private static void Install()
{
var outputDir = _parameters.ContainsKey("out") ?
_parameters["out"].ToLowerInvariant() : "/etc/bitwarden";
var domain = _parameters.ContainsKey("domain") ?
_parameters["domain"].ToLowerInvariant() : "localhost";
var letsEncrypt = _parameters.ContainsKey("letsencrypt") ?
_parameters["letsencrypt"].ToLowerInvariant() == "y" : false;
if (!ValidateInstallation())
{
return;
}
var ssl = letsEncrypt;
if (!letsEncrypt)
{
ssl = Helpers.ReadQuestion("Do you have a SSL certificate to use?");
if (ssl)
{
Directory.CreateDirectory($"/bitwarden/ssl/{domain}/");
var message = "Make sure 'certificate.crt' and 'private.key' are provided in the \n" +
"appropriate directory before running 'start' (see docs for info).";
Helpers.ShowBanner("NOTE", message);
}
}
var identityCertPassword = Helpers.SecureRandomString(32, alpha: true, numeric: true);
var certBuilder = new CertBuilder(domain, identityCertPassword, letsEncrypt, ssl);
var selfSignedSsl = certBuilder.BuildForInstall();
ssl = certBuilder.Ssl; // Ssl prop can get flipped during the build
var sslTrusted = letsEncrypt;
var sslDiffieHellman = letsEncrypt;
if (ssl && !selfSignedSsl && !letsEncrypt)
{
sslDiffieHellman = Helpers.ReadQuestion("Use Diffie Hellman ephemeral parameters for SSL " +
"(requires dhparam.pem, see docs)?");
sslTrusted = Helpers.ReadQuestion("Is this a trusted SSL certificate (requires ca.crt, see docs)?");
}
if (!ssl)
{
var message = "You are not using a SSL certificate. Bitwarden requires HTTPS to operate. \n" +
"You must front your installation with a HTTPS proxy. The web vault (and \n" +
"other Bitwarden apps) will not work properly without HTTPS.";
Helpers.ShowBanner("WARNING", message, ConsoleColor.Yellow);
}
else if (ssl && !sslTrusted)
{
var message = "You are using an untrusted SSL certificate. This certificate will not be \n" +
"trusted by Bitwarden client applications. You must add this certificate to \n" +
"the trusted store on each device or else you will receive errors when trying \n" +
"to connect to your installation.";
Helpers.ShowBanner("WARNING", message, ConsoleColor.Yellow);
}
var url = $"https://{domain}";
int httpPort = default(int), httpsPort = default(int);
if (Helpers.ReadQuestion("Do you want to use the default ports for HTTP (80) and HTTPS (443)?"))
{
httpPort = 80;
if (ssl)
{
httpsPort = 443;
}
}
else if (ssl)
{
httpsPort = 443;
if (int.TryParse(Helpers.ReadInput("HTTPS port").Trim(), out httpsPort) && httpsPort != 443)
{
url += (":" + httpsPort);
}
else
{
Console.WriteLine("Using default port.");
}
}
else
{
httpPort = 80;
if (!int.TryParse(Helpers.ReadInput("HTTP port").Trim(), out httpPort) && httpPort != 80)
{
Console.WriteLine("Using default port.");
}
}
if (Helpers.ReadQuestion("Is your installation behind a reverse proxy?"))
{
if (Helpers.ReadQuestion("Do you use the default HTTPS port (443) on your reverse proxy?"))
