Merge pull request #648 from BlackDex/icon-security

Added missing .env configuration option.
2019-10-08 18:08:32 +02:00 · 2019-10-08 13:30:17 +02:00 · 2019-10-05 17:06:14 +02:00 · 2019-10-05 16:45:36 +02:00 · 2019-10-05 16:17:43 +02:00 · 2019-10-05 16:09:33 +02:00
155 changed files with 24350 additions and 5734 deletions
@@ -9,10 +9,6 @@ data
 .idea
 *.iml

-# Git files
-.git
-.gitignore
-
 # Documentation
 *.md

@@ -1,56 +0,0 @@
-## Bitwarden_RS Configuration File
-## Uncomment any of the following lines to change the defaults
-
-## Main data folder
-# DATA_FOLDER=data
-
-## Individual folders, these override %DATA_FOLDER%
-# DATABASE_URL=data/db.sqlite3
-# RSA_KEY_FILENAME=data/rsa_key
-# ICON_CACHE_FOLDER=data/icon_cache
-# ATTACHMENTS_FOLDER=data/attachments
-
-## Web vault settings
-# WEB_VAULT_FOLDER=web-vault/
-# WEB_VAULT_ENABLED=true
-
-## Controls the WebSocket server address and port
-# WEBSOCKET_ADDRESS=0.0.0.0
-# WEBSOCKET_PORT=3012
-
-## Controls if new users can register
-# SIGNUPS_ALLOWED=true
-
-## Use a local favicon extractor
-## Set to false to use bitwarden's official icon servers
-## Set to true to use the local version, which is not as smart,
-##   but it doesn't send the cipher domains to bitwarden's servers
-# LOCAL_ICON_EXTRACTOR=false
-
-## Controls the PBBKDF password iterations to apply on the server
-## The change only applies when the password is changed
-# PASSWORD_ITERATIONS=100000
-
-## Whether password hint should be sent into the error response when the client request it
-# SHOW_PASSWORD_HINT=true
-
-## Domain settings
-## The domain must match the address from where you access the server
-## Unless you are using U2F, or having problems with attachments not downloading, there is no need to change this
-## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs
-# DOMAIN=https://bw.domain.tld:8443
-
-## Rocket specific settings, check Rocket documentation to learn more
-# ROCKET_ENV=staging
-# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
-# ROCKET_PORT=8000
-# ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"}
-
-## Mail specific settings, set SMTP_HOST and SMTP_FROM to enable the mail service.
-## Note: if SMTP_USERNAME is specified, SMTP_PASSWORD is mandatory
-# SMTP_HOST=smtp.domain.tld
-# SMTP_FROM=bitwarden-rs@domain.tld
-# SMTP_PORT=587
-# SMTP_SSL=true
-# SMTP_USERNAME=username
-# SMTP_PASSWORD=password
@@ -0,0 +1,156 @@
+## Bitwarden_RS Configuration File
+## Uncomment any of the following lines to change the defaults
+
+## Main data folder
+# DATA_FOLDER=data
+
+## Database URL
+## When using SQLite, this is the path to the DB file, default to %DATA_FOLDER%/db.sqlite3
+## When using MySQL, this it is the URL to the DB, including username and password:
+## Format: mysql://[user[:password]@]host/database_name
+# DATABASE_URL=data/db.sqlite3
+
+## Individual folders, these override %DATA_FOLDER%
+# RSA_KEY_FILENAME=data/rsa_key
+# ICON_CACHE_FOLDER=data/icon_cache
+# ATTACHMENTS_FOLDER=data/attachments
+
+## Templates data folder, by default uses embedded templates
+## Check source code to see the format
+# TEMPLATES_FOLDER=/path/to/templates
+## Automatically reload the templates for every request, slow, use only for development
+# RELOAD_TEMPLATES=false
+
+## Cache time-to-live for successfully obtained icons, in seconds (0 is "forever")
+# ICON_CACHE_TTL=2592000
+## Cache time-to-live for icons which weren't available, in seconds (0 is "forever")
+# ICON_CACHE_NEGTTL=259200
+
+## Web vault settings
+# WEB_VAULT_FOLDER=web-vault/
+# WEB_VAULT_ENABLED=true
+
+## Enables websocket notifications
+# WEBSOCKET_ENABLED=false
+
+## Controls the WebSocket server address and port
+# WEBSOCKET_ADDRESS=0.0.0.0
+# WEBSOCKET_PORT=3012
+
+## Enable extended logging
+## This shows timestamps and allows logging to file and to syslog
+### To enable logging to file, use the LOG_FILE env variable
+### To enable syslog, use the USE_SYSLOG env variable
+# EXTENDED_LOGGING=true
+
+## Logging to file
+## This requires extended logging
+## It's recommended to also set 'ROCKET_CLI_COLORS=off'
+# LOG_FILE=/path/to/log
+
+## Logging to Syslog
+## This requires extended logging
+## It's recommended to also set 'ROCKET_CLI_COLORS=off'
+# USE_SYSLOG=false
+
+## Log level
+## Change the verbosity of the log output
+## Valid values are "trace", "debug", "info", "warn", "error" and "off"
+## This requires extended logging
+# LOG_LEVEL=Info
+
+## Enable WAL for the DB
+## Set to false to avoid enabling WAL during startup.
+## Note that if the DB already has WAL enabled, you will also need to disable WAL in the DB,
+## this setting only prevents bitwarden_rs from automatically enabling it on start.
+## Please read project wiki page about this setting first before changing the value as it can
+## cause performance degradation or might render  the service unable to start.
+# ENABLE_DB_WAL=true
+
+## Disable icon downloading
+## Set to true to disable icon downloading, this would still serve icons from $ICON_CACHE_FOLDER,
+## but it won't produce any external network request. Needs to set $ICON_CACHE_TTL to 0,
+## otherwise it will delete them and they won't be downloaded again.
+# DISABLE_ICON_DOWNLOAD=false
+
+## Icon download timeout
+## Configure the timeout value when downloading the favicons.
+## The default is 10 seconds, but this could be to low on slower network connections
+# ICON_DOWNLOAD_TIMEOUT=10
+
+## Icon blacklist Regex
+## Any domains or IPs that match this regex won't be fetched by the icon service.
+## Useful to hide other servers in the local network. Check the WIKI for more details
+# ICON_BLACKLIST_REGEX=192\.168\.1\.[0-9].*^
+
+## Any IP which is not defined as a global IP will be blacklisted.
+## Usefull to secure your internal environment: See https://en.wikipedia.org/wiki/Reserved_IP_addresses for a list of IPs which it will block
+# ICON_BLACKLIST_NON_GLOBAL_IPS=true
+
+## Disable 2FA remember
+## Enabling this would force the users to use a second factor to login every time.
+## Note that the checkbox would still be present, but ignored.
+# DISABLE_2FA_REMEMBER=false
+
+## Controls if new users can register
+# SIGNUPS_ALLOWED=true
+
+## Token for the admin interface, preferably use a long random string
+## One option is to use 'openssl rand -base64 48'
+## If not set, the admin panel is disabled
+# ADMIN_TOKEN=Vy2VyYTTsKPv8W5aEOWUbB/Bt3DEKePbHmI4m9VcemUMS2rEviDowNAFqYi1xjmp
+# DISABLE_ADMIN_TOKEN=false
+
+## Invitations org admins to invite users, even when signups are disabled
+# INVITATIONS_ALLOWED=true
+
+## Controls the PBBKDF password iterations to apply on the server
+## The change only applies when the password is changed
+# PASSWORD_ITERATIONS=100000
+
+## Whether password hint should be sent into the error response when the client request it
+# SHOW_PASSWORD_HINT=true
+
+## Domain settings
+## The domain must match the address from where you access the server
+## It's recommended to configure this value, otherwise certain functionality might not work,
+## like attachment downloads, email links and U2F.
+## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs
+# DOMAIN=https://bw.domain.tld:8443
+
+## Yubico (Yubikey) Settings
+## Set your Client ID and Secret Key for Yubikey OTP
+## You can generate it here: https://upgrade.yubico.com/getapikey/
+## You can optionally specify a custom OTP server
+# YUBICO_CLIENT_ID=11111
+# YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA
+# YUBICO_SERVER=http://yourdomain.com/wsapi/2.0/verify
+
+## Duo Settings
+## You need to configure all options to enable global Duo support, otherwise users would need to configure it themselves
+## Create an account and protect an application as mentioned in this link (only the first step, not the rest):
+## https://help.bitwarden.com/article/setup-two-step-login-duo/#create-a-duo-security-account
+## Then set the following options, based on the values obtained from the last step:
+# DUO_IKEY=<Integration Key>
+# DUO_SKEY=<Secret Key>
+# DUO_HOST=<API Hostname>
+## After that, you should be able to follow the rest of the guide linked above,
+## ignoring the fields that ask for the values that you already configured beforehand.
+
+## Rocket specific settings, check Rocket documentation to learn more
+# ROCKET_ENV=staging
+# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
+# ROCKET_PORT=8000
+# ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"}
+
+## Mail specific settings, set SMTP_HOST and SMTP_FROM to enable the mail service.
+## To make sure the email links are pointing to the correct host, set the DOMAIN variable.
+## Note: if SMTP_USERNAME is specified, SMTP_PASSWORD is mandatory
+# SMTP_HOST=smtp.domain.tld
+# SMTP_FROM=bitwarden-rs@domain.tld
+# SMTP_FROM_NAME=Bitwarden_RS
+# SMTP_PORT=587
+# SMTP_SSL=true
+# SMTP_USERNAME=username
+# SMTP_PASSWORD=password
+# SMTP_AUTH_MECHANISM="Plain"
@@ -10,7 +10,7 @@ data
 *.iml

