summarylogtreecommitdiffstats
path: root/PKGBUILD
AgeCommit message (Collapse)Author
2021-01-051.18.0Markus Richter
Upstream Changes: - Config values can now be defined in a file, use `<CONFIG_NAME>_FILE` to point to it. - For example, if you save the admin token to `/etc/bitwarden_rs/token`, you can use `ADMIN_TOKEN_FILE=/etc/bitwarden_rs/token` and it will read the file and set the token to it's contents. - Users can be enabled/disabled from the admin panel. - Implemented manager role. - Now the .env file parsing won't fail silently. - Fixes to the email format and processing, added option to enable debugging via `SMTP_DEBUG`, and added options to ignore certificate issues. - The user's last active device date is shown on the admin page. - Now cipher updates are validated when they provide a revision date, which will prevent multiple clients from overwriting each other's changes. - Updated web vault to 2.17.1. - Improved icon downloading in some edge cases. - Fixed key rotation during password change. - Make sure organization policies don't affect users that aren't a part of it or aren't confirmed. - Make sure removing a user from an org doesn't also remove them from accessing other orgs. - Return 404 when an icon is missing instead of a fallback, allowing the clients to use their own fallback icon. - Add missing admin endpoints for deleting ciphers. - Updated dependencies.
2020-12-09Rename package to bitwarden_rs-sqliteMarkus Richter
2020-10-111.17.0Markus Richter
- Revert Path adding a warning at the top of the env template, because this warning is now included in upstream Upstream Changes: - Multiple database support, now you can compile with `cargo build --features sqlite,mysql,postgresql` or any combination of them. - Now the initial database connection doesn't fail instantly when there's an error, but retries for up to 15 times by default, adjustable with the `DB_CONNECTION_RETRIES` option. - Sessions are properly invalidated now when changing email, password or kdf parameters. - Items are not shown to organization admins in their user view when they don't have their collection selected. Note that they still appear in the organization view. - Allow multiple SMTP auth mechanisms. - Favorite status in organization items is now tracked at the user level. - Fix admin page when `DOMAIN` is not configured, or configured incorrectly. - Update web vault to 2.16.1 - Add vendored_openssl feature, to statically link OpenSSL, disabled by default. - Updated dependencies and synced global domains file with upstream.
2020-08-121.16.3 (and 1.16.2)Markus Richter
Upstream Changes (1.16.3): - Fixed mysql and postgresql releases not building correctly - Added support for restricting org creation to certain users: [Examples](https://github.com/dani-garcia/bitwarden_rs/blob/570d6c8bf97d6c554a9f5265c9cc9aa4e8482f24/.env.template#L121-L127) - Syncronized global_domains.json with upstream Upstream Changes (1.16.2): - Fixed issue unlocking vault in the desktop client. - Added back arm32v6 tag, because docker fails to select that image in ARMv6 devices. - Fixed websocket notifications when sending an item to the trash.
2020-07-281.16.1Markus Richter
Upstream Changes: - Log timestamps with milliseconds by default and added option LOG_TIMESTAMP_FORMAT to customize the format
2020-07-211.16.0Markus Richter
Upstream Changes: - Add support for hiding passwords in a collection - Allow postgres:// DATABASE_URL - Add option to set name during HELO in email settings - Add startup script to support init operations - Use local time in email notifications for new device logins - Updated dependencies and included web vault - Removed unstable dependencies in preparation for rocket stable - Docker multiarch support
2020-06-101.15.1Markus Richter
Upstream Changes: - Fixed error when cloning attachments with ciphers, note that attachments are not cloned - Fixed version check when a commit hasn't been made since the last release - Added openssl extern crate to fix some builds - Updated admin page, added attachments count per user and users count per organization and fixed issue with DNS not resolving
2020-06-031.15.0Markus Richter
Upstream Changes: - Added support for soft deletion of items (trash functionality) - Redesigned admin page: - Separated into multiple pages - Icon to indicate users verified emails, and counter of the number of items they have - Added diagnostics page - Updated web vault to 2.14 - Added IP address to the logs on TOTP failure, alowing fail2ban use - Some email and domain whitelist fixes - Fixed issue deleting notes in PostgreSQL - Updated dependencies and other bug fixes
2020-04-29Tell bitwarden_rs its version, harden service moreMarkus Richter
2020-04-13Fix rustup toolchain issues (mainly on ARM)Markus Richter
Works around https://github.com/dani-garcia/bitwarden_rs/issues/962
2020-04-121.14.2Markus Richter
Upstream Changes: - Fixed bug with sync error in mobile clients. - Update web vault to 2.13.2. - Fix websockets missing id. - Improvements to docker health check, including subdirectory support. - Allow changing the build version with BWRS_VERSION env variable during cargo build. - Other dependency updates and bug fixes.
