mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-14 09:33:44 +01:00
Merge pull request #3 from shauder/master
Sync working branch with changes in master upstream
This commit is contained in:
commit
34d2648509
5 changed files with 41 additions and 15 deletions
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "bitwarden_rs"
|
name = "bitwarden_rs"
|
||||||
version = "0.10.0"
|
version = "0.11.0"
|
||||||
authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
|
authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
|
|
|
@ -68,6 +68,7 @@ RUN cargo build --release
|
||||||
FROM debian:stretch-slim
|
FROM debian:stretch-slim
|
||||||
|
|
||||||
ENV ROCKET_ENV "staging"
|
ENV ROCKET_ENV "staging"
|
||||||
|
ENV ROCKET_WORKERS=10
|
||||||
|
|
||||||
# Install needed libraries
|
# Install needed libraries
|
||||||
RUN apt-get update && apt-get install -y\
|
RUN apt-get update && apt-get install -y\
|
||||||
|
|
22
README.md
22
README.md
|
@ -21,6 +21,7 @@ _*Note, that this project is not associated with the [Bitwarden](https://bitward
|
||||||
- [attachments location](#attachments-location)
|
- [attachments location](#attachments-location)
|
||||||
- [icons cache](#icons-cache)
|
- [icons cache](#icons-cache)
|
||||||
- [Changing the API request size limit](#changing-the-api-request-size-limit)
|
- [Changing the API request size limit](#changing-the-api-request-size-limit)
|
||||||
|
- [Changing the number of workers](#changing-the-number-of-workers)
|
||||||
- [Other configuration](#other-configuration)
|
- [Other configuration](#other-configuration)
|
||||||
- [Building your own image](#building-your-own-image)
|
- [Building your own image](#building-your-own-image)
|
||||||
- [Building binary](#building-binary)
|
- [Building binary](#building-binary)
|
||||||
|
@ -137,7 +138,7 @@ docker run -d --name bitwarden \
|
||||||
-v /ssl/keys/:/ssl/ \
|
-v /ssl/keys/:/ssl/ \
|
||||||
-v /bw-data/:/data/ \
|
-v /bw-data/:/data/ \
|
||||||
-v /icon_cache/ \
|
-v /icon_cache/ \
|
||||||
-p 443:443 \
|
-p 443:80 \
|
||||||
mprasil/bitwarden:latest
|
mprasil/bitwarden:latest
|
||||||
```
|
```
|
||||||
Note that you need to mount ssl files and you need to forward appropriate port.
|
Note that you need to mount ssl files and you need to forward appropriate port.
|
||||||
|
@ -233,6 +234,20 @@ docker run -d --name bitwarden \
|
||||||
mprasil/bitwarden:latest
|
mprasil/bitwarden:latest
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Changing the number of workers
|
||||||
|
|
||||||
|
When you run bitwarden_rs, it spawns `2 * <number of cpu cores>` workers to handle requests. On some systems this might lead to low number of workers and hence slow performance, so the default in the docker image is changed to spawn 10 threads. You can override this setting to increase or decrease the number of workers by setting the `ROCKET_WORKERS` variable.
|
||||||
|
|
||||||
|
In the example bellow, we're starting with 20 workers:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
docker run -d --name bitwarden \
|
||||||
|
-e ROCKET_WORKERS=20 \
|
||||||
|
-v /bw-data/:/data/ \
|
||||||
|
-p 80:80 \
|
||||||
|
mprasil/bitwarden:latest
|
||||||
|
```
|
||||||
|
|
||||||
### Other configuration
|
### Other configuration
|
||||||
|
|
||||||
Though this is unlikely to be required in small deployment, you can fine-tune some other settings like number of workers using environment variables that are processed by [Rocket](https://rocket.rs), please see details in [documentation](https://rocket.rs/guide/configuration/#environment-variables).
|
Though this is unlikely to be required in small deployment, you can fine-tune some other settings like number of workers using environment variables that are processed by [Rocket](https://rocket.rs), please see details in [documentation](https://rocket.rs/guide/configuration/#environment-variables).
|
||||||
|
@ -254,8 +269,7 @@ For building binary outside the Docker environment and running it locally withou
|
||||||
|
|
||||||
### Arch Linux
|
### Arch Linux
|
||||||
|
|
||||||
Bitwarden_rs is already packaged for Archlinux thanks to @mqus. There is an AUR package [with](https://aur.archlinux.org/packages/bitwarden_rs-vault-git/) and
|
Bitwarden_rs is already packaged for Archlinux thanks to @mqus. There is an [AUR package](https://aur.archlinux.org/packages/bitwarden_rs) (optionally with the [vault web interface](https://aur.archlinux.org/packages/bitwarden_rs-vault/) ) available.
