Commit Graph

176 Commits

Author SHA1 Message Date
BlackDex
cfba8347a3
Update Rust and Crates
- Updated Rust to v1.69.0
- Updated MSRV to v1.67.1
- Updated crates
- Updated GitHub Actions
2023-04-24 14:10:58 +02:00
BlackDex
fc43608eec
Revert setcap, update rust and crates
- Revert #3170 as discussed in #3387
  In hindsight it's better to not have this feature
- Update Dockerfile.j2 for easy version changes.
  Just change it in one place instead of multiple
- Updated to Rust to latest patched version
- Updated crates to latest available
- Pinned mimalloc to an older version, as it breaks on musl builds
2023-04-02 15:19:59 +02:00
Daniel García
3646f14042
Update web vault to v2023.3.0b 2023-03-26 14:10:51 +02:00
BlackDex
467ecfdc99
Add support for Quay.io and GHCR.io as registries
- Added support for Quay.io
- Added support for GHCR.io

To enable support for these container image registries the following needs to be added.

As `Actions secrets and variables` - `Secrets`
- `DOCKERHUB_TOKEN` and `DOCKERHUB_USERNAME`
- `QUAY_TOKEN` and `QUAY_USERNAME`

As `Actions secrets and variables` - `Variables` - `Repository Variables`
- `DOCKERHUB_REPO`
- `GHCR_REPO`
- `QUAY_REPO`

The `DOCKERHUB_REPO` currently configured in `Secrets` can be removed if wanted, probably best after this PR has been merged.

If one of the vars/secrets are not configured it will skip that specific registry!
2023-03-23 16:38:27 +01:00
Daniel García
5800aceb2d
Update web vault to v2023.3.0 and dependencies 2023-03-22 21:30:30 +01:00
BlackDex
0c0e632bc9
Upd Crates, Rust, MSRV, GHA and remove Backtrace
- Changed MSRV to v1.65.
  Discussed this with @dani-garcia, and we will support **N-2**.
  This is/will be the same as for the `time` crate we use.
  Also updated the wiki regarding this https://github.com/dani-garcia/vaultwarden/wiki/Building-binary
- Removed backtrace crate in favor of `std::backtrace` stable since v1.65
- Updated Rust to v1.67.1
- Updated all the crates
- Updated the GHA action versions
- Adjusted the GHA MSRV build to extract the MSRV from `Cargo.toml`
2023-03-07 09:17:42 +01:00
Daniel García
024d12db08
Update web vault to v2023.2.0 and dependencies 2023-02-21 22:48:20 +01:00
BlackDex
a0a4994250
Updated Rust and crates
- Updated Rust to v1.67.0
- Updated all crates except for `cookies` and `webauthn`
2023-02-13 08:32:01 +01:00
Jeremy Lin
a2162f4d69
Allow listening on privileged ports (below 1024) as non-root
This is done by running `setcap cap_net_bind_service=+ep` on the executable
in the build stage (doing it in the runtime stage creates an extra copy of
the executable that bloats the image). This only works when using the
BuildKit-based builder, since the `COPY` instruction doesn't copy
capabilities on the legacy builder.
2023-02-01 00:35:33 -08:00
Jeremy Lin
686474f815
Disable Hadolint check for consecutive RUN instructions (DL3059)
This check doesn't seem to add enough value to justify the difficulties it
tends to create when generating `RUN` instructions from a template.
2023-01-24 13:11:13 -08:00
Jeremy Lin
2c6bd8c9dc
Rename .buildx Dockerfiles to .buildkit
This is a more accurate name, since these Dockerfiles require BuildKit, not Buildx.
2023-01-24 13:11:12 -08:00
Daniel García
50fc22966c
Updated web vault to 2023.1.1 and rust dependencies 2023-01-24 20:39:09 +01:00
Daniel García
9b7e86efc2
Update web vault to 2023.1.0 2023-01-12 19:49:06 +01:00
BlackDex
072f2e24c2
Update Rust to v1.66.1 to patch CVE
This PR sets Rust to v1.66.1 to fix a CVE.
https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html
https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html

