diff --git a/Using-an-alternate-base-dir.md b/Using-an-alternate-base-dir.md index b250ba1..2c918ce 100644 --- a/Using-an-alternate-base-dir.md +++ b/Using-an-alternate-base-dir.md @@ -2,50 +2,24 @@ Traditionally, Bitwarden is limited to residing at the root of a subdomain, e.g. This limitation originates in the backend and web vault, which haven't been designed to accommodate alternate base dirs (see [bitwarden/server#277](/bitwarden/server/issues/277)). The mobile/desktop apps and browser extensions actually have no issues using a base URL with a path. -In bitwarden_rs, with the changes in [PR#868](../pull/868), you can configure the backend server to work properly with an alternate base dir. With a bit more work, it's also possible to modify the web vault to work properly, resulting in a fully functional installation. +In bitwarden_rs, with the changes in [PR#868](https://github.com/dani-garcia/bitwarden_rs/pull/868) (backend) and [PR#11](https://github.com/dani-garcia/bw_web_builds/pull/11) (web vault), you can configure a fully functional instance at an alternate base dir. -## Configuring the backend server +## Configuration -Simply configure your domain URL to include the base dir. For example, suppose you want to access your installation at `https://bitwarden.example.com/secret-dir`. +Simply configure your domain URL to include the base dir. For example, suppose you want to access your instance at `https://bitwarden.example.com/base-dir`. (Note that you can also use multiple levels of directories, like `https://bitwarden.example.com/multi/level/base/dir`if you want.) 1. Stop bitwarden_rs. 2. If you normally configure bitwarden_rs using the admin page, edit your `config.json` to look as follows: ```javascript { - "domain": "https://bitwarden.example.com/secret-dir", + "domain": "https://bitwarden.example.com/base-dir", // ... other values ... } ``` 3. If you normally configure bitwarden_rs via environment variables, update your config files/scripts to set the `DOMAIN` environment variable to the base URL. For example: ```sh - docker run -e DOMAIN="https://bitwarden.example.com/secret-dir" ... + docker run -e DOMAIN="https://bitwarden.example.com/base-dir" ... ``` 4. Restart bitwarden_rs. -5. You should now be able to access the web vault (assuming it has been modified appropriately; see the next section) at `https://bitwarden.example.com/secret-dir/` (note the trailing slash). For reasons not entirely clear, you may run into issues if you use `https://bitwarden.example.com/secret-dir` (without the trailing slash). -6. Configure your apps or browser extensions to use `https://bitwarden.example.com/secret-dir`. If you add a trailing slash, the apps and extensions will automatically remove it before saving. - -## Modifying the web vault - -The issue with the web vault is there's no simple way to configure it for a specific base URL. Instead, the code generally just assumes the web vault URL is given by `window.location.origin`, which always represents the root of the subdomain. This is true of both the upstream web vault and the patched version used in bitwarden_rs: - -* https://github.com/bitwarden/web/blob/f7f7040/src/app/services/services.module.ts#L137-L144 -* https://github.com/dani-garcia/bw_web_builds/blob/5c9de1a/patches/v2.11.0.patch#L17-L29 - -Here are some approaches you could take to modify the web vault to work at a different base dir. - -### The hard and clean way - -Modify the upstream code and/or bitwarden_rs patches and rebuild the web vault. (Someone else can document this if they're interested.) - -### The quick and dirty way - -1. Enter a shell in the bitwarden_rs container: `docker exec -it /bin/sh` -2. Patch the web vault: `sed -i "s|window\.location\.origin|window.location.origin+'/secret-dir'|g" /web-vault/app/main*.js` (of course, replace `/secret-dir` with your actual base dir) - -Pros: -* It works just fine for normal purposes. -* This approach could be easily automated on container start. - -Cons: -* It's a brittle solution, although it's probably not too likely `window.location.origin` would be used for anything else. -* It will probably break the [source map](https://www.html5rocks.com/en/tutorials/developertools/sourcemaps/), but this won't matter unless you're doing development or need to troubleshoot with a developer. \ No newline at end of file +5. You should now be able to access the web vault at `https://bitwarden.example.com/base-dir/` (note the trailing slash). For reasons not entirely clear, you'll probably run into issues if you use `https://bitwarden.example.com/base-dir` (without the trailing slash). +6. Configure your apps or browser extensions to use `https://bitwarden.example.com/base-dir`. If you add a trailing slash, the apps and extensions will automatically remove it before saving. \ No newline at end of file