|
||||||
[without](https://aur.archlinux.org/packages/bitwarden_rs-git/) the vault web interface available.
|
|
||||||
|
|
||||||
## Backing up your vault
|
## Backing up your vault
|
||||||
|
|
||||||
|
@ -303,4 +317,4 @@ docker run -d --name bitwarden \
|
||||||
|
|
||||||
To ask an question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine, also please report any bugs spotted here.
|
To ask an question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine, also please report any bugs spotted here.
|
||||||
|
|
||||||
If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/!cASGtOHlSftdScFNMs:matrix.org) room on Matrix. Feel free to join us!
|
If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/#bitwarden_rs:matrix.org) room on Matrix. Feel free to join us!
|
||||||
|
|
|
@ -4,7 +4,7 @@ use std::path::{Path, PathBuf};
|
||||||
use rocket::request::Request;
|
use rocket::request::Request;
|
||||||
use rocket::response::{self, NamedFile, Responder};
|
use rocket::response::{self, NamedFile, Responder};
|
||||||
use rocket::response::content::Content;
|
use rocket::response::content::Content;
|
||||||
use rocket::http::ContentType;
|
use rocket::http::{ContentType, Status};
|
||||||
use rocket::Route;
|
use rocket::Route;
|
||||||
use rocket_contrib::{Json, Value};
|
use rocket_contrib::{Json, Value};
|
||||||
|
|
||||||
|
@ -49,14 +49,19 @@ struct WebHeaders<R>(R);
|
||||||
|
|
||||||
impl<'r, R: Responder<'r>> Responder<'r> for WebHeaders<R> {
|
impl<'r, R: Responder<'r>> Responder<'r> for WebHeaders<R> {
|
||||||
fn respond_to(self, req: &Request) -> response::Result<'r> {
|
fn respond_to(self, req: &Request) -> response::Result<'r> {
|
||||||
let mut res = self.0.respond_to(req)?;
|
match self.0.respond_to(req) {
|
||||||
|
Ok(mut res) => {
|
||||||
|
res.set_raw_header("Referrer-Policy", "same-origin");
|
||||||
|
res.set_raw_header("X-Frame-Options", "SAMEORIGIN");
|
||||||
|
res.set_raw_header("X-Content-Type-Options", "nosniff");
|
||||||
|
res.set_raw_header("X-XSS-Protection", "1; mode=block");
|
||||||
|
|
||||||
res.set_raw_header("Referrer-Policy", "same-origin");
|
Ok(res)
|
||||||
res.set_raw_header("X-Frame-Options", "SAMEORIGIN");
|
},
|
||||||
res.set_raw_header("X-Content-Type-Options", "nosniff");
|
Err(_) => {
|
||||||
res.set_raw_header("X-XSS-Protection", "1; mode=block");
|
Err(Status::NotFound)
|
||||||
|
}
|
||||||
Ok(res)
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
10
src/auth.rs
10
src/auth.rs
|
@ -95,7 +95,7 @@ use rocket::Outcome;
|
||||||
use rocket::request::{self, Request, FromRequest};
|
use rocket::request::{self, Request, FromRequest};
|
||||||
|
|
||||||
use db::DbConn;
|
use db::DbConn;
|
||||||
use db::models::{User, UserOrganization, UserOrgType, Device};
|
use db::models::{User, UserOrganization, UserOrgType, UserOrgStatus, Device};
|
||||||
|
|
||||||
pub struct Headers {
|
pub struct Headers {
|
||||||
pub host: String,
|
pub host: String,
|
||||||
|
@ -205,7 +205,13 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
|
||||||
};
|
};
|
||||||
|
|
||||||
let org_user = match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
|
let org_user = match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
|
||||||
Some(user) => user,
|
Some(user) => {
|
||||||
|
if user.status == UserOrgStatus::Confirmed as i32 {
|
||||||
|
user
|
||||||
|
} else {
|
||||||
|
err_handler!("The current user isn't confirmed member of the organization")
|
||||||
|
}
|
||||||
|
}
|
||||||
None => err_handler!("The current user isn't member of the organization")
|
None => err_handler!("The current user isn't member of the organization")
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue