diff --git a/ct/vaultwarden.sh b/ct/vaultwarden.sh index 20508d433..28d611a01 100644 --- a/ct/vaultwarden.sh +++ b/ct/vaultwarden.sh @@ -28,12 +28,8 @@ function update_script() { exit fi - VAULT=$(curl -fsSL https://api.github.com/repos/dani-garcia/vaultwarden/releases/latest | - grep "tag_name" | - awk '{print substr($2, 2, length($2)-3) }') - WVRELEASE=$(curl -fsSL https://api.github.com/repos/dani-garcia/bw_web_builds/releases/latest | - grep "tag_name" | - awk '{print substr($2, 2, length($2)-3) }') + VAULT=$(get_latest_github_release "dani-garcia/vaultwarden") + WVRELEASE=$(get_latest_github_release "dani-garcia/bw_web_builds") UPD=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SUPPORT" --radiolist --cancel-button Exit-Script "Spacebar = Select" 11 58 3 \ "1" "VaultWarden $VAULT" ON \ @@ -42,47 +38,57 @@ function update_script() { 3>&1 1>&2 2>&3) if [ "$UPD" == "1" ]; then - msg_info "Stopping Service" - systemctl stop vaultwarden - msg_ok "Stopped Service" + if check_for_gh_release "vaultwarden" "dani-garcia/vaultwarden"; then + msg_info "Stopping Service" + systemctl stop vaultwarden + msg_ok "Stopped Service" - msg_info "Updating VaultWarden to $VAULT (Patience)" - cd ~ && rm -rf vaultwarden - $STD git clone https://github.com/dani-garcia/vaultwarden - cd vaultwarden - $STD cargo build --features "sqlite,mysql,postgresql" --release - DIR=/usr/bin/vaultwarden - if [ -d "$DIR" ]; then - cp target/release/vaultwarden /usr/bin/ + fetch_and_deploy_gh_release "vaultwarden" "dani-garcia/vaultwarden" "tarball" "latest" "/tmp/vaultwarden-src" + + msg_info "Updating VaultWarden to $VAULT (Patience)" + cd /tmp/vaultwarden-src + $STD cargo build --features "sqlite,mysql,postgresql" --release + if [[ -f /usr/bin/vaultwarden ]]; then + cp target/release/vaultwarden /usr/bin/ + else + cp target/release/vaultwarden /opt/vaultwarden/bin/ + fi + cd ~ && rm -rf /tmp/vaultwarden-src + msg_ok "Updated VaultWarden to ${VAULT}" + + msg_info "Starting Service" + systemctl start vaultwarden + msg_ok "Started Service" + msg_ok "Updated successfully!" else - cp target/release/vaultwarden /opt/vaultwarden/bin/ + msg_ok "VaultWarden is already up-to-date" fi - cd ~ && rm -rf vaultwarden - msg_ok "Updated VaultWarden" - - msg_info "Starting Service" - systemctl start vaultwarden - msg_ok "Started Service" - msg_ok "Updated successfully!" exit fi + if [ "$UPD" == "2" ]; then - msg_info "Stopping Service" - systemctl stop vaultwarden - msg_ok "Stopped Service" + if check_for_gh_release "vaultwarden_webvault" "dani-garcia/bw_web_builds"; then + msg_info "Stopping Service" + systemctl stop vaultwarden + msg_ok "Stopped Service" - msg_info "Updating Web-Vault to $WVRELEASE" - $STD curl -fsSLO https://github.com/dani-garcia/bw_web_builds/releases/download/"$WVRELEASE"/bw_web_"$WVRELEASE".tar.gz - $STD tar -zxf bw_web_"$WVRELEASE".tar.gz -C /opt/vaultwarden/ - rm bw_web_"$WVRELEASE".tar.gz - msg_ok "Updated Web-Vault" + fetch_and_deploy_gh_release "vaultwarden_webvault" "dani-garcia/bw_web_builds" "prebuild" "latest" "/opt/vaultwarden" "bw_web_*.tar.gz" - msg_info "Starting Service" - systemctl