Commit Graph

2158 Commits

Author SHA1 Message Date
BlackDex 5d05ec58be
Updated deps and misc fixes and updates
- Updated some Rust dependencies
- Fixed an issue with CSP header, this was not configured correctly
- Prevent sending CSP and Frame headers for the MFA connector.html files.
  Else some clients will fail to handle these protocols.
- Add `unsafe-inline` for `script-src` only to the CSP for the Admin Interface
- Updated JavaScript and CSS files for the Admin interface
- Changed the layout for showing overridden settings, better visible now.
- Made the version check cachable to prevent hitting the Github API rate limits
- Hide the `database_url` as if it is a password in the Admin Interface
  Else for MariaDB/MySQL or PostgreSQL this was plain text.
- Fixed an issue that pressing enter on the SMTP Test would save the config.
  resolves #2542
- Prevent user names larger then 50 characters
  resolves #2419
2022-06-14 14:51:51 +02:00
Mark d9a452f558
A little depreciation change 2022-06-13 13:56:41 +03:00
Jeremy Lin dec03b3dc0 Sync global_domains.json to bitwarden/server@194b76c (HealthCare.gov) 2022-06-12 20:15:20 -07:00
Jeremy Lin 85950bdc0b Sync global_domains.json to bitwarden/server@496c9a5 (Proton) 2022-06-12 20:14:30 -07:00
Daniel García f95bd3bb04
Update pico-args 2022-06-04 19:16:36 +02:00
BlackDex e33b8fab34
Re-Base, Update crates and small change. 2022-06-04 19:14:14 +02:00
Daniel García b00fbf153e
Fix clippy lint and remove unused log 2022-06-04 19:13:58 +02:00
Daniel García 0de5919a16
Fix incorrect pings sent, and respond to pings from the client 2022-06-04 19:13:58 +02:00
Daniel García 699777be9e
use dashmap in icons blacklist regex 2022-06-04 19:13:58 +02:00
Daniel García 16ff49d712
Move to job_scheduler_ng 2022-06-04 19:13:57 +02:00
Daniel García 54c78cf06d
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies 2022-06-04 19:13:39 +02:00
Daniel García 303eaabeea
Merge branch 'paolobarbolini-lettre-improvements' into main 2022-06-04 19:13:12 +02:00
Daniel García 6b6f5b8d04
Merge branch 'lettre-improvements' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-improvements 2022-06-04 19:10:51 +02:00
Daniel García 0c18a7e306
Merge branch 'paolobarbolini-lettre-rc7' into main 2022-06-04 19:09:11 +02:00
Daniel García a23a38080b
Merge branch 'lettre-rc7' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-rc7 2022-06-04 19:09:03 +02:00
Daniel García 316ca66a4b
Merge branch 'Lowaiz-add_disabled_member_to_json_user' into main 2022-06-04 19:08:23 +02:00
Daniel García 2f71a01877
Merge branch 'add_disabled_member_to_json_user' of https://github.com/Lowaiz/vaultwarden into Lowaiz-add_disabled_member_to_json_user 2022-06-04 19:08:15 +02:00
Daniel García d5cfbfc71d
Update web vault to v2022.05.0 2022-06-04 19:07:15 +02:00
Paolo Barbolini 12612da75e Remove manual IDN handling 2022-06-04 19:02:51 +02:00
Paolo Barbolini 68ec5f2a18 Use MultiPart::alternative_plain_html instead of manual impl 2022-06-04 14:53:27 +02:00
Paolo Barbolini 00670450df Bump lettre to 0.10.0-rc.7 2022-06-04 14:47:26 +02:00
Lyonel Martinez dbd95e08e9 Adding "UserEnabled" and "CreatedAt" member to the json output of a User in the admin/users and admin/users/<ID> web routes. 2022-06-02 15:13:58 +02:00
Daniel García 3713f2d134
Merge pull request #2507 from BlackDex/fix-persisten-volume-check
Fix persistent volume check
2022-05-28 14:56:47 +02:00
BlackDex a85a250dfd
Fix persistent volume check
It seemed there were some issues building the cross-platform images.
This PR fixes #2501 so building the containers will work again.
2022-05-28 09:31:09 +02:00
Daniel García 5845ed2c92
Merge pull request #2501 from BlackDex/add-persistent-volume-check-docker
Add a persistent volume check.
2022-05-27 19:41:42 +02:00
BlackDex 40ed505581
Add a persistent volume check.
This will add a persistent volume check to make sure when running
containers someone is using a volume for persistent storage.

This check can be bypassed if someone configures
`I_REALLY_WANT_VOLATILE_STORAGE=true` as an environment variable.

This should prevent issues like #2493 .
2022-05-26 09:39:56 +02:00
Daniel García bf0b8d9968
Merge pull request #2491 from BlackDex/issue-2490
Fix armv6 issue with bullseye images
2022-05-24 15:46:34 +02:00
Daniel García d0a7437dbd
Merge pull request #2489 from fox34/update-env-template
Add TMP_FOLDER to .env.template
2022-05-24 15:33:22 +02:00
BlackDex 21b433c5d7
Fix armv6 issue with bullseye images
It looks like the armv6 bullseye images are missing a symlink to the
dynamic linker. The previous buster images had this symlink there,
bullseye does not.

