Bitwarden Python

Posted By admin On 30.04.21

Bitwarden Cli Python
Bitwarden Python
Bitwarden Python Client

Latest version

Released:

GIMP (gimp-2.6.exe). GIMP is a free versatile graphics manipulation package. Each task requires a different environment and GIMP allows you to customize the view and behavior the way you like it.GIMP features a great fullscreen mode allowing you to not only preview your artwork but also do editing work while using the most of your screen. Thoughtful Automation BitWarden CLI installation package. Free software: MIT license; Documentation: https://ta-bitwarden-cli.readthedocs.io. About Press Copyright Contact us Creators Advertise Developers Terms Privacy Policy & Safety How YouTube works Test new features Press Copyright Contact us Creators.

The official Bitwarden self-hosted server is located at https. Features of python. Co-learning Lounge in Co-Learning Lounge. How to Launch AWS CloudFormation using Lamba function. Bitwarden API Documentation.

Cross Platform Bitwarden library and CLI with sudolikeaboss.

Project description

Cross Platform Bitwarden library and CLI with sudolikeaboss functionality.
This repo houses both python and rust versions.
source repo lives @ https://fossil.birl.ca/bitwarden-cli/home
But is mirrored to github:
https://github.com/birlorg/bitwarden-cli
Documentation: https://fossil.birl.ca/bitwarden-cli/doc/trunk/docs/build/html/index.html
Historic fun fact: all crypto code had to be written and stored outside
of the USA at one time.
------------------------------------------------------------
EXAMPLE USAGE:
ALIAS bw=bitwarden
GET HELP:
---------
$ bitwarden --help
Usage: bitwarden [OPTIONS] COMMAND [ARGS]...
Bitwarden CLI program.
Options:
--url TEXT
--identurl TEXT
--debug / --no-debug
--db TEXT
--help Show this message and exit.
Commands:
deletedb ***THIS ERASES DATA*** Flush and empty the...
fetch_name fetch by name.
fetch_uuid fetch by UUID.
find find query in username,uri this does a simpe...
login login to server.
logout logout from server, stop agent and forget all...
pull pull all records from server, updating local...
register register a new account on server.
slab run in slab mode.
sql query the local data store using SQL.
status Show various statistics.
$ bitwarden find --help
Usage: bitwarden find [OPTIONS] QUERY
find query in username,uri
this does a simpe python string find i.e.:
if query in username:
but searches against username and first url
You can export it in almost any format you wish with -f
to get the password once you found an entry use fetch_uuid
complicated example:
bw find example.com -f tsv --no-headers | fzf | cut -f 1 | xargs bitwarden fetch_uuid -p
which means: find all entries with example.com in them, use fzf to select
a record and return only the password.
Options:
-f, --format [csv|tsv|json|yaml|html|xls|xlsx|dbf|latex|ods]
--headers / --no-headers
--help Show this message and exit.
---- USAGE:
login:
bw login nobody@example.com
it will prompt you for a password. if you are
a moron, you can specify it with --password <MY PASSWORD HERE> but don't be a
moron.
SLAB mode: 'sudolikeaboss is a simple application that aims to make your life as
a dev, ops, or just a random person who likes to ssh and sudo into boxes much,
much easier by allowing you to access your bitwarden passwords on the terminal.
All you need is iterm2, bitwarden, a mac, and a dream.' - from:
https://github.com/ravenac95/sudolikeaboss
slab command for iTerm2:
export LANG=en_CA.UTF-8;export LOCALE=en_CA.UTF-8; /usr/local/bin/bitwarden slab
if you speak a different language, change the LOCALE and LANG settings above.
We support self-hosted installations just pass --url and --identurl The url will
be saved indefinitely, you do not need to set it every time (not even when you
login again, it will be remembered) see bw login --help for details.
-----------------------------------------------------------------------
SECURITY:
Bitwarden works by having a 'master key' that is computed from your email and
password. This needs to be kept 'safe', but this is a CLI program. We could
store the master key on disk somewhere, but that's a bad idea.
The way we do this is with an in-memory 'agent' that listens on a 127.0.0.1 port
(configurable, but defaults to 6277) see: python/bitwarden/agent.py for all the
details. Bonus if you figure out why that port # :). Ideally on POSIX platforms
it would use a socket on disk somewhere to communicate, but I wanted this to
work on Windows, so this is what we can do.. :) patches welcoome to fix this up
