search

jcs / rubywarden

An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)
ISC License
592 stars 49 forks source link

Installation on FreeBSD #93

Closed WaaromZoMoeilijk closed 5 years ago

WaaromZoMoeilijk commented 5 years ago

Hey!

Thanks for this flavour of bitwarden. I'd like to install this in my Iocage jail on FreeBSD. I'm desperate since, i've tried a dozen times to install it with corefx etc... no go

Could anyone point me in the right direction to also get all the ruby debs installed and then install rubywarden, i'm lost!

Thanks

jcs commented 5 years ago

What fails when following the manual setup instructions?

WaaromZoMoeilijk commented 5 years ago

Oh my... i feel like an idiot, cant get past the bundle install. Note that the iocage jail is empty and doesnt even have nano/pkg installed, i did install the basics but what ruby version, gems etc to install? Its all kinda new to me.

Also the bundle install should be ran from within the git cloned folder right?

If we can get this right theres gonna be a whole lot of followers i imagine. Ill type out a guide for FreeNAS once i get it up.

Thanks for the quick reply

jcs commented 5 years ago

You should install whatever the newest version of Ruby available is, like 2.4 or 2.5. Then install bundler with gem install bundler, then follow the instructions in the README starting with bundle install from the cloned git directory.

WaaromZoMoeilijk commented 5 years ago

Thanks, so far i came up with this:

# Create jail and login
iocage create -n bitwarden -r 11.2-RELEASE vnet="on" allow_raw_sockets="1" boot="on" dhcp="on" bpf=yes
iocage console bitwarden

# Install deps
echo "y" | pkg update
echo "y" | pkg install ruby rubygem-bundler rubygem-sqlite3-1.3.13 git sudo nano
gem install bundler
gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'

# Add sudo permission
#sudo pw groupmod wheel -m _rubywarden

# Add user
useradd _rubywarden
cd /home/_rubywarden

# Clone repo
sudo -u _rubywarden git clone https://github.com/jcs/rubywarden.git

# Install bundle rubywarden
cd rubywarden
sudo -u _rubywarden bundle install --path vendor/bundle

# Create the initial database and the required tables
sudo -u _rubywarden mkdir db/production
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rake db:migrate

# Run it once with signups enabled, to allow yourself to create an account
sudo -u _rubywarden env RUBYWARDEN_ENV=production RUBYWARDEN_ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru

# Afterwards run with
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rackup -p 4567 config.ru

# Test 
sudo -u _rubywarden bundle exec rake test

So now i have a Jail with IP 192.168.3.135:4567 Accessing it via web browser gives: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data But its only API access right, so thats alright?

Now the test command gives me:

root@bitwarden:/home/_rubywarden/rubywarden # sudo -u _rubywarden bundle exec rake test
/usr/home/_rubywarden/rubywarden/spec/spec_helper.rb:4:in `[]=': no implicit conversion of true into String (TypeError)
    from /usr/home/_rubywarden/rubywarden/spec/spec_helper.rb:4:in `<top (required)>'
    from /usr/home/_rubywarden/rubywarden/spec/attachment_spec.rb:1:in `require'
    from /usr/home/_rubywarden/rubywarden/spec/attachment_spec.rb:1:in `<top (required)>'
    from /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/rake-12.3.1/lib/rake/rake_test_loader.rb:17:in `require'
    from /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/rake-12.3.1/lib/rake/rake_test_loader.rb:17:in `block in <main>'
    from /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/rake-12.3.1/lib/rake/rake_test_loader.rb:5:in `select'
    from /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/rake-12.3.1/lib/rake/rake_test_loader.rb:5:in `<main>'
rake aborted!
Command failed with status (1)
/usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/rake-12.3.1/exe/rake:27:in `<top (required)>'
Tasks: TOP => test
(See full trace by running task with --trace)
root@bitwarden:/home/_rubywarden/rubywarden #

Any advise?

Now i can connect eg bitwarden firefox addon to (https///http???)192.168.3.135:4567 then create an account and use it right?

Thanks so far!

jcs commented 5 years ago

echo "y" | pkg install ruby rubygem-bundler rubygem-sqlite3-1.3.13 git sudo nano gem install bundler gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'

Running bundle install will install that sqlite3 package in vendor/bundle so you shouldn't need to run the gem install there.

But its only API access right, so thats alright?

Yes, accessing the root path in a browser will not show anything useful.

The test breakage was fixed in 5ba9f9821.

WaaromZoMoeilijk commented 5 years ago

Great! I will try to setup an account connected to my local server. Does anything get passed to the bitwarden servers? I recon i have to connect my server to bitwarden using the keys they provide?

Does it support https out of the box?

Also i needed to install sqlite3, it threw an error that it wasnt installed.

jcs commented 5 years ago

Nothing communicates with Bitwarden's servers. You can run it completely offline and make the browser extension communicate with http://127.0.0.1/ and it will work the same.

