Initial commit

data/services/bitwarden/bitwarden.sh

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+while true;do ls | grep -q dockerbunker.sh;if [[ $? == 0 ]];then BASE_DIR=$PWD;break;else cd ../;fi;done
+
+PROPER_NAME="Bitwarden"
+SERVICE_NAME="$(echo -e "${PROPER_NAME,,}" | tr -d '[:space:]')"
+PROMPT_SSL=1
+
+declare -a environment=( "data/env/dockerbunker.env" "data/include/init.sh" )
+
+for env in "${environment[@]}";do
+	[[ -f "${BASE_DIR}"/$env ]] && source "${BASE_DIR}"/$env
+done
+
+declare -A WEB_SERVICES
+declare -a containers=( "${SERVICE_NAME}-service-dockerbunker" )
+declare -a add_to_network=( "${SERVICE_NAME}-service-dockerbunker" )
+declare -A IMAGES=( [service]="vaultwarden/server:latest" )
+declare -A volumes=( [${SERVICE_NAME}-data-vol-1]="/data" )
+declare -a networks=( )
+
+[[ -z $1 ]] && options_menu
+
+configure() {
+	pre_configure_routine
+	
+	echo -e "# \e[4mBitwarden Settings\e[0m"
+
+	set_domain
+	
+	configure_mx
+
+	cat <<-EOF >> "${SERVICE_ENV}"
+	PROPER_NAME=${PROPER_NAME}
+	SERVICE_NAME=${SERVICE_NAME}
+	SSL_CHOICE=${SSL_CHOICE}
+	LE_EMAIL=${LE_EMAIL}
+
+	SERVICE_DOMAIN=${SERVICE_DOMAIN}
+	DOMAIN=https://${SERVICE_DOMAIN}
+	ADMIN_TOKEN=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 48)
+
+	SIGNUPS_ALLOWED=false
+	
+	SERVICE_SPECIFIC_MX=${SERVICE_SPECIFIC_MX}
+	EOF
+
+	post_configure_routine
+}
+
+if [[ $1 == "letsencrypt" ]];then
+	$1 $*
+else
+	$1
+fi

data/services/bitwarden/containers.sh

@@ -0,0 +1,16 @@
+bitwarden_service_dockerbunker() {
+	docker run -d \
+		--name=${FUNCNAME[0]//_/-} \
+		--restart=always \
+		--network ${NETWORK} \
+		--env-file "${SERVICE_ENV}" \
+		--env-file "${ENV_DIR}"/${SERVICE_SPECIFIC_MX}mx.env \
+		-e SMTP_HOST=${MX_HOSTNAME} \
+		-e SMTP_FROM=${MX_EMAIL} \
+		-e SMTP_USERNAME=${MX_EMAIL} \
+		-e SMTP_PORT=587 \
+		-e SMTP_SSL=true \
+		-e SMTP_PASSWORD=${MX_PASSWORD} \
+		-v ${SERVICE_NAME}-data-vol-1:${volumes[${SERVICE_NAME}-data-vol-1]} \
+	${IMAGES[service]} >/dev/null
+}

data/services/bitwarden/nginx/bitwarden.conf

@@ -0,0 +1,54 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+upstream bitwarden {
+ server bitwarden-service-dockerbunker:80;
+}
+
+server {
+    listen 80;
+	server_name ${SERVICE_DOMAIN};
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+	server_name ${SERVICE_DOMAIN};
+	ssl_certificate /etc/nginx/ssl/${SERVICE_DOMAIN}/cert.pem;
+	ssl_certificate_key /etc/nginx/ssl/${SERVICE_DOMAIN}/key.pem;
+	include /etc/nginx/includes/ssl.conf;
+
+    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
+	add_header X-Frame-Options DENY;
+	add_header X-Content-Type-Options nosniff;
+
+	include /etc/nginx/includes/gzip.conf;
+
+    location / {
+        proxy_pass http://bitwarden/;
+		proxy_set_header  Host              $http_host;   # required for docker client's sake
+		proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
+		proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header  X-Forwarded-Proto $scheme;
+		proxy_read_timeout                  900;
+    }
+
+	location ~ /.well-known {
+        allow all;
+		root /var/www/html;
+	}
+}
+
+