2020-03-211.14.1Markus Richter
Upstream Changelog: - Added support for organization policies - Added support for cloning ciphers - Update web vault to version 2.13 - Allow the SMTP login mechanism to be provided without quotes or initial uppercase - Updated dependencies - Make panics loggable - Fix errors when importing into an org or accepting invites
2020-03-131.14Markus Richter
- Add notice to the top of bitwarden_rs.env and update patchfile - Make package section of PKGBUILD more consistent Upstream Changelog: - Added support for running on subpath, simply add the subpath to the DOMAIN variable: DOMAIN=https://example.com/custom-path - Attachment size limits, per-user and per-organization, set USER_ATTACHMENT_LIMIT or ORG_ATTACHMENT_LIMIT to a value in kilobytes to apply it. - Updated U2F library which might solve some U2F certificate errors. - Added SMTP test button in the admin page. - Now accepting y/n, True/False, 1/0 as config options that are booleans. - Fixed error Unique constraint violation when using Two Factor and Postgres. - Fixed error with can_signup_user that didn't allow to change the email address. - Don't error if admin token is empty but disabled - Now email domains are converted to punycode before sending - Enable icons to be cached in the clients - Added option to change invitation org name - Enabled the sending of invitations from the admin panel, even when disabled - Dependency updates
2020-01-061.13.1Markus Richter
- apply changes to the systemd config from Siosm - revert cargo test patches - make restart reminder on update smaller - remove unneccessary daemon-reloading (is triggered by pacman anyway) Upstream Changelog: - New collapsed log messaging, filtering the useless stuff like static file accesses and removing duplicate error messages. To get a more complete logging, use a LOG_LEVEL value of debug or trace. - Fix crash when cipher page points to huge file - Addded config option to change client IP header, IP_HEADER, by default it's X-Client-IP for backwards compat reasons. - Printed current server time when failing TOTP, for easy debugging - Protected websockets server against panics - Add a logout button on the admin page - Add endpoint to delete specific U2F key - Updated dependencies
2019-12-011.13.0Markus Richter
Upstream Changelog: - Implemented email verification, to disable users until the email is verified you can use `SIGNUPS_VERIFY=true`, default is false. There are also options to change the options for verification mail resending, check the `.env.template` file. - Also implemented welcome email, change email confirmation and account deletion confirmation. - Modified icon parsing to accept favicons using DataURLs - Updated dependencies
2019-11-231.12.0Markus Richter
- revert armv7h workaround - fit PKGBUILD to the archlinux rust packaging guidelines (https://wiki.archlinux.org/index.php/Rust_package_guidelines) by introducing check() and --locked Upstream Changelog: - Improved error message when HIBP key is not set, include a link to the page. - Added check for both the previous and next timeslots in TOTP, which is more forgiving of time mismatches (1.5 minutes now vs 30 seconds before), can be disabled setting `AUTHENTICATOR_DISABLE_TIME_DRIFT=true`. - Made the domain icon blacklist be cached, improving performance. - Recovery codes are now generated when adding email and Duo 2FA. - Removed MySQL libraries from SQLite images. - Added configurable SMTP timeout, and reduced the default to 15 seconds. - Updated images to be able to be built with Podman. - Added option to allow signups from specific domains only (`SIGNUPS_DOMAINS_WHITELIST=domain.com,example.org`). - Updated web vault to fix twofactorauth.org integration. - Updated dependencies
2019-10-101.11.0Markus Richter
Upstream Changelog: - Added initial PostgresSQL support (enabled in the AUR package bitwarden_rs-postgresql) - Added new icon blacklisting option, to block all non global IPs (ICON_BLACKLIST_NON_GLOBAL_IPS) - Admin page scripts are loaded locally instead of using a CDN - Added CORS support - Added email 2FA - other Docker image related changes (omitted)
2019-09-14Fix ARM build issuesMarkus Richter
2019-08-28add -mysql package to conflictsMarkus Richter
2019-08-281.10.0Markus Richter
Upstream Changelog: - Added MySQL support - Added backup option in the admin panel for the SQLite backend, remember to transfer those copies to separate drives! - Updated HaveIBeenPwned API to V3, which requires a paid API key: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/ - Added option in admin panel to remove users two factor authentication, in case of loss or bug - Allowed explicitly defining the SMTP authentication mechanism - Added notification email when a user logs in on a new device - Updated web vault to 2.11.0 - Added proxy support for the icon fetching service - Other bug fixes
2019-06-041.9.1Markus Richter
Upstream Changelog - Fixed broken U2F in Chrome 74+ - Added images to email - Updated dependencies
2019-04-301.9.0Markus Richter