Also updated some packages while at it.
2023-01-12 09:45:52 +01:00
Daniel García
10dadfca06
Update web vault to 2022.12.0 2022-12-18 20:37:01 +01:00
BlackDex
8b6dfe48b7
Disable groups by default and Some optimizations
- Put groups support behind a feature flag, and disabled by default.
  The reason is that it has some known issues, but we want to keep
  optimizing this feature. Putting it behind a feature flag could help
  some users, and the developers into optimizing this feature without to
  much trouble.

Further:

- Updates Rust to v1.66.0
- Updated GHA workflows
- Updated Alpine to 3.17
- Updated jquery to v3.6.2
- Moved jdenticon.js to load at the bottom, fixes an issue on chromium
- Added autocomplete attribute to admin login password field
- Added some extra CSP options (Tested this on Safari, Firefox, Chrome, Bitwarden Desktop)
- Moved uppercase convertion from runtime to compile-time using `paste`
  for building the environment variables, lowers heap allocations.
2022-12-16 14:52:42 +01:00
Daniel García
d0b53a6a3d
Update web vault to v2022.11.2 2022-12-12 23:11:46 +01:00
Daniel García
8feed2916f
Update web vault to v2022.11.1 2022-12-01 22:53:47 +01:00
BlackDex
b010dde661
Update Rust version, deps and workflow
- Update Rust to v1.65.0
- Update dependencies
- Updated workflow files
- Added some extra clippy checks
- Fixed some clippy checks
2022-11-08 14:03:31 +01:00
Daniel García
2aa97fa121
Update web vault to v2022.10.2 2022-10-26 21:42:37 +02:00
GeekCorner
31b77bf178
feat: Bump web-vault to v2022.10.1 2022-10-23 18:34:12 +02:00
Jeremy Lin
0a2a8be0ff
Take ROCKET_ADDRESS into account in the Docker healthcheck 2022-10-20 01:04:09 -07:00
Daniel García
638766b346
Update web-vault to 2022.10.0 and dependencies 2022-10-14 18:21:01 +02:00
Daniel García
4cb5918950
Update web vault to v2022.9.2 2022-10-09 17:13:32 +02:00
BlackDex
1094f359c3
Update libraries and Rust version
- Updated to Rust v1.64.0
- Updated all libararies
- Updated multer-rs to be based upon the latest version
- Updated Dockerfiles to match the Rust version
2022-09-25 16:44:34 +02:00
Daniel García
b1b6bc9be0
Update web vault to 2022.9.0 2022-09-08 17:46:02 +02:00
Daniel García
a62dc102fb
Update web vault to 2022.8.1 and cargo dependencies 2022-09-04 23:18:27 +02:00
BlackDex
6e23a573fb
Update deps and Alpine image
- Updated deps
- Updated Alpine images to 3.16
- Removed dumb-init, not needed anymore
- Some small shellcheck tweaks on the start/healthcheck scripts
2022-07-31 15:45:31 +02:00
BlackDex
9a787dd105
Fix persistent folder check within containers
The previous persistent folder check worked by checking if a file
exists. If you used a bind-mount, then this file is not there. But when
using a docker/podman volume those files are copied, and caused the
container to not start.

This change checks the `/proc/self/mountinfo` for a specific patern to
see if the data folder is persistent or not.