 # Environment file
-# .env
+.env

 # Web vault
-web-vault
+web-vault
@@ -0,0 +1,7 @@
+ignored:
+  # disable explicit version for apt install
+  - DL3008
+  # disable explicit version for apk install
+  - DL3018
+trustedRegistries:
+  - docker.io
@@ -1,7 +1,20 @@
-# Copied from Rocket's .travis.yml
+dist: xenial
+
+env:
+  global:
+    - HADOLINT_VERSION=1.17.1
+
 language: rust
-sudo: required # so we get a VM with higher specs
-dist: trusty # so we get a VM with higher specs
+rust: nightly
 cache: cargo
-rust:
- nightly
+
+before_install:
+  - sudo curl -L https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VERSION/hadolint-$(uname -s)-$(uname -m) -o /usr/local/bin/hadolint
+  - sudo chmod +rx /usr/local/bin/hadolint
+
+# Nothing to install
+install: true
+script:
+- git ls-files --exclude='Dockerfile*' --ignored | xargs --max-lines=1 hadolint
+- cargo build --features "sqlite"
+- cargo build --features "mysql"
@@ -1,70 +0,0 @@
-# Build instructions
-
-## Dependencies
- `Rust nightly` (strongly recommended to use [rustup](https://rustup.rs/))
- `OpenSSL` (should be available in path, install through your system's package manager or use the [prebuilt binaries](https://wiki.openssl.org/index.php/Binaries))
- `NodeJS` (required to build the web-vault, (install through your system's package manager or use the [prebuilt binaries](https://nodejs.org/en/download/))
-
-
-## Run/Compile
-```sh
-# Compile and run
-cargo run
-# or just compile (binary located in target/release/bitwarden_rs)
-cargo build --release
-```
-
-When run, the server is accessible in [http://localhost:80](http://localhost:80).
-
-### Install the web-vault
-Clone the git repository at [bitwarden/web](https://github.com/bitwarden/web) and checkout the latest release tag (e.g. v2.1.1):
-```sh
-# clone the repository
-git clone https://github.com/bitwarden/web.git web-vault
-cd web-vault
-# switch to the latest tag
-git checkout "$(git tag | tail -n1)"
-```
-
-Apply the patch file from `docker/set-vault-baseurl.patch`:
-```sh
-# In the Vault repository directory
-git apply /path/to/bitwarden_rs/docker/set-vault-baseurl.patch
-```
-
-Then, build the Vault:
-```sh
-npm run sub:init
-npm install
-npm run dist
-```
-
-Finally copy the contents of the `build` folder into the `bitwarden_rs/web-vault` folder.
-
-# Configuration
-The available configuration options are documented in the default `.env` file, and they can be modified by uncommenting the desired options in that file or by setting their respective environment variables. Look at the README file for the main configuration options available.
-
-Note: the environment variables override the values set in the `.env` file.
-
-## How to recreate database schemas (for developers)
-Install diesel-cli with cargo:
-```sh
-cargo install diesel_cli --no-default-features --features sqlite-bundled
-```
-
-Make sure that the correct path to the database is in the `.env` file.
-
-If you want to modify the schemas, create a new migration with:
-```
-diesel migration generate <name>
-```
-
-Modify the *.sql files, making sure that any changes are reverted in the down.sql file.
-
-Apply the migrations and save the generated schemas as follows:
-```sh
-diesel migration redo
-
-# This step should be done automatically when using diesel-cli > 1.3.0
-# diesel print-schema > src/db/schema.rs
-```
@@ -2,85 +2,120 @@
 name = "bitwarden_rs"
 version = "1.0.0"
 authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
+edition = "2018"
+
+repository = "https://github.com/dani-garcia/bitwarden_rs"
+readme = "README.md"
+license = "GPL-3.0-only"
+publish = false
+build = "build.rs"
+
+[features]
+# Empty to keep compatibility, prefer to set USE_SYSLOG=true
+enable_syslog = []
+mysql = ["diesel/mysql", "diesel_migrations/mysql"]
+postgresql = ["diesel/postgres", "diesel_migrations/postgres", "openssl"]
+sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"]
+
+[target."cfg(not(windows))".dependencies]
+syslog = "4.0.1"

