Setup image (#1)

Author: devksingh4

.dockerignore

@@ -0,0 +1,2 @@
+data.json
+.env

.gitignore

@@ -0,0 +1,2 @@
+data.json
+.env

Dockerfile

@@ -0,0 +1,28 @@
+FROM debian:bookworm-slim
+
+ARG BWDC_VERSION=2026.1.0
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libsecret-1-0 \
+    curl \
+    unzip \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN curl -L "https://github.com/bitwarden/directory-connector/releases/download/v${BWDC_VERSION}/bwdc-linux-${BWDC_VERSION}.zip" -o /tmp/bwdc.zip && \
+    unzip /tmp/bwdc.zip -d /usr/local/bin && \
+    chmod +x /usr/local/bin/bwdc && \
+    rm /tmp/bwdc.zip
+
+RUN useradd -r -s /bin/false bitwarden && \
+    mkdir -p /home/bitwarden/.config/Bitwarden\ Directory\ Connector && \
+    chown -R bitwarden:bitwarden /home/bitwarden
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh && sed -i 's/\r$//' /entrypoint.sh
+
+ENV BITWARDENCLI_CONNECTOR_PLAINTEXT_SECRETS=true
+
+USER bitwarden
+
+ENTRYPOINT ["/entrypoint.sh"]

LICENSE

@@ -1,28 +1,28 @@
-BSD 3-Clause License
-
-Copyright (c) 2026, ACM@UIUC
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice, this
-   list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright notice,
-   this list of conditions and the following disclaimer in the documentation
-   and/or other materials provided with the distribution.
-
-3. Neither the name of the copyright holder nor the names of its
-   contributors may be used to endorse or promote products derived from
-   this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+BSD 3-Clause License
+
+Copyright (c) 2026, ACM@UIUC
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -1,2 +1,2 @@
-# bitwarden-dc-docker
-Running the Bitwarden Directory Connector on Docker
+# Bitwarden Directory Connector Docker
+Running the Bitwarden Directory Connector on Docker

docker-compose.yml

@@ -0,0 +1,16 @@
+services:
+    bwdc:
+        build:
+            context: .
+            args:
+                BWDC_VERSION: 2026.1.0
+        restart: unless-stopped
+        environment:
+            - BW_SERVER
+            - BW_CLIENTID
+            - BW_CLIENTSECRET
+            - BW_DIRECTORY_TYPE
+            - BW_DIRECTORY_KEY
+            - SYNC_INTERVAL_MIN
+        volumes:
+            - ./data.json:/home/bitwarden/.config/Bitwarden Directory Connector/data.json

entrypoint.sh

@@ -0,0 +1,77 @@
+#!/bin/sh
+set -e
+
+CONFIG_DIR="/home/bitwarden/.config/Bitwarden Directory Connector"
+CONFIG_FILE="${CONFIG_DIR}/data.json"
+
+if [ ! -f "$CONFIG_FILE" ]; then
+    echo "ERROR: Configuration file not found!"
+    echo "Please mount your data.json to: ${CONFIG_FILE}"
+    echo ""
+    echo "Example:"
+    echo "  docker run -v /path/to/data.json:\"${CONFIG_FILE}\":ro ..."
+    echo ""
+    echo "You can generate a data.json using the Bitwarden Directory Connector desktop app,"
+    echo "or by running this container interactively:"
+    echo "  docker run -it --entrypoint /bin/sh <image>"
+    echo "  bwdc login"
+    echo "  bwdc config directory <type>"
+    echo "  bwdc data-file"
+    exit 1
+fi
+
+SYNC_INTERVAL_MIN=${SYNC_INTERVAL_MIN:-5}
+SYNC_INTERVAL_SEC=$((SYNC_INTERVAL_MIN * 60))
+
+echo "Sync interval: every ${SYNC_INTERVAL_MIN} minutes."
+
+if [ -n "$BW_SERVER" ]; then
+    echo "Configuring server: ${BW_SERVER}"
+    /usr/local/bin/bwdc config server "${BW_SERVER}"
+fi
+
+if [ -n "$BW_DIRECTORY_TYPE" ]; then
+    echo "Configuring directory type: ${BW_DIRECTORY_TYPE}"
+    /usr/local/bin/bwdc config directory "${BW_DIRECTORY_TYPE}"
+fi
+
+# Configure directory-specific secret key based on directory type
+if [ -n "$BW_DIRECTORY_KEY" ]; then
+    case "${BW_DIRECTORY_TYPE}" in
+        0|ldap)
+            echo "Configuring LDAP password..."
+            /usr/local/bin/bwdc config ldap.password "${BW_DIRECTORY_KEY}"
+            ;;
+        1|azure)
+            echo "Configuring Azure AD key..."
+            /usr/local/bin/bwdc config azure.key "${BW_DIRECTORY_KEY}"
+            ;;
+        2|gsuite)
+            echo "Configuring GSuite key..."
+            /usr/local/bin/bwdc config gsuite.key "${BW_DIRECTORY_KEY}"
+            ;;
+        3|okta)
+            echo "Configuring Okta token..."
+            /usr/local/bin/bwdc config okta.token "${BW_DIRECTORY_KEY}"
+            ;;
+        4|onelogin)
+            echo "Configuring OneLogin secret..."
+            /usr/local/bin/bwdc config onelogin.secret "${BW_DIRECTORY_KEY}"
+            ;;
+        *)
+            echo "WARNING: BW_DIRECTORY_KEY set but BW_DIRECTORY_TYPE not recognized: ${BW_DIRECTORY_TYPE}"
+            echo "Valid types: 0 (ldap), 1 (azure), 2 (gsuite), 3 (okta), 4 (onelogin)"
+            ;;
+    esac
+fi
+
+echo "Logging in..."
+/usr/local/bin/bwdc login || echo "Already logged in, continuing..."
+
+echo "Starting sync loop..."
+while true; do
+    echo "[$(date)] Running sync..."
+    /usr/local/bin/bwdc sync
+    echo "Sleeping for ${SYNC_INTERVAL_SEC} seconds..."
+    sleep "${SYNC_INTERVAL_SEC}"
+done