on POSIX.
when you login, it starts up the agent, with a timeout set to the login
access_token timeout in seconds, since we do not currently support re-freshing
the token. At the end of the token lease, the agent will kill itself and stop
running. (this is configurable, but not exported to the CLI yet -- patches
welcome)
The agent requires a token to get the master key from it's in-memory store.
This is currently 16 bytes of os.urandom() on startup and is stored on disk, but
changes every time a new agent runs.details are in python/bitwarden/db.py
This should mostly function fine on Windows, but is currently untested. bug
reports and patches welcome.
-----------------------------------------------------------------------
INSTALLATION
NOTE: the rust and python are 2 different implementations that are not
(currently) tied together. you need not install both, just install one (the
pythone one currently if you want it to work)..
rust installation:
clone the repo (either fossil or git)
cd rust cargo build --release
cp target/release/bitwarden /usr/local/bin/bitwarden
then follow DB setup instructions below.
python installation:
clone the repo (either fossil or git)
cd python
python3 setup.py install
then follow DB setup instructions below.
or better yet, use pipenv.
Common to both, the DB setup:
If you have liquibase and the sqlite JDBC driver,
run tools/lb.sh Otherwise copy over the blank DB (with schema installed) I
include in the tools/ dir the directory it belongs in is platform dependent, run
bitwarden and it will tell you. Alternatively you can put the DB wherever you
like and always prepend --db to your commands (not recommended)
-------------------------------------------------------------------
TROUBLESHOOTING:
export DEBUG=true and then run bitwarden. or bitwarden --debug <cmd>
It will output LOTS
of stuff, some of it is security sensitive, so be careful when you copy/paste
the logs.
either email or reach out via fossil or github tickets.
--------------------------------
TODO planned(code welcome):
* Finish off minimal implementation(MVP) of the python version (add, etc)
* Build and release executables for mac and windows. build Makefile to automate
this.
* Finish off rust crypto and agent, port python version to use rust crypto and
agent
* Add server support (i.e. can also act like a server, so you could for
instance have your local browser and desktop talk locally and work 100%
off-line)
* Fix up documentation in
HTML(http://fossil-scm.org/index.html/doc/trunk/www/embeddeddoc.wiki) and
make prettier.
Goals:
* be a useful bitwarden tool that works on openBSD, debian, macOS and windows
since these are the platforms I spend most of my time on. UI is abysmal,
thanks to @kspearrin for doing that slog, go pay him, I do.
* Be able to work off-line completely if you wish. This mostly works now.
Non-Goals:
* GUI's because writing them is misery. @kspearrin has this well-handled! YAY!
The idea behind the CLI here is to think of the server as a place to push / pull
againt. The local copy of the DB should be resilient and not erase anything
ever without explicitly saying so, so that full historic backups are possible.
think more like revision control. This is not fully fleshed out, at the time
of this writing..
-----------
Contributing:
If you use fossil, just send me a place to pull from or setup a login and
email/contact me and I will give you push rights. if you refuse to use fossil,
you can email me patches. Or you can use github and pull-requests, I guess.
Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you shall be dual licensed as above, without any
additional terms or conditions.
License
Licensed under either of
Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT) at your option.
email: bitwarden @at@ birl.ca

Release historyRelease notifications | RSS feed

0.4.0

0.3.1

0.3.0

0.2.4

0.2.3

0.2.2

0.2.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for bitwarden, version 0.4.0
Filename, size	File type	Python version	Upload date	Hashes
Filename, size bitwarden-0.4.0-py3-none-any.whl (23.4 kB)	File type Wheel	Python version py3	Upload date	Hashes
Filename, size bitwarden-0.4.0.tar.gz (23.7 kB)	File type Source	Python version None	Upload date	Hashes

Hashes for bitwarden-0.4.0-py3-none-any.whl

Hashes for bitwarden-0.4.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`6d77a2ba062da9175ab2e6e86e3ccab5861759768ac2cd6175ac003868ab9d9c`
MD5	`6475ac5084c436922ddc4b643feaac20`
BLAKE2-256	`f02707a141d81c7f1b8e0b44e7b9b6476f59498051b4bd1ee5c87265142970bd`