 [dependencies]
 # Web framework for nightly with a focus on ease-of-use, expressibility, and speed.
-rocket = { version = "0.3.17", features = ["tls"] }
-rocket_codegen = "0.3.17"
-rocket_contrib = "0.3.17"
+rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false }
+rocket_contrib = "0.5.0-dev"

 # HTTP client
-reqwest = "0.9.2"
+reqwest = "0.9.20"

 # multipart/form-data support
-multipart = "0.15.3"
+multipart = { version = "0.16.1", features = ["server"], default-features = false }

 # WebSockets library
-ws = "0.7.8"
+ws = "0.9.0"

 # MessagePack library
-rmpv = "0.4.0"
+rmpv = "0.4.1"

 # Concurrent hashmap implementation
-chashmap = "2.2.0"
+chashmap = "2.2.2"

 # A generic serialization/deserialization framework
-serde = "1.0.79"
-serde_derive = "1.0.79"
-serde_json = "1.0.31"
+serde = "1.0.101"
+serde_derive = "1.0.101"
+serde_json = "1.0.40"
+
+# Logging
+log = "0.4.8"
+fern = { version = "0.5.8", features = ["syslog-4"] }

 # A safe, extensible ORM and Query builder
-diesel = { version = "1.3.3", features = ["sqlite", "chrono", "r2d2"] }
-diesel_migrations = { version = "1.3.0", features = ["sqlite"] }
+diesel = { version = "1.4.2", features = [ "chrono", "r2d2"] }
+diesel_migrations = "1.4.0"

-# Bundled SQLite
-libsqlite3-sys = { version = "0.9.3", features = ["bundled"] }
+# Bundled SQLite                                           
+libsqlite3-sys = { version = "0.12.0", features = ["bundled"], optional = true }

 # Crypto library
-ring = { version = "= 0.11.0", features = ["rsa_signing"] }
+ring = "0.14.6"

 # UUID generation
-uuid = { version = "0.7.1", features = ["v4"] }
+uuid = { version = "0.7.4", features = ["v4"] }

 # Date and time library for Rust
-chrono = "0.4.6"
+chrono = "0.4.9"

 # TOTP library
 oath = "0.10.2"

 # Data encoding library
-data-encoding = "2.1.1"
+data-encoding = "2.1.2"

 # JWT library
-jsonwebtoken = "= 4.0.1"
+jsonwebtoken = "6.0.1"

 # U2F library
-u2f = "0.1.2"
+u2f = "0.1.6"
+
+# Yubico Library
+yubico = { version = "0.6.1", features = ["online", "online-tokio"], default-features = false }

 # A `dotenv` implementation for Rust
-dotenv = { version = "0.13.0", default-features = false }
+dotenv = { version = "0.14.1", default-features = false }

 # Lazy static macro
-lazy_static = "1.1.0"
+lazy_static = "1.4.0"
+
+# More derives
+derive_more = "0.15.0"

 # Numerical libraries
-num-traits = "0.2.6"
-num-derive = "0.2.3"
+num-traits = "0.2.8"
+num-derive = "0.2.5"

 # Email libraries
-lettre = "0.9.0"
-lettre_email = "0.9.0"
-native-tls = "0.2.1"
+lettre = "0.9.2"
+lettre_email = "0.9.2"
+native-tls = "0.2.3"
+quoted_printable = "0.4.1"

-# Number encoding library
-byteorder = "1.2.6"
+# Template library
+handlebars = "2.0.2"
+
+# For favicon extraction from main website
+soup = "0.4.1"
+regex = "1.3.1"
+
+# Required for SSL support for PostgreSQL
+openssl = { version = "0.10.24", optional = true }
+
+# URL encoding library
+percent-encoding = "2.1.0"

 [patch.crates-io]
- # Make jwt use ring 0.11, to match rocket
-jsonwebtoken = { path = "libs/jsonwebtoken" }
-rmp = { git = 'https://github.com/dani-garcia/msgpack-rust' }
-lettre = { git = 'https://github.com/lettre/lettre', rev = 'c988b1760ad81' }
-lettre_email = { git = 'https://github.com/lettre/lettre', rev = 'c988b1760ad81' }
+# Add support for Timestamp type
+rmp = { git = 'https://github.com/3Hren/msgpack-rust', rev = 'd6c6c672e470341207ed9feb69b56322b5597a11' }