It doesn't support TLS on its own, you would need to put it behind nginx or some other "real" web server.

So bundle install without the sqlite3 gem already installed succeeded but bundle exec ... said the sqlite3 gem wasn't installed?

WaaromZoMoeilijk commented 5 years ago

Awsome, I'll figure out the nginx proxy config. 

$  bundle install --path ./vendor/bundle
Fetching gem metadata from https://rubygems.org/........
Fetching rake 12.3.1
Installing rake 12.3.1
Fetching concurrent-ruby 1.0.5
Installing concurrent-ruby 1.0.5
Fetching i18n 1.0.1
Installing i18n 1.0.1
Fetching minitest 5.11.3
Installing minitest 5.11.3
Fetching thread_safe 0.3.6
Installing thread_safe 0.3.6
Fetching tzinfo 1.2.5
Installing tzinfo 1.2.5
Fetching activesupport 5.1.6
Installing activesupport 5.1.6
Fetching activemodel 5.1.6
Installing activemodel 5.1.6
Fetching arel 8.0.0
Installing arel 8.0.0
Fetching activerecord 5.1.6
Installing activerecord 5.1.6
Fetching backports 3.11.3
Installing backports 3.11.3
Using bundler 1.17.1
Fetching chunky_png 1.3.10
Installing chunky_png 1.3.10
Fetching coderay 1.1.2
Installing coderay 1.1.2
Fetching json 2.1.0
Installing json 2.1.0 with native extensions
Fetching jwt 2.1.0
Installing jwt 2.1.0
Fetching kgio 2.11.2
Installing kgio 2.11.2 with native extensions
Fetching method_source 0.9.0
Installing method_source 0.9.0
Fetching multi_json 1.13.1
Installing multi_json 1.13.1
Fetching mustermann 1.0.2
Installing mustermann 1.0.2
Fetching pbkdf2-ruby 0.2.1
Installing pbkdf2-ruby 0.2.1
Fetching pry 0.11.3
Installing pry 0.11.3
Fetching rack 2.0.6
Installing rack 2.0.6
Fetching rack-protection 2.0.3
Installing rack-protection 2.0.3
Fetching rack-test 1.1.0
Installing rack-test 1.1.0
Fetching raindrops 0.19.0
Installing raindrops 0.19.0 with native extensions
Fetching rotp 3.3.1
Installing rotp 3.3.1
Fetching rqrcode 0.10.1
Installing rqrcode 0.10.1
Fetching tilt 2.0.8
Installing tilt 2.0.8
Fetching sinatra 2.0.3
Installing sinatra 2.0.3
Fetching sinatra-activerecord 2.0.13
Installing sinatra-activerecord 2.0.13
Fetching sinatra-contrib 2.0.3
Installing sinatra-contrib 2.0.3
Fetching sqlite3 1.3.13
Installing sqlite3 1.3.13 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.

    current directory: /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/sqlite3-1.3.13/ext/sqlite3
/usr/local/bin/ruby24 -r ./siteconf20190207-84019-kf3ugc.rb extconf.rb
checking for sqlite3.h... no
sqlite3.h is missing. Try 'brew install sqlite3',
'yum install sqlite-devel' or 'apt-get install libsqlite3-dev'
and check your shared library search path (the
location where your sqlite3 shared library is located).
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
    --with-opt-dir
    --without-opt-dir
    --with-opt-include
    --without-opt-include=${opt-dir}/include
    --with-opt-lib
    --without-opt-lib=${opt-dir}/lib
    --with-make-prog
    --without-make-prog
    --srcdir=.
    --curdir
    --ruby=/usr/local/bin/$(RUBY_BASE_NAME)24
    --with-sqlite3-config
    --without-sqlite3-config
    --with-pkg-config
    --without-pkg-config
    --with-sqlite3-dir
    --without-sqlite3-dir
    --with-sqlite3-include
    --without-sqlite3-include=${sqlite3-dir}/include
    --with-sqlite3-lib
    --without-sqlite3-lib=${sqlite3-dir}/lib

To see why this extension failed to compile, please check the mkmf.log which can be found here:

  /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/extensions/amd64-freebsd-11/2.4/sqlite3-1.3.13/mkmf.log

extconf failed, exit code 1

Gem files will remain installed in /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/gems/sqlite3-1.3.13 for inspection.
Results logged to /usr/home/_rubywarden/rubywarden/vendor/bundle/ruby/2.4/extensions/amd64-freebsd-11/2.4/sqlite3-1.3.13/gem_make.out

An error occurred while installing sqlite3 (1.3.13), and Bundler cannot continue.
Make sure that `gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'` succeeds before bundling.