Hashes for bitwarden-0.4.0.tar.gz

Hashes for bitwarden-0.4.0.tar.gz
Algorithm	Hash digest
SHA256	`ef5b06809d3ecc883133b115c3e6c22a1aa76492f46efbe20e0a3f3093c5d902`
MD5	`6ca14816bafc2902bfb7982b91997ce0`
BLAKE2-256	`8040fea3195de0d7440499690a5d41423f21f7e07cfad5c3cd5791decc3611cb`

Overview¶

How do I run DietPi-Software and install optimised software?

To install any of the DietPi optimised software listed below run from the command line:

Choose Software Optimised and select one or more items. Finally click on Install. DietPi will do all the necessary steps to install and start these software items.

To see all the DietPi configurations options, review DietPi Tools section.

ownCloud¶

The ownCloud package turns your DietPi system into your very own personal cloud based backup/data storage system (e.g.: Dropbox).

Also Installs:

Webserver
USB dedicated hard drive highly recommended

Access to the web interface

URL = http://<your.IP>/owncloud
Username = admin
Password = <your global password>

If you may want to configure your ownCloud from command line via occ command see the ownCloud admin manual.

To simplify this configuration, DietPi has added a shortcut to the otherwise necessary sudo -u www-data php /var/www/owncloud/occ.
Just use inside your terminal:

Update ownCloud to the latest version

Option: Use the web-based updater from within the ownCloud web UI settings.
Option: Use the updater script from console (recommended):
Follow the official documentation for a manual upgrade process: https://doc.owncloud.com/server/admin_manual/maintenance/manual_upgrade.html

FAQ

Where is my data stored?

/mnt/dietpi_userdata/owncloud_data (or dietpi.txt choice)

Why am I limited to 2 GiB file size uploads?

DietPi will automatically apply the max supported upload size to the PHP and ownCloud configs.

32-bit systems can handle 2 GB
64-bit systems can handle 8796 PB, yep, in petabyte
echo -e '$(( $(php -r 'print(PHP_INT_MAX);') / 1024 / 1024))MB'

Will my data be saved after deinstallation?

Your userdata directory will stay after deinstallation.
As well a database backup will be saved to your userdata directory. Thus you can easily restore your instance by reinstalling ownCloud and restore the database dump.

Website: https://owncloud.com
Official documentation: https://doc.owncloud.org/server/admin_manual

YouTube video tutorial: How to Install DietPi OwnCloud on Raspberry Pi.

Nextcloud¶

Nextcloud gives you access to all your files wherever you are. Store your documents, calendar, contacts and photos on a server at home, at one of our providers or in a data center you trust.

Quick start

Access the web interface using the next URL when running on SBC (http://localhost/nextcloud/) or the IP address / hostname of your DietPi device (e.g.: http://192.168.0.100/nextcloud/).

Username = admin
Password = <your global password>

Nextcloud is installed together with the webserver. To fast access the files, a dedicated USB hard drive is highly recommended.

Bitwarden Cli Python

Advanced configuration

For an advanced setup you could further configure your Nextcloud setup from the command line - see the Nextcloud Admin guide.

To simplify this configuration, DietPi has added a shortcut to the otherwise necessary sudo -u www-data php /var/www/nextcloud/occ.
Just use inside your terminal:

Brute-force protection

Nextcloud offers built-in brute force protection and additionally a plugin Brute-force settings.
This will delay your login rate in case of several failed login attempts.

This protection can be extended with Fail2Ban (see following tab).

Nextcloud Talk¶

Host video calls on your own Nextcloud instance. The TURN server Coturn will be installed and configured as well to allow reliable video calls through outside the local network, NAT and firewall setups.

Also installs:

Nextcloud
Coturn

Installation notes¶

During installation you will be asked to enter the external server domain and a port, that you want to use for the Coturn TURN server. Note that you need to forward the chosen port and/or open it in your firewall.

If HTTPS was or is enabled via dietpi-letsencrypt, Coturn will be configured to use the LetsEncrypt certificates for TLS connections on the chosen TURN server port automatically.
Coturn by default will listen to non-TLS requests as well on the port configured in /etc/turnserver.conf. You can force TLS/control this by switching port forwarding in your router and/or opening/dropping ports in your firewall.

