Date: Tuesday, November 24, 2020 @ 09:25:31 Author: polyzen Revision: 760891
Add bitwarden_rs Added: bitwarden_rs/ bitwarden_rs/repos/ bitwarden_rs/trunk/ bitwarden_rs/trunk/PKGBUILD bitwarden_rs/trunk/bitwarden_rs.install bitwarden_rs/trunk/bitwarden_rs.service bitwarden_rs/trunk/bitwarden_rs.sysusers.conf bitwarden_rs/trunk/bitwarden_rs.tmpfiles ----------------------------+ PKGBUILD | 57 +++++++++++++++++++++++++++++++++++ bitwarden_rs.install | 8 ++++ bitwarden_rs.service | 69 +++++++++++++++++++++++++++++++++++++++++++ bitwarden_rs.sysusers.conf | 1 bitwarden_rs.tmpfiles | 2 + 5 files changed, 137 insertions(+) Added: bitwarden_rs/trunk/PKGBUILD =================================================================== --- bitwarden_rs/trunk/PKGBUILD (rev 0) +++ bitwarden_rs/trunk/PKGBUILD 2020-11-24 09:25:31 UTC (rev 760891) @@ -0,0 +1,57 @@ +# Maintainer: Daniel M. Capella <poly...@archlinux.org> +# Contributor: Markus Richter <mqus at disroot dot org> +# Contributor: Timothée Ravier <t...@siosm.fr + +pkgname=bitwarden_rs +pkgver=1.17.0 +pkgrel=2 +pkgdesc='Unofficial Bitwarden compatible server written in Rust' +arch=('x86_64') +url=https://github.com/dani-garcia/bitwarden_rs +license=('GPL3') +depends=('mariadb-libs' 'openssl' 'postgresql-libs' 'sqlite') +makedepends=('rustup') +optdepends=('bitwarden_rs-vault: for the web app' + 'mariadb: for the MySQL backend' + 'postgresql: for the PostgreSQL backend') +conflicts=("$pkgname-mysql" "$pkgname-postgresql") +backup=('etc/bitwarden_rs.env') +install=$pkgname.install +source=("$url/archive/$pkgver/$pkgname-$pkgver.tar.gz" + "$pkgname.service" + "$pkgname.sysusers.conf" + "$pkgname.tmpfiles") +b2sums=('faf4a3e0cba6905547c347bd8d7939e2412116d5c9b226e49cddd04306b6e69e00e1f5d7b1b09493ff02614d5417b34cd9c54cb3efffbf238e23e3f54bacd5d1' + '99ebd0c6dae3f3ef30283b6c45f30f64e7a0d0e8b4b18cc8b6eee7ae0d40a047813f5316858e8d3f758595bdb63e3ee3aa6e79a1c29371798cf98dd3430412f7' + '5a80dc0b4bca0eeb22e7cfb69be3d747ab98f7501ee1d78b7167e5f938fe48644799abfc9cfc89a0dbeb0b7597180050db980f4229f2b5e595328131ce3ae4e9' + 'f874e011241c0ad39c72ea4f540ab57bafe5d7d577a3b37fc86905752cd646bcaf690d85ea0d9f0f5ee4559ba1ff3f330995b99e71a42b775e41c6c8a4a8a834') + +prepare() { + cd $pkgname-$pkgver + sed -i 's,# DATA_FOLDER=data,DATA_FOLDER=/var/lib/bitwarden_rs, + s,# WEB_VAULT_ENABLED=true,WEB_VAULT_ENABLED=false, + s,# LOG_FILE=/path/to/log,LOG_FILE=/var/log/bitwarden_rs.log, + /^# ROCKET_TLS/a ROCKET_LIMITS={json=10485760}' .env.template +} + +build() { + cd $pkgname-$pkgver + rustup set profile minimal + BWRS_VERSION="$pkgver" cargo build --release --locked --features sqlite,mysql,postgresql +} + +check() { + cd $pkgname-$pkgver + cargo test --release --locked --features sqlite,mysql,postgresql +} + +package() { + cd $pkgname-$pkgver + install -Dm644 .env.template "$pkgdir"/etc/bitwarden_rs.env + install -Dt "$pkgdir"/usr/bin target/release/bitwarden_rs + install -Dm644 -t "$pkgdir"/usr/lib/systemd/system ../bitwarden_rs.service + install -Dm644 ../$pkgname.sysusers.conf "$pkgdir"/usr/lib/sysusers.d/bitwarden_rs.conf + install -Dm644 ../bitwarden_rs.tmpfiles "$pkgdir"/usr/lib/tmpfiles.d/bitwarden_rs.conf +} + +# vim:set ts=2 sw=2 et: Added: bitwarden_rs/trunk/bitwarden_rs.install =================================================================== --- bitwarden_rs/trunk/bitwarden_rs.install (rev 0) +++ bitwarden_rs/trunk/bitwarden_rs.install 2020-11-24 09:25:31 UTC (rev 760891) @@ -0,0 +1,8 @@ +post_install() { + cat << EOF +Configure the server via its environment variables in /etc/bitwarden_rs.env. + +Start bitwarden_rs and enable its systemd service: +# systemctl enable --now bitwarden_rs.service +EOF +} Added: bitwarden_rs/trunk/bitwarden_rs.service =================================================================== --- bitwarden_rs/trunk/bitwarden_rs.service (rev 0) +++ bitwarden_rs/trunk/bitwarden_rs.service 2020-11-24 09:25:31 UTC (rev 760891) @@ -0,0 +1,69 @@ +[Unit] +Description=Bitwarden Server (Rust Edition) +Documentation=https://github.com/dani-garcia/bitwarden_rs +After=network.target + +[Service] +# The user/group bitwarden_rs is run under. These are created at install, with +# /var/lib/bitwarden_rs as the home directory +User=bitwarden_rs +Group=bitwarden_rs + +# The location of the .env file for configuration +EnvironmentFile=/etc/bitwarden_rs.env + +# The location of the compiled binary +ExecStart=/usr/bin/bitwarden_rs + +# Set reasonable connection and process limits +LimitNOFILE=1048576 +LimitNPROC=64 + +# Set the working directory (user and password data are stored here) and only +# allow writes to the following +WorkingDirectory=~ +ReadWritePaths=/var/lib/bitwarden_rs /var/log/bitwarden_rs.log + +# Prevent bitwarden_rs from doing anything stupid and/or unneccessary +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes + +PrivateTmp=yes +PrivateDevices=yes + +ProtectHome=yes +ProtectSystem=strict +ProtectKernelTunables=yes +ProtectKernelModules=yes +ProtectKernelLogs=yes +ProtectControlGroups=yes +ProtectHostname=yes +ProtectClock=yes + +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes + +RemoveIPC=yes +UMask=0077 + +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallFilter=~@resources +SystemCallFilter=~@privileged + +# Allow bitwarden_rs to bind ports in the range of 0-1024 and restrict it to +# that capability +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE + +# If bitwarden_rs is run at ports >1024, you should apply these options in a +# drop-in file +#PrivateUsers=yes +#CapabilityBoundingSet= +#AmbientCapabilities= + +[Install] +WantedBy=multi-user.target Added: bitwarden_rs/trunk/bitwarden_rs.sysusers.conf =================================================================== --- bitwarden_rs/trunk/bitwarden_rs.sysusers.conf (rev 0) +++ bitwarden_rs/trunk/bitwarden_rs.sysusers.conf 2020-11-24 09:25:31 UTC (rev 760891) @@ -0,0 +1 @@ +u bitwarden_rs - "bitwarden_rs user" /var/lib/bitwarden_rs /usr/bin/nologin Added: bitwarden_rs/trunk/bitwarden_rs.tmpfiles =================================================================== --- bitwarden_rs/trunk/bitwarden_rs.tmpfiles (rev 0) +++ bitwarden_rs/trunk/bitwarden_rs.tmpfiles 2020-11-24 09:25:31 UTC (rev 760891) @@ -0,0 +1,2 @@ +d /var/lib/bitwarden_rs 0750 bitwarden_rs bitwarden_rs +h /var/lib/bitwarden_rs - - - - +C