{
url = $"https://{domain}";
}
else
{
if (int.TryParse(Helpers.ReadInput("Proxy HTTPS port").Trim(), out var httpsReversePort) &&
httpsReversePort != 443)
{
url += (":" + httpsReversePort);
}
else
{
Console.WriteLine("Using default port.");
url = $"https://{domain}";
}
}
}
else if (!ssl)
{
Console.WriteLine("ERROR: You must use a reverse proxy if not using SSL.");
return;
}
var push = Helpers.ReadQuestion("Do you want to use push notifications?");
var nginxBuilder = new NginxConfigBuilder(domain, url, ssl, selfSignedSsl, letsEncrypt,
sslTrusted, sslDiffieHellman);
nginxBuilder.BuildForInstaller();
var environmentFileBuilder = new EnvironmentFileBuilder
{
DatabasePassword = Helpers.SecureRandomString(32),
Domain = domain,
IdentityCertPassword = identityCertPassword,
InstallationId = _installationId,
InstallationKey = _installationKey,
OutputDirectory = outputDir,
Push = push,
Url = url
};
environmentFileBuilder.BuildForInstaller();
var appSettingsBuilder = new AppSettingsBuilder();
appSettingsBuilder.Build();
var appIdBuilder = new AppIdBuilder(url);
appIdBuilder.Build();
var dockerComposeBuilder = new DockerComposeBuilder(_hostOs, _webVersion, _coreVersion);
dockerComposeBuilder.BuildForInstaller(httpPort, httpsPort);
}
private static void Install()
{
if (_context.Parameters.ContainsKey("letsencrypt"))
{
_context.Config.SslManagedLetsEncrypt =
_context.Parameters["letsencrypt"].ToLowerInvariant() == "y";
}
if (_context.Parameters.ContainsKey("domain"))
{
_context.Install.Domain = _context.Parameters["domain"].ToLowerInvariant();
}
if (_context.Stub)
{
_context.Install.InstallationId = Guid.Empty;
_context.Install.InstallationKey = "SECRET_INSTALLATION_KEY";
}
else if (!ValidateInstallation())
{
return;
}
var certBuilder = new CertBuilder(_context);
certBuilder.BuildForInstall();
// Set the URL
_context.Config.Url = string.Format("http{0}://{1}",
_context.Config.Ssl ? "s" : string.Empty, _context.Install.Domain);
var nginxBuilder = new NginxConfigBuilder(_context);
nginxBuilder.BuildForInstaller();
var environmentFileBuilder = new EnvironmentFileBuilder(_context);
environmentFileBuilder.BuildForInstaller();
var appIdBuilder = new AppIdBuilder(_context);
appIdBuilder.Build();
var dockerComposeBuilder = new DockerComposeBuilder(_context);
dockerComposeBuilder.BuildForInstaller();
_context.SaveConfiguration();
Console.WriteLine("\nInstallation complete");
Console.WriteLine("\nIf you need to make additional configuration changes, you can modify\n" +
"the settings in `{0}` and then run:\n{1}",
_context.HostOS == "win" ? ".\\bwdata\\config.yml" : "./bwdata/config.yml",
_context.HostOS == "win" ? "`.\\bitwarden.ps1 -rebuild` or `.\\bitwarden.ps1 -update`" :
"`./bitwarden.sh rebuild` or `./bitwarden.sh update`");
Console.WriteLine("\nNext steps, run:");
if (_context.HostOS == "win")
{
Console.WriteLine("`.\\bitwarden.ps1 -start`");
}
else
{
Console.WriteLine("`./bitwarden.sh start`");
}
Console.WriteLine(string.Empty);
}
private static void Install()
{
var outputDir = _parameters.ContainsKey("out") ?
_parameters["out"].ToLowerInvariant() : "/etc/bitwarden";
var domain = _parameters.ContainsKey("domain") ?
_parameters["domain"].ToLowerInvariant() : "localhost";
var letsEncrypt = _parameters.ContainsKey("letsencrypt") ?
_parameters["letsencrypt"].ToLowerInvariant() == "y" : false;
if (!ValidateInstallation())
{
return;
}
var ssl = letsEncrypt;
if (!letsEncrypt)
{
Console.Write("(!) Do you have a SSL certificate to use? (y/n): ");
ssl = Console.ReadLine().ToLowerInvariant() == "y";
if (ssl)
{
Directory.CreateDirectory($"/bitwarden/ssl/{domain}/");
Console.WriteLine("Make sure 'certificate.crt' and 'private.key' are provided in the " +
"appropriate directory (see setup instructions).");
}
}
var identityCertPassword = Helpers.SecureRandomString(32, alpha: true, numeric: true);
var certBuilder = new CertBuilder(domain, identityCertPassword, letsEncrypt, ssl);
var selfSignedSsl = certBuilder.BuildForInstall();
ssl = certBuilder.Ssl; // Ssl prop can get flipped during the build
var url = ssl ? $"https://{domain}" : $"http://{domain}";
Console.Write("(!) Do you want to use the default ports for HTTP (80) and HTTPS (443)? (y/n): ");
var defaultPorts = Console.ReadLine().ToLowerInvariant() == "y";
int httpPort = default(int), httpsPort = default(int);
if (!defaultPorts)
{