Coturn logging by default is disabled via /etc/default/coturn command arguments, since it is very verbose and produces much disk I/O. You can enable and configure logging via /etc/turnserver.conf, if required.

Website: https://nextcloud.com/talk

Pydio¶

Pydio is a feature-rich backup and sync server with web interface. Similar to ownCloud with vast configuration options to meet your “cloud” needs.

Also Installs:

Webserver

Access to the web interfaceFirst time connect

Ignore the warnings and click the button titled CLICK HERE TO CONTINUE TO PYDIO.
Remark: If you require SSL access, please use LetsEncrypt to set this up.
The wizard can now be started, click the start wizard > button to begin.
Enter and create a new admin account for use with Pydio. Then click the >> button.
Under database details, enter the following:
- Database type = MySQL
- Host = localhost
- Database = pydio
- User = pydio
- Password = dietpi
- Use MySqli = No
Click test connection, when successful, click the >> button.
Under advanced options, use the default values, then click the Install Pydio button.

Setup sync client on remote systems

Once the server has been configured (as per above):

Download the sync client for your system: https://pydio.com/en/get-pydio/downloads/pydiosync-desktop-app
When configuring the remote server, use the following:
- Select HTTP option (unless you have setup an SSL cert)
- URL = http://<your.IP>/pydio (replace IP with your system IP)
- User = The “admin” user you setup in initial setup.
- Password = The “admin” password you setup in initial setup.

Website: https://pydio.com

UrBackup¶

UrBackup Server is an Open Source client/server backup system, that through a combination of image and file backups accomplishes both data safety and a fast restoration time.
Basically, it allows you to create a complete system backup, using a simple web interface, for systems on your network.

Access to the web interface

The web interface is accessible via port 55414:

URL = http://<your.IP>:55414
Remark: Change the IP address for your system.

Backup storage location

The location of the backups can be changed in the web interface:

Select Settings.
Change the Backup Storage Path: /mnt/dietpi_userdata/urbackup is recommended.
Click Save.
Restart service with systemctl restart urbackupsrv.

Download the client

Install the appropriate client on the systems you wish to backup from https://www.urbackup.org/download.html#client_windows.

Website: https://www.urbackup.org/index.html

Gogs¶

Your very own GitHub style server, with web interface.

Access to the web interface

The web interface is accessible via port 3000:

Bitwarden Python

URL = http://<your.IP>:3000

First run setup

Has to be done once, when connected to the web interface:

Change the following values only:
- Database = MySQL
- User = gogs
- Database password = <your global password>
- Repository Root Path = /mnt/dietpi_userdata/gogs-repo
- Run User = gogs
- Log Path = /var/log/gogs
- Email service settings > From = anyone@anyemail.com
Scroll to the bottom of page and select Install Gogs
When the web address changes to localhost: and fails to load, you need to reconnect to the web page using the IP address (e.g.: http://<your.IP>:3000)
Once the page has reloaded, you will need to click register to create the admin account

External access

If you wish to allow external access to your Gogs server, you will need to setup port forwarding on your router, pointing to the IP address of your DietPi device.

Port = 3000
Protocol = TCP+UDP

Website: https://gogs.io

Gitea¶

Your very own GitHub style server, with web interface.

Access to the web interface

The web interface is accessible via port 3000:

URL = http://<your.IP>:3000

First run setup

Has to be done once, when connected to the web interface:

Change the following values only:
- MySQL database user = gitea
- MySQL database password = dietpi
- Repository root path = /mnt/dietpi_userdata/gitea/gitea-repositories
- Log path = /var/log/gitea
Scroll to the bottom of page and select Install Gitea
When the web address changes to localhost: and fails to load, you need to reconnect to the web page using the IP address (e.g.: http://<your.IP>:3000)
Once the page has reloaded, you will need to click register to create the admin account

External access

If you wish to allow external access to your Gitea server, you will need to setup port forwarding on your router, pointing to the IP address of your DietPi device.

Port = 3000
Protocol = TCP+UDP

If an external access is used, the activation of the package Let’s Encrypt - Enable HTTPS / SSL is strongly recommended to increase your system security.

