{"id":13648458,"url":"https://github.com/jcs/rubywarden","last_synced_at":"2025-04-22T11:32:43.137Z","repository":{"id":47626421,"uuid":"110173245","full_name":"jcs/rubywarden","owner":"jcs","description":"An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)","archived":true,"fork":false,"pushed_at":"2022-12-06T19:35:43.000Z","size":206,"stargazers_count":592,"open_issues_count":1,"forks_count":47,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-04-21T16:56:14.583Z","etag":null,"topics":["bitwarden","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jcs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-11-09T22:26:38.000Z","updated_at":"2025-04-06T13:58:16.000Z","dependencies_parsed_at":"2022-09-06T11:11:03.946Z","dependency_job_id":null,"html_url":"https://github.com/jcs/rubywarden","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Frubywarden","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Frubywarden/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Frubywarden/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Frubywarden/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jcs","download_url":"https://codeload.github.com/jcs/rubywarden/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250232369,"owners_count":21396625,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitwarden","ruby"],"created_at":"2024-08-02T01:04:16.362Z","updated_at":"2025-04-22T11:32:42.386Z","avatar_url":"https://github.com/jcs.png","language":"Ruby","funding_links":[],"categories":["Ruby"],"sub_categories":[],"readme":"**This project is no longer being maintained.  Please see\n[this issue](https://github.com/jcs/rubywarden/issues/122)\nfor further information.**\n\nThis project is not associated with the\n[Bitwarden](https://bitwarden.com/)\nproject nor 8bit Solutions LLC.\nDo not contact Bitwarden for support with using this backend server\n(or at the very least, make it abundantly clear that you are using a 3rd party backend server).\n\n## Rubywarden\n\nA small, self-contained API server written in Ruby and Sinatra to provide a\nprivate backend for the open-source\n[Bitwarden apps](https://github.com/bitwarden).\n\n### Data\n\nAll data is stored in a local SQLite database.\nThis means you can easily run the server locally and have your data never\nleave your device, or run it on your own web server via Rack and some front-end\nHTTP server with TLS to support syncing across multiple devices.\nBacking up your data is as easy as copying the `db/production/production.sqlite3`\nfile somewhere.\n\nAll user data in the SQLite database is stored in an encrypted format the\n[same way](https://help.bitwarden.com/crypto.html)\nit is in the official Bitwarden backend, where the master password is never\nknown by the server.\nFor details on the format, consult the\n[documentation](https://github.com/jcs/rubywarden/blob/master/API.md).\n\n### API Documentation\n\nThis project also contains independent\n[documentation for Bitwarden's API](https://github.com/jcs/rubywarden/blob/master/API.md)\nwritten as I work on this server, since there doesn't seem to be any\ndocumentation available other than the\n[.NET Bitwarden code](https://github.com/bitwarden/core)\nitself.\n\n### Deployment\n\nAutomated deployment of Rubywarden is possible with 3rd party support:\n\n- [Ansible playbook](https://github.com/qbit/openbsd-rubywarden) for OpenBSD\n\n### Manual Setup\n\nRun `bundle install` at least once.\n\nIn order to create the initial environment, it is recommended to create a new,\nunprivileged user on your system dedicated to running Rubywarden such as\nwith `useradd`.\nThis documentation will assume a user has been created named `_rubywarden`.\n\nIn order to create the initial database and the required tables run:\n\n\tmkdir db/production\n\tsudo chown _rubywarden db/production\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rake db:migrate\n\nTo run via Rack on port 4567, as user `_rubywarden`:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rackup -p 4567 config.ru\n\nYou'll probably want to run it once with signups enabled, to allow yourself\nto create an account:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production RUBYWARDEN_ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru\n\nOnce the server is running, the Bitwarden apps (such as the Firefox extension)\ncan be configured to use your own Bitwarden server before login.\nFor a local Rack instance, you can point it at `http://127.0.0.1:4567/`.\n\nTo run the test suite:\n\n\tbundle exec rake test\n\n### Changing URL Paths\n\nBy default, Rubywarden is setup to use paths on a single hostname that the\nBitwarden clients will default to so you do not have to specify separate API,\nIdentity, and Icon URLs.\n\nIf you are not deploying Rubywarden on its own hostname or want to alter the\npaths for any reason, you can override them with environment variables:\n\n- `RUBYWARDEN_ATTACHMENTS_URL` for the attachments URL - defaults to `/attachments`\n- `RUBYWARDEN_BASE_URL` for the API base - defaults to `/api`\n- `RUBYWARDEN_IDENTITY_BASE_URL` for the identity API base - defaults to\n  `/identity`\n- `RUBYWARDEN_ICONS_URL` for the icon URL - defaults to `/icons`\n\nFor example, if you had a website `example.com` and wanted to host Rubywarden\non a subdirectory called `/notbitwarden`, you would set the environment\nvariables in your startup script:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production RUBYWARDEN_BASE_URL=/notbitwarden/api RUBYWARDEN_IDENTITY_BASE_URL=/notbitwarden/identity RUBYWARDEN_ICONS_URL=/notbitwarden/icons RUBYWARDEN_ATTACHMENTS_URL=/notbitwarden/attachments bundle exec rackup -p 4567 config.ru\n\nThen you can configure the Bitwarden clients with a single server URL of\n`https://example.com/notbitwarden`.