Add backend support for alternate base dir (subdir/subpath) hosting #868
Conversation
To use this, include a path in the `DOMAIN` URL, e.g.: * `DOMAIN=https://example.com/custom-path` * `DOMAIN=https://example.com/multiple/levels/are/ok`
|
BTW, this is my first time writing any code in Rust, so feel free to let me know if I'm doing anything weird. I'll also comment on a few specific changes a bit later. |
| @@ -6,10 +6,10 @@ | |||
| <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> | |||
| <title>Bitwarden_rs Admin Panel</title> | |||
|
|
|||
| <link rel="stylesheet" href="/bwrs_static/bootstrap.css" /> | |||
There was a problem hiding this comment.
These paths all need to be relative to work with a different base dir.
There was a problem hiding this comment.
I've changed it to instead use an absolute path with the domain_path variable to avoid the / at the end issue that you mention for the emails
| @@ -3,6 +3,6 @@ Invitation accepted | |||
| <html> | |||
| <p> | |||
| Your invitation for <b>{{email}}</b> to join <b>{{org_name}}</b> was accepted. | |||
| Please <a href="{{url}}">log in</a> to the bitwarden_rs server and confirm them from the organization management page. | |||
| Please <a href="{{url}}/">log in</a> to the bitwarden_rs server and confirm them from the organization management page. | |||
There was a problem hiding this comment.
I added a / after all bare {{url}} links because, for reasons I don't quite understand, if the base URL is https://example.com/my/path, then visiting the web vault at https://example.com/my/path results in rendering issues, while https://example.com/my/path/ (with trailing /) works fine.
| @@ -240,6 +242,10 @@ make_config! { | |||
| domain: String, true, def, "http://localhost".to_string(); | |||
| /// Domain Set |> Indicates if the domain is set by the admin. Otherwise the default will be used. | |||
| domain_set: bool, false, def, false; | |||
There was a problem hiding this comment.
It seems like domain_set could be made auto as well, but maybe there's some subtlety I'm missing, so I left it as is.
There was a problem hiding this comment.
Yeah, domain_set is a bit special cased here:
https://github.com/dani-garcia/bitwarden_rs/blob/0a3008e7538c1a29b8b5a6439004e89465fce391/src/config.rs#L107-L111
| pub static ref JWT_DELETE_ISSUER: String = format!("{}|delete", CONFIG.domain()); | ||
| pub static ref JWT_VERIFYEMAIL_ISSUER: String = format!("{}|verifyemail", CONFIG.domain()); | ||
| pub static ref JWT_ADMIN_ISSUER: String = format!("{}|admin", CONFIG.domain()); | ||
| pub static ref JWT_LOGIN_ISSUER: String = format!("{}|login", CONFIG.domain_origin()); |
There was a problem hiding this comment.
I changed this to domain_origin() instead of domain() to avoid JWT encode/decode issues in case the installation is moved to a different base dir. Note that in the usual case where the backend is hosted at the root of the domain, domain_origin() and domain() should be identical.
|
I've also added docs on the wiki: Using an alternate base dir |
There was a problem hiding this comment.
Okay I've pushed a change to use the fixed web vault so when this is merged we get a working image in one docker build.
I've also used absolute paths in the admin page to solve the / issues, the emails and web vault are fine as it is.
Thanks for your work, @jjlin!
| @@ -240,6 +242,10 @@ make_config! { | |||
| domain: String, true, def, "http://localhost".to_string(); | |||
| /// Domain Set |> Indicates if the domain is set by the admin. Otherwise the default will be used. | |||
| domain_set: bool, false, def, false; | |||
There was a problem hiding this comment.
Yeah, domain_set is a bit special cased here:
https://github.com/dani-garcia/bitwarden_rs/blob/0a3008e7538c1a29b8b5a6439004e89465fce391/src/config.rs#L107-L111
| @@ -6,10 +6,10 @@ | |||
| <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> | |||
| <title>Bitwarden_rs Admin Panel</title> | |||
|
|
|||
| <link rel="stylesheet" href="/bwrs_static/bootstrap.css" /> | |||
There was a problem hiding this comment.
I've changed it to instead use an absolute path with the domain_path variable to avoid the / at the end issue that you mention for the emails
src/static/templates/admin/page.hbs
Outdated
| @@ -1,6 +1,6 @@ | |||
| <main class="container"> | |||
| <div id="users-block" class="my-3 p-3 bg-white rounded shadow"> | |||
| <h6 class="border-bottom pb-2 mb-0">Registered Users</h6> | |||
| <h6 class="border-bottom pb-2 mb-0">Registered Users {{urlpath}}</h6> | |||
There was a problem hiding this comment.
Was it intentional for this {{urlpath}} to be here?
There was a problem hiding this comment.
Oops, no that was me checking that the urlpath was set to the correct value, forgot to remove it!
Add backend support for alternate base dir (subdir/subpath) hosting
To use this, include a path in the
DOMAINURL, e.g.:DOMAIN=https://example.com/custom-pathDOMAIN=https://example.com/multiple/levels/are/okResolves #241, #488, #528, #767, and maybe others when combined with
dani-garcia/bw_web_builds#11 (web vault support).