-# Version 0.1.2 from crates.io lacks a commit that fixes a certificate error
-u2f = { git = 'https://github.com/wisespace-io/u2f-rs', rev = '193de35093a44' }
+# Use newest ring
+rocket = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'dbcb0a75b9556763ac3ab708f40c8f8ed75f1a1e' }
+rocket_contrib = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'dbcb0a75b9556763ac3ab708f40c8f8ed75f1a1e' }
@@ -1,89 +0,0 @@
-# Using multistage build: 
-# 	https://docs.docker.com/develop/develop-images/multistage-build/
-# 	https://whitfin.io/speeding-up-rust-docker-builds/
-####################### VAULT BUILD IMAGE  #######################
-FROM node:8-alpine as vault
-
-ENV VAULT_VERSION "v2.4.0"
-
-ENV URL "https://github.com/bitwarden/web.git"
-
-RUN apk add --update-cache --upgrade \
-    curl \
-    git \
-    tar
-
-RUN git clone -b $VAULT_VERSION --depth 1 $URL web-build
-WORKDIR /web-build
-
-COPY /docker/set-vault-baseurl.patch /web-build/    
-RUN git apply set-vault-baseurl.patch
-
-RUN npm run sub:init && npm install
-
-RUN npm run dist \
-    && mv build /web-vault
-
-########################## BUILD IMAGE  ##########################
-# We need to use the Rust build image, because
-# we need the Rust compiler and Cargo tooling
-FROM rust as build
-
-# Using bundled SQLite, no need to install it
-# RUN apt-get update && apt-get install -y\
-#    sqlite3\
-#    --no-install-recommends\
-# && rm -rf /var/lib/apt/lists/*
-
-# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
-WORKDIR /app
-
-# Copies over *only* your manifests and vendored dependencies
-COPY ./Cargo.* ./
-COPY ./libs ./libs
-COPY ./rust-toolchain ./rust-toolchain
-
-# Builds your dependencies and removes the
-# dummy project, except the target folder
-# This folder contains the compiled dependencies
-RUN cargo build --release
-RUN find . -not -path "./target*" -delete
-
-# Copies the complete project
-# To avoid copying unneeded files, use .dockerignore
-COPY . .
-
-# Builds again, this time it'll just be
-# your actual source files being built
-RUN cargo build --release
-
-######################## RUNTIME IMAGE  ########################
-# Create a new stage with a minimal image
-# because we already have a binary built
-FROM debian:stretch-slim
-
-ENV ROCKET_ENV "staging"
-ENV ROCKET_WORKERS=10
-
-# Install needed libraries
-RUN apt-get update && apt-get install -y\
-    openssl\
-    ca-certificates\
-    --no-install-recommends\
- && rm -rf /var/lib/apt/lists/*
-
-RUN mkdir /data
-VOLUME /data
-EXPOSE 80
-EXPOSE 3012
-
-# Copies the files from the context (env file and web-vault)
-# and the binary from the "build" stage to the current stage
-COPY .env .
-COPY Rocket.toml .
-COPY --from=vault /web-vault ./web-vault
-COPY --from=build app/target/release/bitwarden_rs .
-
-# Configures the startup!
-CMD ./bitwarden_rs
@@ -0,0 +1 @@
+docker/amd64/sqlite/Dockerfile
@@ -1,81 +0,0 @@
-# Using multistage build: 
-# 	https://docs.docker.com/develop/develop-images/multistage-build/
-# 	https://whitfin.io/speeding-up-rust-docker-builds/
-####################### VAULT BUILD IMAGE  #######################
-FROM node:8-alpine as vault
-
-ENV VAULT_VERSION "v2.4.0"
-
-ENV URL "https://github.com/bitwarden/web.git"
-
-RUN apk add --update-cache --upgrade \
-    curl \
-    git \
-    tar
-
-RUN git clone -b $VAULT_VERSION --depth 1 $URL web-build
-WORKDIR /web-build
-
-COPY /docker/set-vault-baseurl.patch /web-build/    
-RUN git apply set-vault-baseurl.patch
-
-RUN npm run sub:init && npm install
-
-RUN npm run dist \
-    && mv build /web-vault
-
-########################## BUILD IMAGE  ##########################
-# Musl build image for statically compiled binary
-FROM clux/muslrust:nightly-2018-08-24 as build
-
-# Creates a dummy project used to grab dependencies
-RUN USER=root cargo init --bin
-
-# Copies over *only* your manifests and vendored dependencies
-COPY ./Cargo.* ./
-COPY ./libs ./libs
-COPY ./rust-toolchain ./rust-toolchain
-
-# Builds your dependencies and removes the
-# dummy project, except the target folder
-# This folder contains the compiled dependencies
-RUN cargo build --release
-RUN find . -not -path "./target*" -delete
-
-# Copies the complete project
-# To avoid copying unneeded files, use .dockerignore
-COPY . .
-
-# Builds again, this time it'll just be
-# your actual source files being built
-RUN cargo build --release
-
-######################## RUNTIME IMAGE  ########################
-# Create a new stage with a minimal image
-# because we already have a binary built
-FROM alpine:3.8
-
-ENV ROCKET_ENV "staging"
-ENV ROCKET_WORKERS=10
-ENV SSL_CERT_DIR=/etc/ssl/certs
-
-# Install needed libraries
-RUN apk add \
-        openssl\
-        ca-certificates \
-    && rm /var/cache/apk/*
-
-RUN mkdir /data
-VOLUME /data
-EXPOSE 80
-EXPOSE 3012
-
-# Copies the files from the context (env file and web-vault)
-# and the binary from the "build" stage to the current stage
-COPY .env .
-COPY Rocket.toml .
-COPY --from=vault /web-vault ./web-vault
-COPY --from=build /volume/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
-
-# Configures the startup!
-CMD ./bitwarden_rs
@@ -1,94 +0,0 @@
-# Proxy examples
-
-In this document, `<SERVER>` refers to the IP or domain where bitwarden_rs is accessible from. If both the proxy and bitwarden_rs are running in the same system, simply use `localhost`.
-The ports proxied by default are `80` for the web server and `3012` for the WebSocket server. The proxies are configured to listen in port `443` with HTTPS enabled, which is recommended.
-
-When using a proxy, it's preferrable to configure HTTPS at the proxy level and not at the application level, this way the WebSockets connection is also secured.
-
-## Caddy
-
-```nginx
-localhost:443 {
-    # The negotiation endpoint is also proxied to Rocket
-    proxy /notifications/hub/negotiate <SERVER>:80 {
-        transparent
-    }
-    
-    # Notifications redirected to the websockets server
-    proxy /notifications/hub <SERVER>:3012 {
-        websocket
-    }
-    
-    # Proxy the Root directory to Rocket
-    proxy / <SERVER>:80 {
-        transparent
-    }
-
-    tls ${SSLCERTIFICATE} ${SSLKEY}
-}
-```
-
-## Nginx (by shauder)
-```nginx
-server {
-  listen 443 ssl http2;
-  server_name vault.*;
-  
-  # Specify SSL config if using a shared one.
-  #include conf.d/ssl/ssl.conf;
-  
-  location / {
-    proxy_pass http://<SERVER>:80;
-  }
-  
-  location /notifications/hub {
-    proxy_pass http://<SERVER>:3012;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-  }
-  
-  location /notifications/hub/negotiate {
-    proxy_pass http://<SERVER>:80;
-  }
-}
-```
-
-## Apache (by fbartels)
-```apache
-<VirtualHost *:443>
-    SSLEngine on
-    ServerName bitwarden.$hostname.$domainname
-
-    SSLCertificateFile ${SSLCERTIFICATE}
-    SSLCertificateKeyFile ${SSLKEY}
-    SSLCACertificateFile ${SSLCA}
-    ${SSLCHAIN}
-
-    ErrorLog \${APACHE_LOG_DIR}/bitwarden-error.log
-    CustomLog \${APACHE_LOG_DIR}/bitwarden-access.log combined
-
-    RewriteEngine On
-    RewriteCond %{HTTP:Upgrade} =websocket [NC]
-    RewriteRule /(.*)           ws://<SERVER>:3012/$1 [P,L]
-
-    ProxyPass / http://<SERVER>:80/
-
-    ProxyPreserveHost On
-    ProxyRequests Off
-</VirtualHost>
-```
-
-## Traefik (docker-compose example)
-```traefik
-    labels:
-      - 'traefik.frontend.rule=Host:vault.example.local'
-      - 'traefik.docker.network=traefik'
-      - 'traefik.port=80'
-      - 'traefik.enable=true'
-      - 'traefik.web.frontend.rule=Host:vault.example.local'
-      - 'traefik.web.port=80'
-      - 'traefik.hub.frontend.rule=Path:/notifications/hub'
-      - 'traefik.hub.port=3012'
-      - 'traefik.negotiate.frontend.rule=Path:/notifications/hub/negotiate'
-      - 'traefik.negotiate.port=80'
-```
@@ -0,0 +1,25 @@
+pool:
+  vmImage: 'Ubuntu-16.04'
+
+steps:
+- script: |
+    ls -la
+    curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain $(cat rust-toolchain)
+    echo "##vso[task.prependpath]$HOME/.cargo/bin"
+  displayName: 'Install Rust'
+
+- script: |
+    sudo apt-get update
+    sudo apt-get install -y libmysql++-dev
+  displayName: Install libmysql
+
+- script: |
+    rustc -Vv
+    cargo -V
+  displayName: Query rust and cargo versions
+
+- script : cargo build --features "sqlite"
+  displayName: 'Build project with sqlite backend'
+
+- script : cargo build --features "mysql"
+  displayName: 'Build project with mysql backend'
@@ -0,0 +1,67 @@
+use std::process::Command;
+
+fn main() {
+    #[cfg(all(feature = "sqlite", feature = "mysql"))]
+    compile_error!("Can't enable both sqlite and mysql at the same time");
+    #[cfg(all(feature = "sqlite", feature = "postgresql"))]
+    compile_error!("Can't enable both sqlite and postgresql at the same time");
+    #[cfg(all(feature = "mysql", feature = "postgresql"))]
+    compile_error!("Can't enable both mysql and postgresql at the same time");
+
+    #[cfg(not(any(feature = "sqlite", feature = "mysql", feature = "postgresql")))]
+    compile_error!("You need to enable one DB backend. To build with previous defaults do: cargo build --features sqlite");
+
+    read_git_info().ok();
+}
+
+fn run(args: &[&str]) -> Result<String, std::io::Error> {
+    let out = Command::new(args[0]).args(&args[1..]).output()?;
+    if !out.status.success() {
+        use std::io::{Error, ErrorKind};
+        return Err(Error::new(ErrorKind::Other, "Command not successful"));
+    }
+    Ok(String::from_utf8(out.stdout).unwrap().trim().to_string())
+}
+
+/// This method reads info from Git, namely tags, branch, and revision
+fn read_git_info() -> Result<(), std::io::Error> {
+    // The exact tag for the current commit, can be empty when
+    // the current commit doesn't have an associated tag
+    let exact_tag = run(&["git", "describe", "--abbrev=0", "--tags", "--exact-match"]).ok();
+    if let Some(ref exact) = exact_tag {
+        println!("cargo:rustc-env=GIT_EXACT_TAG={}", exact);
+    }
+
+    // The last available tag, equal to exact_tag when
+    // the current commit is tagged
+    let last_tag = run(&["git", "describe", "--abbrev=0", "--tags"])?;
+    println!("cargo:rustc-env=GIT_LAST_TAG={}", last_tag);
+
+    // The current branch name
+    let branch = run(&["git", "rev-parse", "--abbrev-ref", "HEAD"])?;
+    println!("cargo:rustc-env=GIT_BRANCH={}", branch);
+
+    // The current git commit hash
+    let rev = run(&["git", "rev-parse", "HEAD"])?;
+    let rev_short = rev.get(..8).unwrap_or_default();
+    println!("cargo:rustc-env=GIT_REV={}", rev_short);
+
+    // Combined version
+    let version = if let Some(exact) = exact_tag {
+        exact
+    } else if &branch != "master" {
+        format!("{}-{} ({})", last_tag, rev_short, branch)
+    } else {
+        format!("{}-{}", last_tag, rev_short)
+    };
+    println!("cargo:rustc-env=GIT_VERSION={}", version);
+
+    // To access these values, use:
+    //    env!("GIT_EXACT_TAG")
+    //    env!("GIT_LAST_TAG")
+    //    env!("GIT_BRANCH")
+    //    env!("GIT_REV")
+    //    env!("GIT_VERSION")
+
+    Ok(())
+}
@@ -2,35 +2,35 @@
 # 	https://docs.docker.com/develop/develop-images/multistage-build/
 # 	https://whitfin.io/speeding-up-rust-docker-builds/
 ####################### VAULT BUILD IMAGE  #######################
-FROM node:8-alpine as vault
+FROM alpine:3.10 as vault