\n\n### Updating\n\nTo update your instance of Rubywarden, fetch the latest code:\n\n\tcd /path/to/your/rubywarden\n\tgit pull --ff-only\n\nRun any database migrations:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec rake db:migrate\n\nRestart your Rubywarden instance (via Rack, Unicorn, or however you have\ndeployed it).\n\n### Changing Master Password\n\nChanging a user's master password must be done from the command line (as it\nrequires interacting with the plaintext password, which the web API will never\ndo).\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/change_master_password.rb -u you@example.com\n\n### 2-Factor Authentication\n\nThe Bitwarden browser extensions and mobile apps support accounts that require\n2FA, by prompting you for the current code after successfully logging in.\nTo activate Time-based One-Time Passwords (TOTP) on your account after you've\nsigned up in the previous steps, run the `tools/activate_totp.rb` program on\nthe server:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/activate_totp.rb -u you@example.com\n\nYou'll be shown a `data:` URL that has a PNG-encoded QR code, which you must\ncopy and paste into a browser, then scan with your mobile TOTP authenticator\napps (assuming it supports scanning from the camera).\nOnce scanned, the activation program will ask you to enter the current TOTP\nbeing shown in the app for verification, and then save the TOTP secret to your\naccount in the SQLite database.\nYour `security_stamp` will be reset, forcing a new login on any devices that\nare logged into your account.\nThose devices will now prompt for a TOTP code upon future logins.\n\n### Migrating From Other Password Managers\n\nThis project inclues utilities that will import data exported from other\npassword managers, convert it to its own data format, and then import it.\n\n#### 1Password\n\nExport everything from 1Password in its \"1Password Interchange Format\".\nIt should create a directory with a `data.1pif` file (which is unencrypted, so\nbe careful with it).\nOnce you have created your initial user account through Rubywarden, run the\nconversion tool with your account e-mail address:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/1password_import.rb -f /path/to/data.1pif -u you@example.com\n\nIt will prompt you for the master password you already created, and then\nconvert and import as many items as it can.\n\nThis tool operates on the SQLite database directly (not through its REST API)\nso you can run it offline.\n\n#### Bitwarden (Official Apps)\n\nExport your bitwarden vault via the web interface or the browser plugin, which\nshould prompt you to save a `bitwarden_export_\u003cdatestamp\u003e.csv` file. Due to\nlimitations of the exporter, neither cards nor identities will be exported,\nand any custom fields will lose their type (text, hidden, or boolean) and be\nsimply exported as text.\n\nOnce you have created your initial user account through Rubywarden, run the\nconversion tool with your account e-mail address:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/bitwarden_import.rb -f /path/to/data.csv -u you@example.com\n\nIt will prompt you for the master password you already created, and then\nconvert and import as many items as it can.\n\nThis tool operates on the SQLite database directly (not through its REST API)\nso you can run it offline.\n\n#### Keepass\n\nIn order to use the Keepass converter, you will need to install the necessary\ndependency, using `bundle install --with keepass`.\n\nThere is no need to export your Keepass-database - you can use it as is.\n\nOnce you have created your initial user account through Rubywarden, run the\nconversion tool with your account e-mail address:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -u you@example.com\n\nIf your Keepass-database is secured using a keyfile, you can pass it using the `-k` parameter:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -k /path/to/keyfile.key -u you@example.com\n\nIt will prompt you for the master password you already created, and then\nconvert and import as many items as it can.\n\nThis tool operates on the SQLite database directly (not through its REST API)\nso you can run it offline.\n\n#### Lastpass\n\nExport everything from LastPass by going to your vault, \"More Options\",\n\"Advanced\" and then \"Export\".\nIt will then export your details in a new browser window in CSV format, copy\nand paste this data into a file accessible from your Rubywarden installation.\nUnfortunately due to limitations in LastPass export the \"extra fields\" and\n\"attachments\" data in the LastPass vault will not be converted.\n\nOnce you have created your initial user account through Rubywarden, run the\nconversion tool with your account e-mail address:\n\n\tsudo -u _rubywarden env RUBYWARDEN_ENV=production bundle exec ruby tools/lastpass_import.rb -f /path/to/data.csv -u you@example.com\n\nIt will prompt you for the master password you already created, and then\nconvert and import as many items as it can.\n\nThis tool operates on the SQLite database directly (not through its REST API)\nso you can run it offline.\n\n### Rubywarden License\n\nCopyright (c) 2017-2019 joshua stein `\u003cjcs@jcs.org\u003e`\n\nPermission to use, copy, modify, and distribute this software for any\npurpose with or without fee is hereby granted, provided that the above\ncopyright notice and this permission notice appear in all copies.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\nWITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\nMERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\nANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\nWHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\nACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\nOR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcs%2Frubywarden","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjcs%2Frubywarden","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcs%2Frubywarden/lists"}