Update (or install) the latest Bitwarden. GitHub Gist: instantly share code, notes, and snippets. I am trying to install bitwardenrs on my Raspberry Pi docker installation. First I created a container without certificates with this command: sudo docker run -d -name bitwarden -v /bw-data/:/data/ -p 8081:80 bitwarde&hellip.
Install Docker
Add user(s) to the docker group. The default user would be pi. However, I highly recommend deactivating the default user.
Reboot and then test docker
Flash player 18.0 free download for mac. Install more dependencies
Fight With SSL
This is the most annoying part of the story. You can either choose to use letsencrypt or a self-signed openssl-cert. Letsencrypt will only work, if your service will be exposed publicly. Also, letsencrypt is fairly easy to setup, so I will focus on a self-signed openssl-solution.
First, we’ll need a “virtual” certificate authority (CA) that will actually sign our certificate later. If you already have a CA, you can skip this. The first command creates a private key, the second command creates the root certificate of our CA.
Now, we’ll need to create a “client” key and a certificate signing request, which will then be “sent” to our CA.
For the actual signing, we’ll also need an extension file. I ran into problems with OSX and iOS without adding the used extensions during signing. Neither OSX, iOS nor Google Chrome accepted the certificate without those extensions. Create a file openssl.cnf
Replace <hostname> and <ip> with your actual values.
3cx sophos xg. We have upgraded our firewalls and now using Sophos XG. We are having users complaining of bad call quality and silences when making & receiving external calls. I have ran the remote firewall/NAT tester and all passed. New to 3CX but have a few customers on it via the Azure. We have a VM with an OS disk size of 256gb - What is the limit for. Recovery Instructions: Your options. In the Application Control policy, applications are allowed by default. System administrators choose applications that they wish to block. I am having issues with incoming calls on 3CX behind a Sophos XG firewall. This previously ran behind a Pfsense firewall without issue, so I know it is a firewall problem. When I run the firewall check I get “full cone test failed” on the SIP port, tunnel port and media (9000+) ports. Outbound calls work fine. Getting Sophos to pass the 3CX firewall test was a challenge, here's a step by step to get it working. 6 Steps total Step 1: Disable SIP Alg in the XG. The first thing 3CX Support is going to ask about. This is NOT the server you are forwarding to - it is the XG's WAN. Thank you for reaching out to the Community! The first three steps outlined in the document are still valid for the SFOS v18 firmware, but the process to create a DNAT(Business application rule) has changed with the v18.
Finally, the actual signing:
The certificate you’ll need to deploy on your devices is the root certificate. Yes, this will also work on iOS.
Install/Configure Bitwarden
We’ll use the bitwarden_rs docker container. It uses sqlite instead of MSSQL, which is not available for ARM.
If docker successfully downloaded the image, you can run it as follows. I simply created a small bash script.
The ROCKET_TLS argument tells bitwarden, where it can find its key and certificate. The values describe paths within the docker container. For these paths to work, we’ll need to supply a volume mapping (-v). The additional volume mapping bw-data is a volume for bitwarden to store its actual sqlite “database” in. Internally, bitwarden will bind to port 80. Since we know/hope it’ll run SSL, we can map internal port 80 to 443.
If everything works, you can reach your bitwarden vaults on https://<hostname>
You’ll most likely run into SSL problems. Good luck.
Backup
Bitwarden Free
Read this article.
Debugging/FAQ
Bitwarden Fido
Show running docker containers
Logs and events
Run command within a docker container
Netstat (works w/o actual netstat binary in container. Cool, eh!?)
