new file mode 100644
index 000000000000..9fe687a3dd52
--- /dev/null
+++ b/bitwarden-identity.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Bitwarden Identity
+PartOf=bitwarden-server.service
+After=bitwarden-server.service itwarden-mssql.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-identity \
+ --env-file /etc/bitwarden/global.env \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/identity:/etc/bitwarden/identity \
+ --volume /var/lib/bitwarden/core:/etc/bitwarden/core \
+ --volume /var/log/bitwarden/identity:/etc/bitwarden/logs \
+ --network bitwarden-net \
+ bitwarden/identity:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-identity
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-mssql.service b/bitwarden-mssql.service
new file mode 100644
index 000000000000..317778e66eb9
--- /dev/null
+++ b/bitwarden-mssql.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Bitwarden MSSQL
+PartOf=bitwarden-server.service
+After=bitwarden-server.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-mssql \
+ --env-file /etc/bitwarden/mssql.env \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/mssql/data:/var/opt/mssql/data \
+ --volume /var/log/bitwarden/mssql:/var/opt/mssql/log \
+ --volume /var/lib/bitwarden/mssql/backups:/etc/bitwarden/mssql/backups \
+ --network bitwarden-net \
+ bitwarden/mssql:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-mssql
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-nginx.service b/bitwarden-nginx.service
new file mode 100644
index 000000000000..4a18e056e3f5
--- /dev/null
+++ b/bitwarden-nginx.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Bitwarden nginx
+PartOf=bitwarden-server.service
+After=bitwarden-server.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-nginx \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/nginx:/etc/bitwarden/nginx \
+ --volume /var/log/bitwarden/nginx:/var/log/nginx \
+ --publish 8080:8080 \
+ --network bitwarden-net \
+ bitwarden/nginx:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-nginx
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden-server.service b/bitwarden-server.service
new file mode 100644
index 000000000000..416e7f7fa07d
--- /dev/null
+++ b/bitwarden-server.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Bitwarden Server
+Requires=docker.service bitwarden-admin.service bitwarden-api.service bitwarden-attachments.service bitwarden-icons.service bitwarden-identity.service bitwarden-mssql.service bitwarden-nginx.service bitwarden-web.service
+
+[Service]
+Type=oneshot
+ExecStart=/bin/echo "Starting Bitwarden Server containers..."
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target \ No newline at end of file
diff --git a/bitwarden-sysuser.conf b/bitwarden-sysuser.conf
new file mode 100644
index 000000000000..7ad9fa92b126
--- /dev/null
+++ b/bitwarden-sysuser.conf
@@ -0,0 +1 @@
+u bitwarden - "bitwarden user" /var/lib/bitwarden
diff --git a/bitwarden-web.service b/bitwarden-web.service
new file mode 100644
index 000000000000..fde2c7356294
--- /dev/null
+++ b/bitwarden-web.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Bitwarden Web
+PartOf=bitwarden-server.service
+After=bitwarden-server.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm --name bitwarden-web \
+ --env-file /etc/bitwarden/uid.env \
+ --volume /var/lib/bitwarden/web:/etc/bitwarden/web \
+ --network bitwarden-net \
+ bitwarden/web:1.19.0
+ExecStop=/usr/bin/docker kill bitwarden-web
+Restart=on-failure
+
+[Install]
+WantedBy=bitwarden-server.service \ No newline at end of file
diff --git a/bitwarden.install b/bitwarden.install
new file mode 100644
index 000000000000..87685c0f97a5
--- /dev/null
+++ b/bitwarden.install
@@ -0,0 +1,65 @@
+post_install() {
+ # Create user
+ systemd-sysusers /usr/lib/sysusers.d/bitwarden.conf
+
+ # Change directories owner
+ chown -R bitwarden:bitwarden /etc/bitwarden
+ chown -R bitwarden:bitwarden /var/lib/bitwarden
+ chown -R bitwarden:bitwarden /var/log/bitwarden
+
+ # Generate required vars
+ FQDN=$(hostname -f)
+ BW_UID=$(id -u bitwarden)
+ BW_GID=$(id -G bitwarden)
+
+ # Configure global.env
+ sed -i "s/#FQDN#/$FQDN/" /etc/bitwarden/global.env
+
+ # Configure uid.env
+ sed -i "s/#UID#/$BW_UID/" /etc/bitwarden/uid.env
+ sed -i "s/#GID#/$BW_GID/" /etc/bitwarden/uid.env
+
+ # Configure app-id.json
+ sed -i "s/#FQDN#/$FQDN/" /var/lib/bitwarden/web/app-id.json
+
+ # Pull docker images
+ docker pull bitwarden/mssql:1.19.0
+ docker pull bitwarden/web:1.19.0
+ docker pull bitwarden/attachments:1.19.0
+ docker pull bitwarden/api:1.19.0
+ docker pull bitwarden/identity:1.19.0
+ docker pull bitwarden/admin:1.19.0
+ docker pull bitwarden/icons:1.19.0
+ docker pull bitwarden/nginx:1.19.0
+
+ # Create docker network
+ docker network create bitwarden-net --driver bridge
+
+ # Initialize the database
+
+ # Reload systemd services
+ systemctl daemon-reload
+cat << EOF
+
+ Bitwarden server:
+ --------------------------
+ Bitwarden server can be started with systemd:
+ systemctl start bitwarden-server
+
+ Web interface will be available at http://localhost:8080, and Admin UI at http://localhost:8080/admin
+
+ Bitwarden requires HTTPS to be fully functional, and this package did not generate a SSL certificate.
+ If you use a reverse proxy in front of Bitwarden, please configure the SSL endpoint on your reverse proxy.