In Gemfile:
  sqlite3
$ gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'
Fetching: sqlite3-1.3.13.gem (100%)
ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /usr/local/lib/ruby/gems/2.4 directory.
$ gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'

Then:

root@bitwarden:~ # pkg install rubygem-sqlite3-1.3.13
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
    rubygem-sqlite3: 1.3.13
    sqlite3: 3.26.0

Number of packages to be installed: 2

The process will require 6 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y
[bitwarden] [1/2] Fetching rubygem-sqlite3-1.3.13.txz: 100%   55 KiB  56.3kB/s    00:01    
[bitwarden] [2/2] Fetching sqlite3-3.26.0.txz: 100%    1 MiB   1.3MB/s    00:01    
Checking integrity... done (0 conflicting)
[bitwarden] [1/2] Installing sqlite3-3.26.0...
[bitwarden] [1/2] Extracting sqlite3-3.26.0: 100%
[bitwarden] [2/2] Installing rubygem-sqlite3-1.3.13...
[bitwarden] [2/2] Extracting rubygem-sqlite3-1.3.13: 100%
root@bitwarden:~ # gem install sqlite3 -v '1.3.13' --source 'https://rubygems.org/'
Building native extensions. This could take a while...
Successfully installed sqlite3-1.3.13
Parsing documentation for sqlite3-1.3.13
Installing ri documentation for sqlite3-1.3.13
Done installing documentation for sqlite3 after 0 seconds
1 gem installed
root@bitwarden:~ # su _rubywarden
$ bundle install --path vendor/bundle
Fetching gem metadata from https://rubygems.org/........
Using rake 12.3.1
Using concurrent-ruby 1.0.5
Using i18n 1.0.1
Using minitest 5.11.3
Using thread_safe 0.3.6
Using tzinfo 1.2.5
Using activesupport 5.1.6
Using activemodel 5.1.6
Using arel 8.0.0
Using activerecord 5.1.6
Using backports 3.11.3
Using bundler 1.17.1
Using chunky_png 1.3.10
Using coderay 1.1.2
Using json 2.1.0
Using jwt 2.1.0
Using kgio 2.11.2
Using method_source 0.9.0
Using multi_json 1.13.1
Using mustermann 1.0.2
Using pbkdf2-ruby 0.2.1
Using pry 0.11.3
Using rack 2.0.6
Using rack-protection 2.0.3
Using rack-test 1.1.0
Using raindrops 0.19.0
Using rotp 3.3.1
Using rqrcode 0.10.1
Using tilt 2.0.8
Using sinatra 2.0.3
Using sinatra-activerecord 2.0.13
Using sinatra-contrib 2.0.3
Fetching sqlite3 1.3.13
Installing sqlite3 1.3.13 with native extensions
Fetching unicorn 5.4.1
Installing unicorn 5.4.1 with native extensions
Bundle complete! 18 Gemfile dependencies, 34 gems now installed.
Bundled gems are installed into `./vendor/bundle`
jcs commented 5 years ago

The first error is because the sqlite3 package isn't installed, and when you do pkg install rubygem-sqlite3-1.3.13 it's installing sqlite3 as a dependency. If you just pkg install sqlite3 does just the bundle install work?

WaaromZoMoeilijk commented 5 years ago

I'll give it a try! Hang on

WaaromZoMoeilijk commented 5 years ago

Works! See the console output below.

Any chance you have an autostart script for FreeBSD around? ^^

Here is the updated guide:


# Create jail and login
iocage create -n bitwarden -r 11.2-RELEASE vnet="on" allow_raw_sockets="1" boot="on" dhcp="on" bpf=yes
iocage console bitwarden

# Install deps
setenv ASSUME_ALWAYS_YES yes
pkg update
pkg install ruby rubygem-bundler sqlite3  git sudo nano 
gem install bundler

# No need for sudo so far i know, only for reference
#sudo pw groupmod wheel -m _rubywarden

# Add user _rubywarden
adduser
cd /home/_rubywarden

# Clone repo
sudo -u _rubywarden git clone https://github.com/jcs/rubywarden.git

# Install bundle rubywarden
cd rubywarden
sudo -u _rubywarden bundle install --path vendor/bundle

# Create the initial database and the required tables
sudo -u _rubywarden mkdir db/production
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rake db:migrate

# Run it once with signups enabled, to allow yourself to create an account. Stop it and run command below
sudo -u _rubywarden env RUBYWARDEN_ENV=production RUBYWARDEN_ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru

# Afterwards run with
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rackup -p 4567 config.ru

# Test 
sudo -u _rubywarden bundle exec rake test
root@freenas:~ # iocage console bitwarden
FreeBSD 11.2-STABLE (FreeNAS.amd64) #0 r325575+fc3d65faae6(HEAD): Thu Dec 20 16:12:30 EST 2018

Welcome to FreeBSD!

Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories:   https://www.FreeBSD.org/security/
FreeBSD Handbook:      https://www.FreeBSD.org/handbook/
FreeBSD FAQ:           https://www.FreeBSD.org/faq/
Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/
FreeBSD Forums:        https://forums.FreeBSD.org/

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

Edit /etc/motd to change this login announcement.
root@bitwarden:~ # cho "y" | pkg update
cho: Command not found.
The package management tool is not yet installed on your system.
Please set ASSUME_ALWAYS_YES=yes environment variable to be able to bootstrap in non-interactive (stdin not being a tty)
root@bitwarden:~ # echo "y" | pkg install ruby rubygem-bundler sqlite3  git sudo nano
root@bitwarden:~ # echo "y" | pkg update
The package management tool is not yet installed on your system.
Please set ASSUME_ALWAYS_YES=yes environment variable to be able to bootstrap in non-interactive (stdin not being a tty)
root@bitwarden:~ # echo "y" | pkg update
The package management tool is not yet installed on your system.
Please set ASSUME_ALWAYS_YES=yes environment variable to be able to bootstrap in non-interactive (stdin not being a tty)
root@bitwarden:~ # echo $SHELL
/bin/csh
root@bitwarden:~ # clear

root@bitwarden:~ # setenv ASSUME_ALWAYS_YES=yes
setenv: Variable name must contain alphanumeric characters.
root@bitwarden:~ # setenv ASSUME_ALWAYS_YES yes
root@bitwarden:~ # pkg update
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
[bitwarden] Installing pkg-1.10.5_5...
[bitwarden] Extracting pkg-1.10.5_5: 100%
Updating FreeBSD repository catalogue...
pkg: Repository FreeBSD load error: access repo file(/var/db/pkg/repo-FreeBSD.sqlite) failed: No such file or directory
[bitwarden] Fetching meta.txz: 100%    940 B   0.9kB/s    00:01    
[bitwarden] Fetching packagesite.txz: 100%    6 MiB   2.2MB/s    00:03    
Processing entries: 100%
FreeBSD repository update completed. 32373 packages processed.
All repositories are up to date.
root@bitwarden:~ # pkg install ruby rubygem-bundler sqlite3  git sudo nano
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Updating database digests format: 100%
The following 34 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
    ruby: 2.4.5_1,1
    rubygem-bundler: 1.17.1
    sqlite3: 3.26.0
    git: 2.20.1
    sudo: 1.8.27
    nano: 3.2
    libyaml: 0.2.1
    libunwind: 20170615
    libffi: 3.2.1_3
    indexinfo: 0.3.1
    libedit: 3.1.20170329_2,1
    ruby24-gems: 2.7.8
    readline: 7.0.5
    p5-CGI: 4.40
    p5-HTML-Parser: 3.72
    p5-HTML-Tagset: 3.20_1
    perl5: 5.28.1
    expat: 2.2.6_1
    p5-IO-Socket-SSL: 2.060
    p5-Mozilla-CA: 20180117
    p5-Net-SSLeay: 1.85
    p5-IO-Socket-INET6: 2.72_1
    p5-Socket6: 0.29
    p5-Authen-SASL: 2.16_1
    p5-GSSAPI: 0.28_1
    p5-Digest-HMAC: 1.03_1
    python27: 2.7.15
    gettext-runtime: 0.19.8.1_2
    p5-Error: 0.17027
    curl: 7.62.0
    libnghttp2: 1.35.1
    ca_root_nss: 3.42.1
    pcre: 8.42_1
    cvsps: 2.1_2