Fail2Ban integration

Using Fail2Ban your can block users after failed login attempts. This hardens your system, e.g. against brute-force attacks.

Create new filter /etc/fail2ban/filter.d/gitea.conf:
Create new jail /etc/fail2ban/jail.d/gitea.conf:
As not specified here, Fail2Ban uses properties like maxretry, bantime, etc. from /etc/fail2ban/jail.conf or /etc/fail2ban/jail.local (if present). Note the setting backend = auto. By default, backend is set to systemd in /etc/fail2ban/jail.conf. As a result, Fail2Ban ignores the logpath entry here in the jail gitea.conf, with the consequence, that Fail2Ban does not recognize an attack on Gitea (port 3000) even though attacks are listed in /var/log/gitea/gitea.log.
Restart Fail2Ban: systemctl restart fail2ban.
Test your settings by trying to sign in multiple times from a remote PC with a wrong user or password. After maxretry attempts your IP must be banned for bantime seconds (DietPi does not respond anymore) as the default action by Fail2Ban is route, specified in /etc/fail2ban/action.d/route.conf.
Check the current status on your DietPi with fail2ban-client status gitea.
See also:

Update to latest version

You can easily update Gitea by reinstalling it. Your settings and data are preserved by this:

Website: https://gitea.io

Syncthing¶

Backup and sync server with web interface. Extremely lightweight and efficient as no webserver is required.

Access to the web interface

The web interface is accessible via port 8384:

URL = http://<your.IP>:8384

First run setup

Has to be done once, when connected to the web interface.

When the Danger! Please set a GUI Authentication User and Password in the Settings dialog. box appears, click the settings button inside the box.
Under GUI Authentication User and GUI Authentication Password: Enter new login details you would like to use for access to the web interface. Then click save.

DietPi will automatically setup your default folder share to /mnt/dietpi_userdata.

Setup a second system to sync with

In this example we will use a Windows system. The goal is to “sync” the user data from your DietPi device with another system.

Download, extract and run the Windows application syncthing.exe: https://syncthing.net/downloads/.
Syncthing web interface will load automatically, if not, you can access it via http://127.0.0.1:8384/.
- Click Actions at the top right, then select Show ID. Copy the UUID code.
On the DietPi device, open the web interface and click Add remote device (bottom right).
- Under Device ID, paste in the UUID we copied earlier.
- Under Device name, enter any name. e.g.: My Windows PC.
- Under Share Folders With Device tick/select DietPi user data, then click save.
After a few seconds, go back to the Windows web interface http://127.0.0.1:8384/. You should receive a message asking you to confirm the new device, click Add Device.
- Under Share Folders With Device tick/select DietPi user data, then click save.

You devices should now duplicate the user data from your DietPi device to your Windows PC.

Website: https://syncthing.net

MinIO¶

It is an open source Kubernetes Native, High Performance Object Storage (S3 Compatible). It helps building cloud-native data infrastructure for machine learning, analytics and application data workloads.

Quick start

The web interface is accessible via port 9000:

URL = http://<your.IP>:9000

Website: https://min.io/product/overview
Official documentation: https://docs.min.io

Bitwarden Python Client

Firefox Sync Server¶

This is Mozilla’s Firefox Sync Server which manages syncing Firefox instance bookmarks, history, tabs and passwords across devices. Out of the box it runs on a Python server for small loads and can be configured to run behind Nginx or Apache.

Configure Firefox

Open about:config to access advanced settings.
Search for: identity.sync.tokenserver.uri.
Set value to: http://<your.IP>:5000/token/1.0/sync/1.5.
- We recommend to access your Firefox Sync Server only from local network or via VPN, keeping the default listening port 5000 closed for access from outside of your LAN.
- If you need to access it remotely without VPN, adjust the public_url setting inside the config file /mnt/dietpi_userdata/firefox-sync/syncserver.ini to contain your public IP or domain and desired port.

Directories

Install directory: /opt/firefox-sync
Data directory: /mnt/dietpi_userdata/firefox-sync
Config file: /mnt/dietpi_userdata/firefox-sync/syncserver.ini

View logs

View the logs by executing:

Update to latest version

You can easily update the Firefox Sync Server by reinstalling it. Your settings and data are preserved by this:

Source code: mozilla-services/syncserver

Credits: This software title has been added to DietPi-Software by CedArctic, many thanks! :D

Bitwarden_RS¶

Bitwarden_RS is an unofficial Bitwarden password manager server with web interface, written in Rust.