This PR fixes adds that symlink again for only the Debian armv6 build.

Resolves #2490
2022-05-24 15:25:51 +02:00
fox34 7c89bc619a
Add TMP_FOLDER to .env.template 2022-05-24 09:38:16 +02:00
Daniel García 0d3daa9fc6
Remove recommendation to set ROCKET_CLI_COLORS to off
The value is now a boolean so setting it to off will cause an error
2022-05-23 20:19:29 +02:00
Daniel García 0c1f0bad17
Merge branch 'BlackDex-update-rust-version-dockerfile' into main 2022-05-21 19:17:29 +02:00
Daniel García 72cf59fa54
Merge branch 'update-rust-version-dockerfile' of https://github.com/BlackDex/vaultwarden into BlackDex-update-rust-version-dockerfile 2022-05-21 19:17:24 +02:00
Daniel García 527bc1f625
Merge branch 'BlackDex-fix-upload-limits-and-logging' into main 2022-05-21 19:17:15 +02:00
BlackDex 2168d09421
Update Rust version in Dockerfile
Updated Rust from v1.60 to v1.61 for building the images.
Also made the rust version fixed for the Alpine build images to prevent
those images being build with a newer version when released.
2022-05-21 17:46:14 +02:00
BlackDex 1c266031d7
Fix upload limits and disable color logs
The limits for uploading files were to small in regards to the allowed
maximum filesize of the Bitwarden clients including the web-vault.
Changed both `data-form` (used for Send) and `file` (used for
attachments) to be 525MB, this is the same size we already check our selfs.

Also changed the `json` limit to be 20MB, this should allow very large
imports with 4000/5000+ items depending on if there are large notes or not.

And, also disabled Rocket from outputting colors, these colors were also
send to the log files and syslog. I think this changed in Rocket 0.5rc
somewhere, need to look a bit further into that maybe.
2022-05-21 17:28:29 +02:00
Daniel García b636d20c64
Update web vault to v2.28.1 2022-05-11 22:19:22 +02:00
Daniel García 2a9ca88c2a
Dependency updates 2022-05-11 22:03:07 +02:00
Daniel García b9c434addb
Merge branch 'jjlin-db-conn-init' into main 2022-05-11 21:36:11 +02:00
Daniel García 451ad47327
Merge branch 'db-conn-init' of https://github.com/jjlin/vaultwarden into jjlin-db-conn-init 2022-05-11 21:36:00 +02:00
Daniel García 7f61dd5fe3
Merge branch 'BlackDex-sql-optimizations' into main 2022-05-11 21:33:43 +02:00
BlackDex 3ca85028ea
Improve sync speed and updated dep. versions
Improved sync speed by resolving the N+1 query issues.
Solves #1402 and Solves #1453

With this change there is just one query done to retreive all the
important data, and matching is done in-code/memory.

With a very large database the sync time went down about 3 times.

Also updated misc crates and Github Actions versions.
2022-05-06 17:01:02 +02:00
Jeremy Lin 542a73cc6e Switch to a single config option for database connection init
The main pro is less config options, while the main con is less clarity in
what the defaults are for the various database types.
2022-04-29 00:26:49 -07:00
Jeremy Lin 78d07e2fda Add default connection-scoped pragmas for SQLite
`PRAGMA busy_timeout = 5000` tells SQLite to keep trying for up to 5000 ms
when there is lock contention, rather than aborting immediately. This should
hopefully prevent the vast majority of "database is locked" panics observed
since the async transition.

`PRAGMA synchronous = NORMAL` trades better performance for a small potential
loss in durability (the default is `FULL`). The SQLite docs recommend `NORMAL`
as "a good choice for most applications running in WAL mode".
2022-04-26 17:55:19 -07:00
Jeremy Lin b617ffd2af Add support for database connection init statements
This is probably mainly useful for running connection-scoped pragma statements.
2022-04-26 17:50:20 -07:00
Daniel García 3abf173d89
Merge pull request #2433 from jjlin/meta-apis
Add `/api/{alive,now,version}` endpoints
2022-04-24 18:36:08 +02:00
Jeremy Lin df8aeb10e8 Add `/api/{alive,now,version}` endpoints
The added endpoints work the same as in their upstream implementations.

Upstream also implements `/api/ip`. This seems to include the server's public
IP address (the one that should be hidden behind Cloudflare), which doesn't
seem like a great idea.
2022-04-23 23:47:49 -07:00
Daniel García 26ad06df7c
Update web vault to 2.28.0 and dependencies 2022-04-23 18:18:15 +02:00
Daniel García 37fff3ef4a
Merge pull request #2400 from jjlin/global-domains
Sync global_domains.json
2022-03-30 22:02:44 +02:00
Jeremy Lin 28c5e63bf5 Sync global_domains.json to bitwarden/server@3521ccb (Just Eat Takeaway.com) 2022-03-29 11:41:43 -07:00