Number of packages to be installed: 34

The process will require 231 MiB more space.
46 MiB to be downloaded.
[bitwarden] [1/34] Fetching ruby-2.4.5_1,1.txz: 100%    9 MiB   2.3MB/s    00:04    
[bitwarden] [2/34] Fetching rubygem-bundler-1.17.1.txz: 100%  295 KiB 302.1kB/s    00:01    
[bitwarden] [3/34] Fetching sqlite3-3.26.0.txz: 100%    1 MiB 670.5kB/s    00:02    
[bitwarden] [4/34] Fetching git-2.20.1.txz: 100%    5 MiB   1.3MB/s    00:04    
[bitwarden] [5/34] Fetching sudo-1.8.27.txz: 100%  696 KiB 713.1kB/s    00:01    
[bitwarden] [6/34] Fetching nano-3.2.txz: 100%  492 KiB 503.5kB/s    00:01    
[bitwarden] [7/34] Fetching libyaml-0.2.1.txz: 100%   65 KiB  67.0kB/s    00:01    
[bitwarden] [8/34] Fetching libunwind-20170615.txz: 100%  113 KiB 115.8kB/s    00:01    
[bitwarden] [9/34] Fetching libffi-3.2.1_3.txz: 100%   34 KiB  35.3kB/s    00:01    
[bitwarden] [10/34] Fetching indexinfo-0.3.1.txz: 100%    6 KiB   5.7kB/s    00:01    
[bitwarden] [11/34] Fetching libedit-3.1.20170329_2,1.txz: 100%  126 KiB 129.1kB/s    00:01    
[bitwarden] [12/34] Fetching ruby24-gems-2.7.8.txz: 100%  393 KiB 402.5kB/s    00:01    
[bitwarden] [13/34] Fetching readline-7.0.5.txz: 100%  335 KiB 343.2kB/s    00:01    
[bitwarden] [14/34] Fetching p5-CGI-4.40.txz: 100%  158 KiB 162.0kB/s    00:01    
[bitwarden] [15/34] Fetching p5-HTML-Parser-3.72.txz: 100%   80 KiB  82.2kB/s    00:01    
[bitwarden] [16/34] Fetching p5-HTML-Tagset-3.20_1.txz: 100%   12 KiB  12.0kB/s    00:01    
[bitwarden] [17/34] Fetching perl5-5.28.1.txz: 100%   14 MiB   3.0MB/s    00:05    
[bitwarden] [18/34] Fetching expat-2.2.6_1.txz: 100%  116 KiB 118.4kB/s    00:01    
[bitwarden] [19/34] Fetching p5-IO-Socket-SSL-2.060.txz: 100%  163 KiB 166.8kB/s    00:01    
[bitwarden] [20/34] Fetching p5-Mozilla-CA-20180117.txz: 100%  132 KiB 135.3kB/s    00:01    
[bitwarden] [21/34] Fetching p5-Net-SSLeay-1.85.txz: 100%  253 KiB 258.6kB/s    00:01    
[bitwarden] [22/34] Fetching p5-IO-Socket-INET6-2.72_1.txz: 100%   13 KiB  13.1kB/s    00:01    
[bitwarden] [23/34] Fetching p5-Socket6-0.29.txz: 100%   16 KiB  16.8kB/s    00:01    
[bitwarden] [24/34] Fetching p5-Authen-SASL-2.16_1.txz: 100%   41 KiB  41.5kB/s    00:01    
[bitwarden] [25/34] Fetching p5-GSSAPI-0.28_1.txz: 100%   40 KiB  41.4kB/s    00:01    
[bitwarden] [26/34] Fetching p5-Digest-HMAC-1.03_1.txz: 100%   10 KiB  10.1kB/s    00:01    
[bitwarden] [27/34] Fetching python27-2.7.15.txz: 100%   11 MiB   2.8MB/s    00:04    
[bitwarden] [28/34] Fetching gettext-runtime-0.19.8.1_2.txz: 100%  149 KiB 152.7kB/s    00:01    
[bitwarden] [29/34] Fetching p5-Error-0.17027.txz: 100%   27 KiB  27.4kB/s    00:01    
[bitwarden] [30/34] Fetching curl-7.62.0.txz: 100%    1 MiB 640.0kB/s    00:02    
[bitwarden] [31/34] Fetching libnghttp2-1.35.1.txz: 100%  111 KiB 113.7kB/s    00:01    
[bitwarden] [32/34] Fetching ca_root_nss-3.42.1.txz: 100%  290 KiB 297.0kB/s    00:01    
[bitwarden] [33/34] Fetching pcre-8.42_1.txz: 100%    1 MiB 628.7kB/s    00:02    
[bitwarden] [34/34] Fetching cvsps-2.1_2.txz: 100%   42 KiB  43.5kB/s    00:01    
Checking integrity... done (0 conflicting)
[bitwarden] [1/34] Installing indexinfo-0.3.1...
[bitwarden] [1/34] Extracting indexinfo-0.3.1: 100%
[bitwarden] [2/34] Installing perl5-5.28.1...
[bitwarden] [2/34] Extracting perl5-5.28.1: 100%
[bitwarden] [3/34] Installing libyaml-0.2.1...
[bitwarden] [3/34] Extracting libyaml-0.2.1: 100%