Upstream Changelog - Duo is now available as a 2FA option, both configurable globally and per-user - To enable it globally, check the .env template, and then leave the fields empty when enabling it per-user. - Updated web vault to 2.10.0 - Added option to control the log level: LOG_LEVEL - Valid values from more to less noisy are "trace", "debug", "info", "warn", "error" and "off" - Now there is no need to compile the application a different way to enable syslog support, simply set USE_SYSLOG to true. - Now DATA_FOLDER affects CONFIG_FILE when set through the environment - Improved endpoints for Admin API - Other fixes
2019-03-231.8.0Markus Richter
Upstream Changelog - Secrets are now hidden by default in the admin panel. - Now the version is shown in the top right corner of the admin page. - Read only settings are also shown in the admin panel, but not editable. - Added option to admin panel to force resync users, useful after restoring an old backup. - Implemented multiple U2F support, with custom names and compromised checks. - Emails now also include an HTML version next to the plaintext version. It's up to the email clients which one to show now. - Updated vault to 2.9.0 - Implemented constant time comparison for admin password and two factor remember and recover tokens. - Added more config options: - Icon download timeout - Hide routes mount points, enabled by default - Disable WAL (not recommended, only for network filesystems that have problems with WAL enabled) - Disable Admin token (unsafe, only use when behind another authentication scheme). - Use wrapped TLS for email, when STARTTLS doesn't work. - Icon downloader domain blacklist, to block anything that might be sensitive, lik other servers in the local network. - Updated dependencies and fixed minor bugs
2019-02-091.7.0Markus Richter
Upstream Changelog: - Added configuration menu, accessible from the admin panel. This saves the user settings to a JSON file, by default in data/config.json, but configurable with the CONFIG_FILE environment variable. - Added templating support for emails, can be added to $DATA_FOLDER/templates/email, or $TEMPLATES_FOLDER/email, if configured. Check here for examples. - Added reload templates option, useful during development. Set RELOAD_TEMPLATES to true to enable. - The templates use the Handlebars format. - Improved icon downloader, now we don't use the upstream server anymore. - Added option to disable icon download, set DISABLE_ICON_DOWNLOAD to true. - Note that icons already in the cache will still be served. With this, if ICON_CACHE_TTL is set to 0, the cached icons will not expire. - Admin panel improvements: - Organization, 2FA status and disabled user badges - Deauthorize user sessions button - Now using templates - Added Feature-Policy header. - Created recovery code when registering a YubiKey - Now the .env file is only read from the current directory. - Other fixes and dependency updates
2019-01-131.6.1Markus Richter
temporarily fix SSL Error (https://github.com/dani-garcia/bitwarden_rs/issues/337), revert aarch64 workaround Upstream Changelog: - Enabled Yubikey support on AArch64 - Fixed error when editing cipher with attachment - Fixed error incorrectly hiding cipher when deleting attachment - Added unofficial server warning
2019-01-11Added aarch64 workaround ↵Markus Richter
(https://github.com/dani-garcia/bitwarden_rs/issues/262)
2019-01-111.6.0Markus Richter
Upstream Changelog: - Implemented new admin panel, available at /admin - To use it, you need to set the ADMIN_TOKEN variable to authenticate - Note: The old admin_email functionality has been removed - Added email invite functionality - Web vault updated to v2.8.0 - Fixed AArch64 build, disables Yubikey support - Implemented TTLs for the icon cache - Improved error handling - Bug fixes
2019-01-021.5.0Markus Richter
Upstream Changelog: - Revamped logging - Logging to file is now supported, set LOG_FILE=/path/to/log - Logging to syslog is now supported, for this you need to compile the project with cargo build --features=enable_syslog - Important: If you are using fail2ban or similar, you may need to update the filters to the new style. - You can also disable it, by setting EXTENDED_LOGGING=false, but this disables logging to file or syslog - Updated web vault to 2.7.1 - Implemented key rotation and individual attachment keys - Added yubico support - Updated rocket web server to 0.4 - Fixed some logout issues - Fixed some crashed in mobile apps when using 2FA
2018-11-141.4.0Markus Richter
Upstream Changelog: - Disabled websockets by default, can be enabled by setting WEBSOCKET_ENABLED=true. Note that websockets require some additional setup. More info about that in the README. - Upgraded sync method to not send equivalent domains when not necessary. - Bug fixes and documentation changes
2018-10-13upgpkg: v1.3.0Markus Richter
2018-09-23upgpkg: v1.2.0Markus Richter
2018-09-23fix broken lettre dependencyMarkus Richter
2018-09-20fixed openssl v1.1.1 incompatibility, clarified email configurationMarkus Richter
2018-09-13updpkg v1.1.0Markus Richter
2018-08-22updpkg:v1.0.0Markus Richter
2018-08-03updpkg 0.12.0Markus Richter
2018-07-22updpkg:0.11.0Markus Richter
2018-07-13first version: 0.10.0, copied from bitwarden_rs-gitMarkus Richter