A word on IPv6. Initially, when bitwarden didn’t work during my first attempts, I was confused by the output of netstat. It showed, that the destination socket for https was only bound to tcp6. This shouldn’t be a problem, though, because bitwarden also sets up a couple of iptables rules (# iptables -L). However, if you think it might be a problem on your machine, try the following things in your /etc/sysctl.conf
At one point, I even completely disabled IPv6 via the kernel command line. However, that introduced even more problems.
| #!/usr/bin/env bash |
| # Update (or install) the latest Bitwarden |
| # Optimized for Debian + GNOME |
| # ffflorian 2019 |
| set -e |
| SCRIPT_NAME='${0##*/}' |
| INSTALL_DIR='/opt/Bitwarden' |
| EXEC_BIN='${INSTALL_DIR}/bitwarden' |
| TEMP_DIR='$(mktemp -d)' |
| DEB_FILE='${TEMP_DIR}/bitwarden.deb' |
| CONFIG_FILE='${HOME}/.config/Bitwarden/data.json' |
| RELEASE_URL='https://api.github.com/repos/bitwarden/desktop/releases/latest' |
| USE_CURL='yes' |
| FORCE='no' |
| _cleanup() { |
| rm -rf '${TEMP_DIR}' |
| } |
| trap _cleanup EXIT |
| _compare_version() { |
| printf'%03d%03d%03d%03d'$(echo '${1}'| tr '.''') |
| } |
| get_latest_release() { |
| if [ '${USE_CURL}'='yes' ];then |
| curl -sL '${RELEASE_URL}'| grep ''tag_name':'| sed -E 's/.*'v?([^']+)'.*/1/' |
| else |
| wget -qO- '${RELEASE_URL}'| grep ''tag_name':'| sed -E 's/.*'v?([^']+)'.*/1/' |
| fi |
| } |
| _print_usage() { |
| cat <<EOF |
| Usage: ${SCRIPT_NAME} [option] |
| Options: |
| --force (-f) Reinstall Bitwarden if it is already installed. |
| Commands: |
| --help (-h) Display this help message |
| EOF |
| } |
| while: |
| do |
| case'${1}'in |
| -f|--force ) |
| FORCE='force' |
| shift |
| ;; |
| -h|--help ) |
| _print_usage |
| exit 0 |
| ;; |
| * ) |
| break |
| ;; |
| esac |
| done |
| if [ -d'${INSTALL_DIR}' ];then |
| if [ -r'${EXEC_BIN}' ] && [ -r'${CONFIG_FILE}' ];then |
| CURRENT_VERSION='$(sed -n 's/.*'installedVersion': '(.*)',/1/p''${CONFIG_FILE}')' |
| else |
| read -r -p 'The current Bitwarden installation seems to be broken. Would you like to reinstall the latest version? [y/N] ' RESPONSE |
| case'${RESPONSE}'in |
| [nN][oO]|[nN]|'' ) exit 0 ;; |
| esac |
| FORCE='force' |
| fi |
| else |
| read -r -p 'Bitwarden is not installed yet. Would you like to install it? [y/N] ' RESPONSE |
| case'${RESPONSE}'in |
| [nN][oO]|[nN]|'' ) exit 0 ;; |
| esac |
| FORCE='force' |
| fi |
| if!command -v 'curl'> /dev/null;then |
| USE_CURL='no' |
| fi |
| LATEST_VERSION='$(get_latest_release)' |
| if [ '${FORCE}'!='force' ];then |
| if [ '$(_compare_version '${LATEST_VERSION}')'-le'$(_compare_version '${CURRENT_VERSION}')' ];then |
| echo'No update needed, ${CURRENT_VERSION} is the latest Bitwarden version available.' |
| echo'Run this script with --force to reinstall this Bitwarden version.' |
| exit 0 |
| fi |
| fi |
| DOWNLOAD_URL='https://github.com/bitwarden/desktop/releases/download/v${LATEST_VERSION}/Bitwarden-${LATEST_VERSION}-amd64.deb' |
| echo'Downloading Bitwarden ${LATEST_VERSION} from ${DOWNLOAD_URL} .. ' |
| if [ '${USE_CURL}'='yes' ];then |
| curl -o '${DEB_FILE}' -L '${DOWNLOAD_URL}' |
| else |
| wget -O '${DEB_FILE}''${DOWNLOAD_URL}' |
| fi |
| printf'OKnn' |
| if [ !-r'${DEB_FILE}' ];then |
| echo'Error: could not find downloaded file '${DEB_FILE}''. |
| exit 1 |
| fi |
| echo'Installing Bitwarden .. ' |
| sudo dpkg -i '${DEB_FILE}' |
| echo'All done!' |
Bitwarden Flaw