[bitwarden] [4/34] Installing libunwind-20170615...
[bitwarden] [4/34] Extracting libunwind-20170615: 100%
[bitwarden] [5/34] Installing libffi-3.2.1_3...
[bitwarden] [5/34] Extracting libffi-3.2.1_3: 100%
[bitwarden] [6/34] Installing libedit-3.1.20170329_2,1...
[bitwarden] [6/34] Extracting libedit-3.1.20170329_2,1: 100%
[bitwarden] [7/34] Installing p5-HTML-Tagset-3.20_1...
[bitwarden] [7/34] Extracting p5-HTML-Tagset-3.20_1: 100%
[bitwarden] [8/34] Installing p5-Socket6-0.29...
[bitwarden] [8/34] Extracting p5-Socket6-0.29: 100%
[bitwarden] [9/34] Installing ruby-2.4.5_1,1...
[bitwarden] [9/34] Extracting ruby-2.4.5_1,1: 100%
[bitwarden] [10/34] Installing readline-7.0.5...
[bitwarden] [10/34] Extracting readline-7.0.5: 100%
[bitwarden] [11/34] Installing p5-HTML-Parser-3.72...
[bitwarden] [11/34] Extracting p5-HTML-Parser-3.72: 100%
[bitwarden] [12/34] Installing p5-Mozilla-CA-20180117...
[bitwarden] [12/34] Extracting p5-Mozilla-CA-20180117: 100%
[bitwarden] [13/34] Installing p5-Net-SSLeay-1.85...
[bitwarden] [13/34] Extracting p5-Net-SSLeay-1.85: 100%
[bitwarden] [14/34] Installing p5-IO-Socket-INET6-2.72_1...
[bitwarden] [14/34] Extracting p5-IO-Socket-INET6-2.72_1: 100%
[bitwarden] [15/34] Installing p5-GSSAPI-0.28_1...
[bitwarden] [15/34] Extracting p5-GSSAPI-0.28_1: 100%
[bitwarden] [16/34] Installing p5-Digest-HMAC-1.03_1...
[bitwarden] [16/34] Extracting p5-Digest-HMAC-1.03_1: 100%
[bitwarden] [17/34] Installing gettext-runtime-0.19.8.1_2...
[bitwarden] [17/34] Extracting gettext-runtime-0.19.8.1_2: 100%
[bitwarden] [18/34] Installing libnghttp2-1.35.1...
[bitwarden] [18/34] Extracting libnghttp2-1.35.1: 100%
[bitwarden] [19/34] Installing ca_root_nss-3.42.1...
[bitwarden] [19/34] Extracting ca_root_nss-3.42.1: 100%
[bitwarden] [20/34] Installing ruby24-gems-2.7.8...
[bitwarden] [20/34] Extracting ruby24-gems-2.7.8: 100%
[bitwarden] [21/34] Installing p5-CGI-4.40...
[bitwarden] [21/34] Extracting p5-CGI-4.40: 100%
[bitwarden] [22/34] Installing expat-2.2.6_1...
[bitwarden] [22/34] Extracting expat-2.2.6_1: 100%
[bitwarden] [23/34] Installing p5-IO-Socket-SSL-2.060...
[bitwarden] [23/34] Extracting p5-IO-Socket-SSL-2.060: 100%
[bitwarden] [24/34] Installing p5-Authen-SASL-2.16_1...
[bitwarden] [24/34] Extracting p5-Authen-SASL-2.16_1: 100%
[bitwarden] [25/34] Installing python27-2.7.15...
[bitwarden] [25/34] Extracting python27-2.7.15: 100%
[bitwarden] [26/34] Installing p5-Error-0.17027...
[bitwarden] [26/34] Extracting p5-Error-0.17027: 100%
[bitwarden] [27/34] Installing curl-7.62.0...
[bitwarden] [27/34] Extracting curl-7.62.0: 100%
[bitwarden] [28/34] Installing pcre-8.42_1...
[bitwarden] [28/34] Extracting pcre-8.42_1: 100%
[bitwarden] [29/34] Installing cvsps-2.1_2...
[bitwarden] [29/34] Extracting cvsps-2.1_2: 100%
[bitwarden] [30/34] Installing rubygem-bundler-1.17.1...
[bitwarden] [30/34] Extracting rubygem-bundler-1.17.1: 100%
[bitwarden] [31/34] Installing sqlite3-3.26.0...
[bitwarden] [31/34] Extracting sqlite3-3.26.0: 100%
[bitwarden] [32/34] Installing git-2.20.1...
===> Creating groups.
Creating group 'git_daemon' with gid '964'.
===> Creating users
Creating user 'git_daemon' with uid '964'.
[bitwarden] [32/34] Extracting git-2.20.1: 100%
[bitwarden] [33/34] Installing sudo-1.8.27...
[bitwarden] [33/34] Extracting sudo-1.8.27: 100%
[bitwarden] [34/34] Installing nano-3.2...
[bitwarden] [34/34] Extracting nano-3.2: 100%
Message from perl5-5.28.1:

The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:

#!/usr/local/bin/perl

or

#!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
Message from ruby-2.4.5_1,1:

====
Some of the standard commands are provided as separate ports for ease
of upgrading:

    devel/ruby-gems:    gem - RubyGems package manager
    devel/rubygem-rake: rake - Ruby Make

And some of the standard libraries are provided as separate ports
since they require extra dependencies:

    databases/ruby-gdbm:    GDBM module

Install them as occasion demands.
====
Message from ca_root_nss-3.42.1:

********************************* WARNING *********************************

FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.

*********************************** NOTE **********************************

This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem

***************************************************************************
Message from python27-2.7.15:

===========================================================================

Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

bsddb           databases/py-bsddb
gdbm            databases/py-gdbm
sqlite3         databases/py-sqlite3
tkinter         x11-toolkits/py-tkinter

===========================================================================
Message from cvsps-2.1_2:

===>   NOTICE:

The cvsps port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port
Message from git-2.20.1:

------------------------------------------------------------------------
*************************** GITWEB *************************************
If you installed the GITWEB option please follow these instructions:

In the directory /usr/local/share/examples/git/gitweb you can find all files to
make gitweb work as a public repository on the web.

All you have to do to make gitweb work is:
1) Please be sure you're able to execute CGI scripts in
   /usr/local/share/examples/git/gitweb.
2) Set the GITWEB_CONFIG variable in your webserver's config to
   /usr/local/etc/git/gitweb.conf. This variable is passed to gitweb.cgi.
3) Restart server.
*************************** GITWEB *************************************

*************************** CONTRIB ************************************
If you installed the CONTRIB option please note that the scripts are
installed in /usr/local/share/git-core/contrib. Some of them require
other ports to be installed (perl, python, etc), which you may need to
install manually.
*************************** CONTRIB ************************************
------------------------------------------------------------------------
root@bitwarden:~ # gem install bundler
Fetching: bundler-2.0.1.gem (100%)
Successfully installed bundler-2.0.1
Parsing documentation for bundler-2.0.1
Installing ri documentation for bundler-2.0.1
Done installing documentation for bundler after 4 seconds
1 gem installed
root@bitwarden:~ # useradd 
useradd: Command not found.
root@bitwarden:~ # cd /home/_rubywarden
root@bitwarden:~ # adduser
Username: _rubywarden
Full name: 
Uid (Leave empty for default): 
Login group [_rubywarden]: 
Login group is _rubywarden. Invite _rubywarden into other groups? []: 
Login class [default]: 
Shell (sh csh tcsh git-shell nologin) [sh]: 
Home directory [/home/_rubywarden]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]:  
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]:  
Username   : _rubywarden
Password   : *****
Full Name  : 
Uid        : 1001
Class      : 
Groups     : _rubywarden 
Home       : /home/_rubywarden
Home Mode  : 
Shell      : /bin/sh
Locked     : no
OK? (yes/no): y
adduser: INFO: Successfully added (_rubywarden) to the user database.
Add another user? (yes/no): n
Goodbye!
root@bitwarden:~ # cd /home/_rubywarden
root@bitwarden:/home/_rubywarden # sudo -u _rubywarden git clone https://github.com/jcs/rubywarden.git
Cloning into 'rubywarden'...
remote: Enumerating objects: 25, done.
remote: Counting objects: 100% (25/25), done.
remote: Compressing objects: 100% (19/19), done.
remote: Total 600 (delta 11), reused 15 (delta 6), pack-reused 575
Receiving objects: 100% (600/600), 171.43 KiB | 737.00 KiB/s, done.
Resolving deltas: 100% (377/377), done.
root@bitwarden:/home/_rubywarden # cd rubywarden
root@bitwarden:/home/_rubywarden/rubywarden # sudo -u _rubywarden bundle install --path vendor/bundle
Fetching gem metadata from https://rubygems.org/........
Fetching rake 12.3.1
Installing rake 12.3.1
Fetching concurrent-ruby 1.0.5
Installing concurrent-ruby 1.0.5
Fetching i18n 1.0.1
Installing i18n 1.0.1
Fetching minitest 5.11.3
Installing minitest 5.11.3
Fetching thread_safe 0.3.6
Installing thread_safe 0.3.6
Fetching tzinfo 1.2.5
Installing tzinfo 1.2.5
Fetching activesupport 5.1.6
Installing activesupport 5.1.6
Fetching activemodel 5.1.6
Installing activemodel 5.1.6
Fetching arel 8.0.0
Installing arel 8.0.0
Fetching activerecord 5.1.6
Installing activerecord 5.1.6
Fetching backports 3.11.3
Installing backports 3.11.3
Using bundler 1.17.1
Fetching chunky_png 1.3.10
Installing chunky_png 1.3.10
Fetching coderay 1.1.2
Installing coderay 1.1.2
Fetching json 2.1.0
Installing json 2.1.0 with native extensions
Fetching jwt 2.1.0
Installing jwt 2.1.0
Fetching kgio 2.11.2
Installing kgio 2.11.2 with native extensions
Fetching method_source 0.9.0
Installing method_source 0.9.0
Fetching multi_json 1.13.1
Installing multi_json 1.13.1
Fetching mustermann 1.0.2
Installing mustermann 1.0.2
Fetching pbkdf2-ruby 0.2.1
Installing pbkdf2-ruby 0.2.1
Fetching pry 0.11.3
Installing pry 0.11.3
Fetching rack 2.0.6
Installing rack 2.0.6
Fetching rack-protection 2.0.3
Installing rack-protection 2.0.3
Fetching rack-test 1.1.0
Installing rack-test 1.1.0
Fetching raindrops 0.19.0
Installing raindrops 0.19.0 with native extensions
Fetching rotp 3.3.1
Installing rotp 3.3.1
Fetching rqrcode 0.10.1
Installing rqrcode 0.10.1
Fetching tilt 2.0.8
Installing tilt 2.0.8
Fetching sinatra 2.0.3
Installing sinatra 2.0.3
Fetching sinatra-activerecord 2.0.13
Installing sinatra-activerecord 2.0.13
Fetching sinatra-contrib 2.0.3
Installing sinatra-contrib 2.0.3
Fetching sqlite3 1.3.13
Installing sqlite3 1.3.13 with native extensions
Fetching unicorn 5.4.1
Installing unicorn 5.4.1 with native extensions
Bundle complete! 18 Gemfile dependencies, 34 gems now installed.
Bundled gems are installed into `./vendor/bundle`
root@bitwarden:/home/_rubywarden/rubywarden #
WaaromZoMoeilijk commented 5 years ago

Would a self signed cert raise issues? Setting up nginx in the jail now.