First access

During install, a self-signed 4096-bit RSA TLS certificate is created to allow encrypted HTTPS access, which is required for access with most Bitwarden clients and reasonable as of the sensitivity of the data a password manager handles.
Most web browsers will warn you on access that the certificate is not trusted, although usually you can choose to ignore that and still access the web vault.
Most Bitwarden clients on the other hand will deny to access your server, as long as the certificate is not trusted.
As far as you have a public domain name for your DietPi server, we recommend to request an official trusted CA certificate, e.g. via dietpi-letsencrypt and setup either a reverse proxy, or configure Bitwarden_RS to use the retrieved key and certificate directly via ROCKET_TLS setting in the config file (see “Directories” tab).

How do I add a self-signed certificate to the OS’ Trusted Root Certification Authorities store?

Windows 10

In your browser, next to the address bar, select the warning or lock icon. Then select the certificate button to open Windows’ Certificate view.
Switch to the “Details” tab.
Select “Save to file”.
In the newly opened window, select “Continue”.
Leave default DER coding and select “Continue”.
Select “Browse” to chose a target file location.
Choose a target file location and name, it is only required temporarily.
Select “Continue”.
Select “Finish”.
Double-click the created certificate file and select “Install certificate”.
Select “Local system”.
Select “Continue”, which requires administrator permissions.
Choose “Save all certificates to the following store”.
Select “Browse”.
Select “Trusted Root Certification Authorities”.
Select “Ok”.
Select “Continue”.
Select “Finish”.

macOS

In your browser (note that this cannot be done in Safari), next to the address bar, select the warning or lock icon. Then select the “Certificate (Invalid)” button.
Drag the certificate icon to your desktop, it is only required temporarily.
Double-click on the certificate file.
On the “Keychain” dropdown, select “System”.
Select “Add”.
Enter an administrator username and password.
Select “Modify Keychain”.
Double-click on the certificate in the list.
Select “Trust”.
On the “Secure Sockets Layer (SSL)” dropdown, select “Always Trust”.
Click the red button in the top left corner of the window.
Enter an administrator username and password.
Select “Update Settings”.

Web access

The web interface is accessible via port 8001:

URL = https://<your.IP>:8001
On first access, you need to create an account, either via web UI or via client (see “Client access” tab).

Client access

Any official Bitwarden client will work: https://bitwarden.com/download

Select the settings cog at the top left of the window.
Add https://<your.IP>:8001 into the custom server field.
Create a new account, which will be created on your own server only.

Directories

Install directory: /opt/bitwarden_rs
Data directory: /mnt/dietpi_userdata/bitwarden_rs
Config file: /mnt/dietpi_userdata/bitwarden_rs/bitwarden_rs.env

View logsUpdate to latest version

Official documentation: https://github.com/dani-garcia/bitwarden_rs/wiki
Forum: https://bitwardenrs.discourse.group
Source code: dani-garcia/bitwarden_rs
Open-source license: GPLv3

Credits: This software title has been added to DietPi-Software by CactiChameleon9. Thank you!

FuguHub¶

FuguHub transforms your DietPi device into a secure online storage system, letting you access and share files from any connected computer or device.

Quick access

Open the browser http://<your.IP>.
On the first access, an admin account needs to be created to log in with (to fully control the FuguHub app).

FuguHub runs by default on port 80 and optional 443, making it incompatible with a regular webserver using the default setup.

Interactive install

Press Enter to continue
Press Y to accept license
Press Y for VPS or N for home/office server
Choose whether to install an internal BitTorrent client.

It is recommended to use the a dedicated BitTorrent server, if required: https://dietpi.com/docs/software/bittorrent/

Setup details:

Install directory: /home/bd
Config file: /home/bd/bdd.conf
Data directory: /mnt/dietpi_userdata/fuguhub-data

View logs

Service: journalctl -u bdd
Trace: /home/bd/trace/
It contains an info about the database creation only, even after playing around with the web UI a bit.

Website: https://fuguhub.com