Fixes #2622
2022-07-20 13:29:39 +02:00
Daniel García
a0eab35768
Update web vault to 2022.6.2 2022-07-15 19:15:22 +02:00
Daniel García
0c4e79cff6
Update web vault to v2022.6.0 2022-07-06 23:35:02 +02:00
Daniel García
93d4a12834
Update the rest of the files leftover from #2595 by running make 2022-07-06 23:27:48 +02:00
Nathan Neulinger
5a55cfbb9b
Update Dockerfile.j2 2022-07-06 08:56:17 -05:00
Nathan Neulinger
ac93b8a6b9
Update Dockerfile.buildx.alpine 2022-07-06 08:54:36 -05:00
Nathan Neulinger
93786d9ebd
Update Dockerfile.buildx 2022-07-06 08:54:19 -05:00
Nathan Neulinger
a6dbb580c9
Update Dockerfile.alpine 2022-07-06 08:53:58 -05:00
Nathan Neulinger
e62678abdb
Update Dockerfile 2022-07-06 08:53:18 -05:00
Daniel García
60b339f450
Update included web vault to v2022.5.2 2022-06-26 22:04:45 +02:00
Daniel García
d5cfbfc71d
Update web vault to v2022.05.0 2022-06-04 19:07:15 +02:00
BlackDex
a85a250dfd
Fix persistent volume check
It seemed there were some issues building the cross-platform images.
This PR fixes #2501 so building the containers will work again.
2022-05-28 09:31:09 +02:00
BlackDex
40ed505581
Add a persistent volume check.
This will add a persistent volume check to make sure when running
containers someone is using a volume for persistent storage.

This check can be bypassed if someone configures
`I_REALLY_WANT_VOLATILE_STORAGE=true` as an environment variable.

This should prevent issues like #2493 .
2022-05-26 09:39:56 +02:00
BlackDex
21b433c5d7
Fix armv6 issue with bullseye images
It looks like the armv6 bullseye images are missing a symlink to the
dynamic linker. The previous buster images had this symlink there,
bullseye does not.

This PR fixes adds that symlink again for only the Debian armv6 build.

Resolves #2490
2022-05-24 15:25:51 +02:00
BlackDex
2168d09421
Update Rust version in Dockerfile
Updated Rust from v1.60 to v1.61 for building the images.
Also made the rust version fixed for the Alpine build images to prevent
those images being build with a newer version when released.
2022-05-21 17:46:14 +02:00
Daniel García
b636d20c64
Update web vault to v2.28.1 2022-05-11 22:19:22 +02:00
BlackDex
3ca85028ea
Improve sync speed and updated dep. versions
Improved sync speed by resolving the N+1 query issues.
Solves #1402 and Solves #1453

With this change there is just one query done to retreive all the
important data, and matching is done in-code/memory.

With a very large database the sync time went down about 3 times.

Also updated misc crates and Github Actions versions.
2022-05-06 17:01:02 +02:00
Daniel García
26ad06df7c
Update web vault to 2.28.0 and dependencies 2022-04-23 18:18:15 +02:00
BlackDex
d98f95f536
Fix building mimalloc on armv6
The armv6 builds need a specific location for the libatomic.a file.
This commit fixes that by adding a RUSTFLAGS argument for this.

Also removed the `link-arg=-s` since this is now already done during via the release profile
And removed the CFLAGS for armv7, this is already fixed by default in the blackdex/rust-musl images.
2022-03-27 14:45:50 +02:00
Daniel García
6643e83b61
Disable mimalloc in arm for now 2022-03-26 20:11:46 +01:00
Daniel García
7b742009a1
Update web vault to 2.27.0 and dependencies 2022-03-26 16:35:54 +01:00
BlackDex
b0faaf2527
Several updates and fixes
- Removed all `thread::sleep` and use `tokio::time::sleep` now.
  This solves an issue with updating to Bullseye ( Resolves #1998 )
- Updated all Debian images to Bullseye
- Added MiMalloc feature and enabled it by default for Alpine based images
  This increases performance for the Alpine images because the default
  memory allocator for MUSL based binaries isn't that fast
- Updated `dotenv` to `dotenvy` a maintained and updated fork
- Fixed an issue with a newer jslib (not fully released yet)
  That version uses a different endpoint for `prelogin` Resolves #2378 )
2022-03-20 18:51:24 +01:00