Console.Write("(!) HTTP port: ");
if (int.TryParse(Console.ReadLine().ToLowerInvariant().Trim(), out httpPort))
{
if (ssl)
{
Console.Write("(!) HTTPS port: ");
if (int.TryParse(Console.ReadLine().ToLowerInvariant().Trim(), out httpsPort))
{
if (httpsPort != 443)
{
url += (":" + httpsPort);
}
}
else
{
Console.WriteLine("Invalid HTTPS port.");
httpPort = httpsPort = default(int);
}
}
else if (httpPort != 80)
{
url += (":" + httpPort);
}
}
else
{
Console.WriteLine("Invalid HTTP port.");
}
}
Console.Write("(!) Is your installation behind a reverse proxy? (y/n): ");
var reverseProxy = Console.ReadLine().ToLowerInvariant() == "y";
if (reverseProxy)
{
Console.Write("(!) Do you use the default ports on your reverse proxy (80/443)? (y/n): ");
var proxyDefaultPorts = Console.ReadLine().ToLowerInvariant() == "y";
if (proxyDefaultPorts)
{
url = ssl ? $"https://{domain}" : $"http://{domain}";
}
else
{
int httpReversePort = default(int), httpsReversePort = default(int);
Console.Write("(!) Proxy HTTP port: ");
if (int.TryParse(Console.ReadLine().ToLowerInvariant().Trim(), out httpReversePort))
{
if (ssl)
{
Console.Write("(!) Proxy HTTPS port: ");
if (int.TryParse(Console.ReadLine().ToLowerInvariant().Trim(), out httpsReversePort))
{
if (httpsReversePort != 443)
{
url += (":" + httpsReversePort);
}
}
else
{
Console.WriteLine("Invalid proxy HTTPS port.");
httpReversePort = httpsReversePort = default(int);
}
}
else if (httpReversePort != 80)
{
url += (":" + httpReversePort);
}
}
else
{
Console.WriteLine("Invalid proxy HTTP port.");
}
}
}
Console.Write("(!) Do you want to use push notifications? (y/n): ");
var push = Console.ReadLine().ToLowerInvariant() == "y";
var nginxBuilder = new NginxConfigBuilder(domain, url, ssl, selfSignedSsl, letsEncrypt);
nginxBuilder.BuildForInstaller();
var environmentFileBuilder = new EnvironmentFileBuilder
{
DatabasePassword = Helpers.SecureRandomString(32),
Domain = domain,
IdentityCertPassword = identityCertPassword,
InstallationId = _installationId,
InstallationKey = _installationKey,
OutputDirectory = outputDir,
Push = push,
Url = url
};
environmentFileBuilder.BuildForInstaller();
var appSettingsBuilder = new AppSettingsBuilder();
appSettingsBuilder.Build();
var appIdBuilder = new AppIdBuilder(url);
appIdBuilder.Build();
var dockerComposeBuilder = new DockerComposeBuilder(_hostOs, _webVersion, _coreVersion);
dockerComposeBuilder.BuildForInstaller(httpPort, httpsPort);
}
private static void Install()
{
if (_context.Parameters.ContainsKey("letsencrypt"))
{
_context.Config.Ssl.ManagedLetsEncrypt =
_context.Parameters["letsencrypt"].ToLowerInvariant() == "y";
}
if (_context.Parameters.ContainsKey("domain"))
{
_context.Install.Domain = _context.Parameters["domain"].ToLowerInvariant();
_context.Config.Domain = _context.Install.Domain;
}
if (_context.Parameters.ContainsKey("ssl"))
{
_context.Config.Ssl.Enable = _context.Parameters["ssl"] == "true" ||
_context.Parameters["ssl"] == "1";
_context.Install.Ssl = _context.Config.Ssl.Enable;
}
if (_context.Parameters.ContainsKey("dbhost"))
{
_context.Config.Database.Hostname = _context.Parameters["dbhost"];
}
_context.Install.InstallationId = CoreHelpers.GenerateComb();
_context.Install.InstallationKey = CoreHelpers.SecureRandomString(20);
var certBuilder = new CertBuilder(_context);
certBuilder.BuildForInstall();
var nginxBuilder = new NginxConfigBuilder(_context);
nginxBuilder.BuildForInstaller();
var environmentFileBuilder = new EnvironmentFileBuilder(_context);
environmentFileBuilder.BuildForInstaller();
var appIdBuilder = new AppIdBuilder(_context);
appIdBuilder.Build();
var dockerComposeBuilder = new DockerComposeBuilder(_context);
dockerComposeBuilder.BuildForInstaller();
_context.SaveConfiguration();
Console.WriteLine("\nInstallation complete");
Console.WriteLine("\nIf you need to make additional configuration changes, you can modify\n" +
"the settings in `{0}` and then run:\n{1}",
_context.HostOS == "win" ? ".\\bwdata\\config.yml" : "./bwdata/config.yml",
_context.HostOS == "win" ? "`.\\bytegarden.ps1 -rebuild` or `.\\bytegarden.ps1 -update`" :
"`./bytegarden.sh rebuild` or `./bytegarden.sh update`");
Console.WriteLine("\nNext steps, run:");
if (_context.HostOS == "win")
{
Console.WriteLine("`.\\bytegarden.ps1 -start`");
}
else
{
Console.WriteLine("`./bytegarden.sh start`");
}
Console.WriteLine(string.Empty);
}