Browse Source

Remove leftover LDAP settings

keep-around/228b246f8ed2d2641e2bc688e87bbb20c089b33f
Johannes Zellner 1 year ago
parent
commit
dcb484a68a
  1. 12
      README.md
  2. 15
      start.sh

12
README.md

@ -1,16 +1,6 @@
# bitwardenrs-app
A Cloudron deployment for [Bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) that includes MySQL support and some basic integration with LDAP for automated invites.
## Notes on LDAP integration
LDAP integration will not include SSO. This is by design from Bitwarden_rs ([context](https://github.com/dani-garcia/bitwarden_rs/pull/677)). The short of it is that it can not be done in a secure way without breaking the client apps.
If you enable SSO (again, not _really_ SSO) when installing, the application will automatically send an invite email to any user that is scoped for access to Bitwarden. Only those users will be able to sign up unless you manually invite more via the admin panel.
If you do not enable SSO, you will have to manually invite all users via the Admin panel.
Alternately, if you have the ability to customize your environment variables, you can whitelist a particular email domain for signups. I believe at some point this will be part of Cloudron and may not require manual updates to the database.
A Cloudron deployment for [Bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) that includes MySQL support .
## Building

15
start.sh

@ -34,20 +34,5 @@ fi
export ADMIN_TOKEN=$(cat /app/data/admin_token)
echo "=> Admin token: ${ADMIN_TOKEN}"
if [ -z "${CLOUDRON_LDAP_SERVER}" ]; then
echo "=> SSO integration disabled. No LDAP config to generate"
else
echo "=> Generate LDAP config"
# Generate ldap sync config from template
sed -e "s/##LDAP_SERVER/${CLOUDRON_LDAP_SERVER}/"\
-e "s/##LDAP_PORT/${CLOUDRON_LDAP_PORT}/"\
-e "s/##LDAP_USERS_BASE_DN/${CLOUDRON_LDAP_USERS_BASE_DN}/"\
-e "s/##LDAP_BIND_DN/${CLOUDRON_LDAP_BIND_DN}/"\
-e "s/##LDAP_BIND_PASSWORD/${CLOUDRON_LDAP_BIND_PASSWORD}/"\
-e "s/##BITWARDEN_HOSTNAME/${CLOUDRON_APP_HOSTNAME}/"\
-e "s/##ADMIN_TOKEN/${ADMIN_TOKEN}/"\
/app/code/ldap_config.template.toml > /run/ldap_config.toml
fi
echo "=> Starting supervisord"
exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Bitwarden
Loading…
Cancel
Save