+
+ If you require SSL endpoint on Bitwarden, copy your certificate and key, mount the files to bitwarden-nginx docker & change the port
+ binding by overriding systemd service for bitwarden-nginx.service, and modify the /var/lib/bitwarden/nginx/default.conf nginx config file.
+
+ Bitwarden requires an installation key, which can be retrieved on https://bitwarden.com/host
+
+ Please edit the file /etc/bitwarden/global.env with your installation id and installation key:
+
+ globalSettings__installation__id=*** your id ***
+ globalSettings__installation__key=*** your key ***
+
+EOF
+} \ No newline at end of file
diff --git a/global.env b/global.env
new file mode 100644
index 000000000000..5317b050c5ff
--- /dev/null
+++ b/global.env
@@ -0,0 +1,34 @@
+ASPNETCORE_ENVIRONMENT=Production
+globalSettings__selfHosted=true
+globalSettings__baseServiceUri__internalAdmin=http://admin:5000
+globalSettings__baseServiceUri__internalIdentity=http://identity:5000
+globalSettings__baseServiceUri__internalApi=http://api:5000
+globalSettings__baseServiceUri__internalVault=http://web:5000
+globalSettings__pushRelayBaseUri=https://push.bitwarden.com
+globalSettings__installation__identityUri=https://identity.bitwarden.com
+globalSettings__baseServiceUri__vault=https://#FQDN#
+globalSettings__baseServiceUri__api=https://#FQDN#/api
+globalSettings__baseServiceUri__identity=https://#FQDN#/identity
+globalSettings__baseServiceUri__admin=https://#FQDN#/admin
+globalSettings__sqlServer__connectionString="Data Source=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=#DB_PASSWORD#;MultipleActiveResultSets=False;Connect Timeout=30;Encrypt=True;TrustServerCertificate=True"
+globalSettings__identityServer__certificatePassword=#ID_CERT_PASSWORD#
+globalSettings__attachment__baseDirectory=/etc/bitwarden/core/attachments
+globalSettings__attachment__baseUrl=https://#FQDN#/attachments
+globalSettings__dataProtection__directory=/etc/bitwarden/core/aspnet-dataprotection
+globalSettings__logDirectory=/etc/bitwarden/logs
+globalSettings__licenseDirectory=/etc/bitwarden/core/licenses
+globalSettings__duo__aKey=#DUO_AKEY#
+globalSettings__disableUserRegistration=false
+globalSettings__yubico__clientId=REPLACE
+globalSettings__yubico__key=REPLACE
+globalSettings__mail__replyToEmail=no-reply@test.mydom.com
+globalSettings__mail__smtp__host=REPLACE
+globalSettings__mail__smtp__username=REPLACE
+globalSettings__mail__smtp__password=REPLACE
+globalSettings__mail__smtp__ssl=true
+globalSettings__mail__smtp__port=587
+globalSettings__mail__smtp__useDefaultCredentials=false
+globalSettings__disableUserRegistration=false
+adminSettings__admins=
+globalSettings__installation__id=*** your id ***
+globalSettings__installation__key=*** your key ***
diff --git a/mssql.env b/mssql.env
new file mode 100644
index 000000000000..129b58c5610a
--- /dev/null
+++ b/mssql.env
@@ -0,0 +1,3 @@
+ACCEPT_EULA=Y
+MSSQL_PID=Express
+SA_PASSWORD=#DB_PASSWORD#
diff --git a/nginx-default.conf b/nginx-default.conf
new file mode 100644
index 000000000000..6bef369c99b6
--- /dev/null
+++ b/nginx-default.conf
@@ -0,0 +1,49 @@
+server {
+ listen 8080 default_server;
+ listen [::]:8080 default_server;
+ server_name test.mydom.com;
+
+ # X-Frame-Options is to prevent from click-jacking attack
+ #add_header X-Frame-Options SAMEORIGIN;
+
+ # Disable content-type sniffing on some browsers.
+ add_header X-Content-Type-Options nosniff;
+
+ # This header enables the Cross-site scripting (XSS) filter
+ add_header X-XSS-Protection "1; mode=block";
+
+ # This header controls what referrer information is shared
+ add_header Referrer-Policy same-origin;
+
+ # Content-Security-Policy is set via meta tag on the website so it is not included here
+
+ location / {
+ proxy_pass http://bitwarden-web/;
+ }
+
+ location = /app-id.json {
+ proxy_pass http://bitwarden-web:5000/app-id.json;
+ proxy_hide_header Content-Type;
+ add_header Content-Type $fido_content_type;
+ }
+
+ location /attachments/ {
+ proxy_pass http://bitwarden-attachments:5000/;
+ }
+
+ location /api/ {
+ proxy_pass http://bitwarden-api:5000/;
+ }
+
+ location /identity/ {
+ proxy_pass http://bitwarden-identity:5000/;
+ }
+
+ location /icons/ {
+ proxy_pass http://bitwarden-icons:5000/;
+ }
+
+ location /admin {
+ proxy_pass http://bitwarden-admin:5000;
+ }
+}
diff --git a/settings.js b/settings.js
new file mode 100644
index 000000000000..c51c1bf05c3f
--- /dev/null
+++ b/settings.js
@@ -0,0 +1,6 @@
+var bitwardenAppSettings = {
+ iconsUri: "/icons",
+ stripeKey: null,
+ braintreeKey: null,
+ selfHosted: true
+}; \ No newline at end of file
diff --git a/uid.env b/uid.env
new file mode 100644
index 000000000000..f863812a6bbc
--- /dev/null
+++ b/uid.env
@@ -0,0 +1,2 @@
+LOCAL_UID=#UID#
+LOCAL_GID=#GID# \ No newline at end of file