# Create jail and login
iocage create -n bitwarden -r 11.2-RELEASE vnet="on" allow_raw_sockets="1" boot="on" dhcp="on" bpf=yes
iocage console bitwarden

# Install deps
setenv ASSUME_ALWAYS_YES yes
pkg update
pkg install ruby rubygem-bundler sqlite3 nginx git sudo nano 
gem install bundler

# Setup SSL + nginx
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /usr/local/etc/nginx/cert.key -out /usr/local/etc/nginx/cert.crt

cat /dev/null > /usr/local/etc/nginx/nginx.conf 
nano /usr/local/etc/nginx/nginx.conf

############## Paste this in the nano above ####################
worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

server {
    listen 80;
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    server_name localhost;

    ssl_certificate           /usr/local/etc/nginx/cert.crt;
    ssl_certificate_key       /usr/local/etc/nginx/cert.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/rubywarden.log;

    location / {

      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://localhost:4567;
      proxy_read_timeout  90;

      proxy_redirect      http://localhost:4567 https://localhost;
    }
  }

}
############## END OF Paste ####################

# Add user _rubywarden
adduser
cd /home/_rubywarden

# Clone repo
sudo -u _rubywarden git clone https://github.com/jcs/rubywarden.git

# Install bundle rubywarden
cd rubywarden
sudo -u _rubywarden bundle install --path vendor/bundle

# Create the initial database and the required tables
sudo -u _rubywarden mkdir db/production
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rake db:migrate

# Run it once with signups enabled, to allow yourself to create an account. Stop it and run command below
sudo -u _rubywarden env RUBYWARDEN_ENV=production RUBYWARDEN_ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru

# Afterwards run with
sudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rackup -p 4567 config.ru

# Test 
sudo -u _rubywarden bundle exec rake test
WaaromZoMoeilijk commented 5 years ago

Its running super smooth, thanks for the help! Any idea how to create an RC.D script for this setup? I've failed miserably

McQueen2063 commented 5 years ago

Just out of curiosity? Why not use the ready pkg? [root@bitwarden001 /usr/local/www/rubywarden]# uname -rv 11.2-RELEASE-p9 FreeBSD 11.2-RELEASE-p9 #0: Tue Feb 5 15:30:36 UTC 2019 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC [root@bitwarden001 /usr/local/www/rubywarden]# pkg info -x rubywarden rubywarden-0.0.0.20190207

That comes with an rc.d script. Please note, that you still need to do a bundle install in /usr/local/www/rubywarden.

I can try this on my FreeNAS at home, if you want. Also an nginx reverse proxy is still needed...

blitzjunge commented 5 years ago

@McQueen2063 - I am running same FreeBSD version as yours, 11.2 Rel p9. If I run pkg search rubywarden it does not get a hit. So, where can I find the pkg?

spookey commented 5 years ago

@blitzjunge (and @McQueen2063): It seems the port is under /usr/ports/security/ruby-bitwarden - also seems to be pretty recent.

I am running FreeBSD 12.0.

spookey commented 5 years ago

@blitzjunge (and @McQueen2063): It seems the port is under /usr/ports/security/ruby-bitwarden - also seems to be pretty recent.

I am running FreeBSD 12.0.

I compiled this port from source inside a fresh jail.. Installing ruby (?) failed because of some weird error with libunwind.

Patching the Mk/bsd.port.mk like described here and just running make for /usr/ports/devel/libunwind compiled fine. Then I continued to run make install inside /usr/ports/security/ruby-bitwarden.

There is some rc script coming with the port, so running sysrc rubywarden_api_enable=YES is the way to go.

But then I was stuck when running service rubywarden-api start:

/usr/local/etc/rc.d/rubywarden-api: WARNING: run_rc_command: cannot run /usr/local/bin/rackup

So I changed the folder to /usr/local/www/rubywarden and ran bundle install - It is warning me not to run bundler as root. I tried it as the designated www user first, but it did not work. Did I do something horribly wrong by running bundler as root? Should I start over?

Because now launching service rubywarden-api start works fine and ps aux is displaying some running instance!

To create some initial database I ran sudo -u www csh, cd /usr/local/www/rubywarden/ and env RUBYWARDEN_ENV=production bundle exec rake db:migrate (like described in the readme). There is now a production.sqlite3 owned by the www user in /usr/local/www/rubywarden/db/production/ - awesome!

Did not check any further than this - will setup my reverse proxy tomorrow..

blitzjunge commented 5 years ago

Thanks a lot for your findings, @spookey I will also try with my setup but need some days for this.