-ENV VAULT_VERSION "v2.4.0"
+ENV VAULT_VERSION "v2.12.0"

-ENV URL "https://github.com/bitwarden/web.git"
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"

-RUN apk add --update-cache --upgrade \
+RUN apk add --no-cache --upgrade \
    curl \
-    git \
    tar

-RUN git clone -b $VAULT_VERSION --depth 1 $URL web-build
-WORKDIR /web-build
+RUN mkdir /web-vault
+WORKDIR /web-vault

-COPY /docker/set-vault-baseurl.patch /web-build/    
-RUN git apply set-vault-baseurl.patch
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]

-RUN npm run sub:init && npm install
-
-RUN npm run dist \
-    && mv build /web-vault
+RUN curl -L $URL | tar xz
+RUN ls

 ########################## BUILD IMAGE  ##########################
 # We need to use the Rust build image, because
 # we need the Rust compiler and Cargo tooling
-FROM rust as build
+FROM rust:1.36 as build
+
+# set mysql backend
+ARG DB=mysql

 RUN apt-get update \
    && apt-get install -y \
+        --no-install-recommends \
        gcc-aarch64-linux-gnu \
    && mkdir -p ~/.cargo \
    && echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config \
@@ -39,43 +39,31 @@ RUN apt-get update \
 ENV CARGO_HOME "/root/.cargo"
 ENV USER "root"

-# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
 WORKDIR /app

-# Copies over *only* your manifests and vendored dependencies
-COPY ./Cargo.* ./
-COPY ./libs ./libs
-COPY ./rust-toolchain ./rust-toolchain
-
 # Prepare openssl arm64 libs
 RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
        /etc/apt/sources.list.d/deb-src.list \
    && dpkg --add-architecture arm64 \
    && apt-get update \
    && apt-get install -y \
+        --no-install-recommends \
        libssl-dev:arm64 \
-        libc6-dev:arm64
+        libc6-dev:arm64 \
+        libmariadb-dev:arm64

 ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc"
 ENV CROSS_COMPILE="1"
 ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu"
 ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu"

-# Builds your dependencies and removes the
-# dummy project, except the target folder
-# This folder contains the compiled dependencies
-RUN rustup target add aarch64-unknown-linux-gnu
-RUN cargo build --release --target=aarch64-unknown-linux-gnu -v
-RUN find . -not -path "./target*" -delete
-
 # Copies the complete project
 # To avoid copying unneeded files, use .dockerignore
 COPY . .

-# Builds again, this time it'll just be
-# your actual source files being built
-RUN cargo build --release --target=aarch64-unknown-linux-gnu -v
+# Build
+RUN rustup target add aarch64-unknown-linux-gnu
+RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu -v

 ######################## RUNTIME IMAGE  ########################
 # Create a new stage with a minimal image
@@ -83,15 +71,18 @@ RUN cargo build --release --target=aarch64-unknown-linux-gnu -v
 FROM balenalib/aarch64-debian:stretch

 ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
 ENV ROCKET_WORKERS=10

 RUN [ "cross-build-start" ]

 # Install needed libraries
-RUN apt-get update && apt-get install -y\
-    openssl\
-    ca-certificates\
-    --no-install-recommends\
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    libmariadbclient-dev \
 && rm -rf /var/lib/apt/lists/*

 RUN mkdir /data
@@ -101,12 +92,15 @@ RUN [ "cross-build-end" ]
 VOLUME /data
 EXPOSE 80

-# Copies the files from the context (env file and web-vault)
+# Copies the files from the context (Rocket.toml file and web-vault)
 # and the binary from the "build" stage to the current stage
-COPY .env .
 COPY Rocket.toml .
 COPY --from=vault /web-vault ./web-vault
 COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/bitwarden_rs .

+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
 # Configures the startup!
-CMD ./bitwarden_rs
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,106 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set sqlite as default for DB ARG for backward comaptibility
+ARG DB=sqlite
+
+RUN apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        gcc-aarch64-linux-gnu \
+    && mkdir -p ~/.cargo \
+    && echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config \
+    && echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+WORKDIR /app
+
+# Prepare openssl arm64 libs
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+        /etc/apt/sources.list.d/deb-src.list \
+    && dpkg --add-architecture arm64 \
+    && apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        libssl-dev:arm64 \
+        libc6-dev:arm64 \
+        libmariadb-dev:arm64
+
+ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu"
+ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu"
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Build
+RUN rustup target add aarch64-unknown-linux-gnu
+RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu -v
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM balenalib/aarch64-debian:stretch
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+RUN [ "cross-build-start" ]
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    sqlite3 \
+ && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+
+RUN [ "cross-build-end" ]  
+
+VOLUME /data
+EXPOSE 80
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,103 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set mysql backend
+ARG DB=mysql
+
+# Using bundled SQLite, no need to install it
+# RUN apt-get update && apt-get install -y\
+#    --no-install-recommends \
+#    sqlite3\
+# && rm -rf /var/lib/apt/lists/*
+
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libmariadb-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin app
+WORKDIR /app
+
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM debian:stretch-slim
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    libmariadbclient-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build app/target/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,85 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# Musl build image for statically compiled binary
+FROM clux/muslrust:nightly-2019-07-08 as build
+
+# set mysql backend
+ARG DB=mysql
+
+ENV USER "root"
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libmysqlclient-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Build
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM alpine:3.10
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+ENV SSL_CERT_DIR=/etc/ssl/certs
+
+# Install needed libraries
+RUN apk add --no-cache \
+        openssl \
+        mariadb-connector-c \
+        curl \
+        ca-certificates
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,104 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set mysql backend
+ARG DB=postgresql
+
+# Using bundled SQLite, no need to install it
+# RUN apt-get update && apt-get install -y\
+#    --no-install-recommends \
+#    sqlite3\
+# && rm -rf /var/lib/apt/lists/*
+
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libpq-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin app
+WORKDIR /app
+
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM debian:stretch-slim
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    sqlite3 \
+    libpq5 \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build app/target/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,86 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# Musl build image for statically compiled binary
+FROM clux/muslrust:nightly-2019-07-08 as build
+
+# set mysql backend
+ARG DB=postgresql
+
+ENV USER "root"
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libpq-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Build
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM alpine:3.10
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+ENV SSL_CERT_DIR=/etc/ssl/certs
+
+# Install needed libraries
+RUN apk add --no-cache \
+        openssl \
+        postgresql-libs \
+        curl \
+        sqlite \
+        ca-certificates
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,103 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set sqlite as default for DB ARG for backward comaptibility
+ARG DB=sqlite
+
+# Using bundled SQLite, no need to install it
+# RUN apt-get update && apt-get install -y\
+#    --no-install-recommends \
+#    sqlite3 \
+# && rm -rf /var/lib/apt/lists/*
+
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libmariadb-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin app
+WORKDIR /app
+
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM debian:stretch-slim
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    sqlite3 \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build app/target/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,86 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# Musl build image for statically compiled binary
+FROM clux/muslrust:nightly-2019-07-08 as build
+
+# set sqlite as default for DB ARG for backward comaptibility
+ARG DB=sqlite
+
+ENV USER "root"
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    libmysqlclient-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Build
+RUN cargo build --features ${DB} --release
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM alpine:3.10
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+ENV SSL_CERT_DIR=/etc/ssl/certs
+
+# Install needed libraries
+RUN apk add --no-cache \
+        openssl \
+        curl \
+        sqlite \
+        ca-certificates
+
+RUN mkdir /data
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,106 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set mysql backend
+ARG DB=mysql
+
+RUN apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        gcc-arm-linux-gnueabi \
+    && mkdir -p ~/.cargo \
+    && echo '[target.arm-unknown-linux-gnueabi]' >> ~/.cargo/config \
+    && echo 'linker = "arm-linux-gnueabi-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+WORKDIR /app
+
+# Prepare openssl armel libs
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+        /etc/apt/sources.list.d/deb-src.list \
+    && dpkg --add-architecture armel \
+    && apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        libssl-dev:armel \
+        libc6-dev:armel \
+        libmariadb-dev:armel
+
+ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi"
+ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi"
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Build
+RUN rustup target add arm-unknown-linux-gnueabi
+RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi -v
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM balenalib/rpi-debian:stretch
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+RUN [ "cross-build-start" ]
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    libmariadbclient-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+
+RUN [ "cross-build-end" ]  
+
+VOLUME /data
+EXPOSE 80
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,106 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set sqlite as default for DB ARG for backward comaptibility
+ARG DB=sqlite
+
+RUN apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        gcc-arm-linux-gnueabi \
+    && mkdir -p ~/.cargo \
+    && echo '[target.arm-unknown-linux-gnueabi]' >> ~/.cargo/config \
+    && echo 'linker = "arm-linux-gnueabi-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+WORKDIR /app
+
+# Prepare openssl armel libs
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+        /etc/apt/sources.list.d/deb-src.list \
+    && dpkg --add-architecture armel \
+    && apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        libssl-dev:armel \
+        libc6-dev:armel \
+        libmariadb-dev:armel
+
+ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi"
+ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi"
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Build
+RUN rustup target add arm-unknown-linux-gnueabi
+RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi -v
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM balenalib/rpi-debian:stretch
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+RUN [ "cross-build-start" ]
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    sqlite3 \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+
+RUN [ "cross-build-end" ]  
+
+VOLUME /data
+EXPOSE 80
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -2,35 +2,35 @@
 # 	https://docs.docker.com/develop/develop-images/multistage-build/
 # 	https://whitfin.io/speeding-up-rust-docker-builds/
 ####################### VAULT BUILD IMAGE  #######################
-FROM node:8-alpine as vault
+FROM alpine:3.10 as vault

-ENV VAULT_VERSION "v2.4.0"
+ENV VAULT_VERSION "v2.12.0"

-ENV URL "https://github.com/bitwarden/web.git"
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"

-RUN apk add --update-cache --upgrade \
+RUN apk add --no-cache --upgrade \
    curl \
-    git \
    tar

-RUN git clone -b $VAULT_VERSION --depth 1 $URL web-build
-WORKDIR /web-build
+RUN mkdir /web-vault
+WORKDIR /web-vault

-COPY /docker/set-vault-baseurl.patch /web-build/    
-RUN git apply set-vault-baseurl.patch
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]

-RUN npm run sub:init && npm install
-
-RUN npm run dist \
-    && mv build /web-vault
+RUN curl -L $URL | tar xz
+RUN ls

 ########################## BUILD IMAGE  ##########################
 # We need to use the Rust build image, because
 # we need the Rust compiler and Cargo tooling
-FROM rust as build
+FROM rust:1.36 as build
+
+# set mysql backend
+ARG DB=mysql

 RUN apt-get update \
    && apt-get install -y \
+        --no-install-recommends \
        gcc-arm-linux-gnueabihf \
    && mkdir -p ~/.cargo \
    && echo '[target.armv7-unknown-linux-gnueabihf]' >> ~/.cargo/config \
@@ -39,43 +39,32 @@ RUN apt-get update \
 ENV CARGO_HOME "/root/.cargo"
 ENV USER "root"

-# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
 WORKDIR /app

-# Copies over *only* your manifests and vendored dependencies
-COPY ./Cargo.* ./
-COPY ./libs ./libs
-COPY ./rust-toolchain ./rust-toolchain
-
 # Prepare openssl armhf libs
 RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
        /etc/apt/sources.list.d/deb-src.list \
    && dpkg --add-architecture armhf \
    && apt-get update \
    && apt-get install -y \
+        --no-install-recommends \
        libssl-dev:armhf \
-        libc6-dev:armhf
+        libc6-dev:armhf \
+        libmariadb-dev:armhf
+

 ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc"
 ENV CROSS_COMPILE="1"
 ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf"
 ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf"

-# Builds your dependencies and removes the
-# dummy project, except the target folder
-# This folder contains the compiled dependencies
-RUN rustup target add armv7-unknown-linux-gnueabihf
-RUN cargo build --release --target=armv7-unknown-linux-gnueabihf -v
-RUN find . -not -path "./target*" -delete
-
 # Copies the complete project
 # To avoid copying unneeded files, use .dockerignore
 COPY . .

-# Builds again, this time it'll just be
-# your actual source files being built
-RUN cargo build --release --target=armv7-unknown-linux-gnueabihf -v
+# Build
+RUN rustup target add armv7-unknown-linux-gnueabihf
+RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf -v

 ######################## RUNTIME IMAGE  ########################
 # Create a new stage with a minimal image
@@ -83,16 +72,19 @@ RUN cargo build --release --target=armv7-unknown-linux-gnueabihf -v
 FROM balenalib/armv7hf-debian:stretch

 ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
 ENV ROCKET_WORKERS=10

 RUN [ "cross-build-start" ]

 # Install needed libraries
-RUN apt-get update && apt-get install -y\
-    openssl\
-    ca-certificates\
-    --no-install-recommends\
- && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    libmariadbclient-dev \
+    && rm -rf /var/lib/apt/lists/*

 RUN mkdir /data

@@ -101,12 +93,15 @@ RUN [ "cross-build-end" ]
 VOLUME /data
 EXPOSE 80

-# Copies the files from the context (env file and web-vault)
+# Copies the files from the context (Rocket.toml file and web-vault)
 # and the binary from the "build" stage to the current stage
-COPY .env .
 COPY Rocket.toml .
 COPY --from=vault /web-vault ./web-vault
 COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/bitwarden_rs .

+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
 # Configures the startup!
-CMD ./bitwarden_rs
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,106 @@
+# Using multistage build: 
+# 	https://docs.docker.com/develop/develop-images/multistage-build/
+# 	https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE  #######################
+FROM alpine:3.10 as vault
+
+ENV VAULT_VERSION "v2.12.0"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+RUN apk add --no-cache --upgrade \
+    curl \
+    tar
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE  ##########################
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+FROM rust:1.36 as build
+
+# set sqlite as default for DB ARG for backward comaptibility
+ARG DB=sqlite
+
+RUN apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        gcc-arm-linux-gnueabihf \
+    && mkdir -p ~/.cargo \
+    && echo '[target.armv7-unknown-linux-gnueabihf]' >> ~/.cargo/config \
+    && echo 'linker = "arm-linux-gnueabihf-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+WORKDIR /app
+
+# Prepare openssl armhf libs
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+        /etc/apt/sources.list.d/deb-src.list \
+    && dpkg --add-architecture armhf \
+    && apt-get update \
+    && apt-get install -y \
+        --no-install-recommends \
+        libssl-dev:armhf \
+        libc6-dev:armhf \
+        libmariadb-dev:armhf
+
+ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf"
+ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf"
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Build
+RUN rustup target add armv7-unknown-linux-gnueabihf
+RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf -v
+
+######################## RUNTIME IMAGE  ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM balenalib/armv7hf-debian:stretch
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+
+RUN [ "cross-build-start" ]
+
+# Install needed libraries
+RUN apt-get update && apt-get install -y \
+    --no-install-recommends \
+    openssl \
+    ca-certificates \
+    curl \
+    sqlite3 \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /data
+
+RUN [ "cross-build-end" ]  
+
+VOLUME /data
+EXPOSE 80
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/bitwarden_rs .
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+CMD ["./bitwarden_rs"]
@@ -0,0 +1,8 @@
+#!/usr/bin/env sh
+
+if [ -z "$ROCKET_TLS"]
+then
+  curl --fail http://localhost:${ROCKET_PORT:-"80"}/alive || exit 1
+else
+  curl --insecure --fail https://localhost:${ROCKET_PORT:-"80"}/alive || exit 1
+fi
@@ -1,27 +0,0 @@
--- a/src/app/services/services.module.ts
-+++ b/src/app/services/services.module.ts
-@@ -120,20 +120,16 @@ const notificationsService = new NotificationsService(userService, syncService,
- const environmentService = new EnvironmentService(apiService, storageService, notificationsService);
- const auditService = new AuditService(cryptoFunctionService, apiService);
- 
-const analytics = new Analytics(window, () => platformUtilsService.isDev() || platformUtilsService.isSelfHost(),
-+const analytics = new Analytics(window, () => platformUtilsService.isDev() || platformUtilsService.isSelfHost() || true,
-     platformUtilsService, storageService, appIdService);
- containerService.attachToWindow(window);
- 
- export function initFactory(): Function {
-     return async () => {
-         await (storageService as HtmlStorageService).init();
-        const isDev = platformUtilsService.isDev();
-        if (!isDev && platformUtilsService.isSelfHost()) {
-            environmentService.baseUrl = window.location.origin;
-        } else {
-            environmentService.notificationsUrl = isDev ? 'http://localhost:61840' :
-                'https://notifications.bitwarden.com'; // window.location.origin + '/notifications';
-        }
-+        const isDev = false;
-+        environmentService.baseUrl = window.location.origin;
-+        environmentService.notificationsUrl = window.location.origin + '/notifications';
-         apiService.setUrls({
-             base: isDev ? null : window.location.origin,
-             api: isDev ? 'http://localhost:4000' : null,
--- a/Show More
+++ b/Show More