start vaultwarden - msg_ok "Started Service" - msg_ok "Updated successfully!" + msg_info "Updating Web-Vault to $WVRELEASE" + rm -rf /opt/vaultwarden/web-vault + chown -R root:root /opt/vaultwarden/web-vault/ + msg_ok "Updated Web-Vault to ${WVRELEASE}" + + msg_info "Starting Service" + systemctl start vaultwarden + msg_ok "Started Service" + msg_ok "Updated successfully!" + else + msg_ok "Web-Vault is already up-to-date" + fi exit fi + if [ "$UPD" == "3" ]; then if NEWTOKEN=$(whiptail --backtitle "Proxmox VE Helper Scripts" --passwordbox "Set the ADMIN_TOKEN" 10 58 3>&1 1>&2 2>&3); then if [[ -z "$NEWTOKEN" ]]; then exit; fi @@ -93,6 +99,7 @@ function update_script() { sed -i "s|\"admin_token\":.*|\"admin_token\": \"${TOKEN}\"|" /opt/vaultwarden/data/config.json fi systemctl restart vaultwarden + msg_ok "Admin token updated" fi exit fi diff --git a/install/vaultwarden-install.sh b/install/vaultwarden-install.sh index b3ceb1e11..4eca65993 100644 --- a/install/vaultwarden-install.sh +++ b/install/vaultwarden-install.sh @@ -14,7 +14,7 @@ network_check update_os msg_info "Installing Dependencies" -$STD apt install -y git \ +$STD apt install -y \ build-essential \ pkgconf \ libssl-dev \ @@ -24,34 +24,25 @@ $STD apt install -y git \ ssl-cert msg_ok "Installed Dependencies" -WEBVAULT=$(curl -fsSL https://api.github.com/repos/dani-garcia/bw_web_builds/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') -VAULT=$(curl -fsSL https://api.github.com/repos/dani-garcia/vaultwarden/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') +setup_rust +fetch_and_deploy_gh_release "vaultwarden" "dani-garcia/vaultwarden" "tarball" "latest" "/tmp/vaultwarden-src" -msg_info "Installing Rust" -curl -fsSL https://sh.rustup.rs -o rustup-init.sh -$STD bash rustup-init.sh -y --profile minimal -echo 'export PATH="$HOME/.cargo/bin:$PATH"' >>~/.bashrc -export PATH="$HOME/.cargo/bin:$PATH" -rm rustup-init.sh -msg_ok "Installed Rust" - -msg_info "Building Vaultwarden ${VAULT} (Patience)" -$STD git clone https://github.com/dani-garcia/vaultwarden -cd vaultwarden +msg_info "Building Vaultwarden (Patience)" +cd /tmp/vaultwarden-src $STD cargo build --features "sqlite,mysql,postgresql" --release -msg_ok "Built Vaultwarden ${VAULT}" +msg_ok "Built Vaultwarden" +msg_info "Setting up Vaultwarden" $STD addgroup --system vaultwarden $STD adduser --system --home /opt/vaultwarden --shell /usr/sbin/nologin --no-create-home --gecos 'vaultwarden' --ingroup vaultwarden --disabled-login --disabled-password vaultwarden -mkdir -p /opt/vaultwarden/bin -mkdir -p /opt/vaultwarden/data +mkdir -p /opt/vaultwarden/{bin,data,web-vault} cp target/release/vaultwarden /opt/vaultwarden/bin/ +cd ~ && rm -rf /tmp/vaultwarden-src +msg_ok "Set up Vaultwarden" -msg_info "Downloading Web-Vault ${WEBVAULT}" -$STD curl -fsSLO https://github.com/dani-garcia/bw_web_builds/releases/download/"$WEBVAULT"/bw_web_"$WEBVAULT".tar.gz -$STD tar -xzf bw_web_"$WEBVAULT".tar.gz -C /opt/vaultwarden/ -msg_ok "Downloaded Web-Vault ${WEBVAULT}" +fetch_and_deploy_gh_release "vaultwarden_webvault" "dani-garcia/bw_web_builds" "prebuild" "latest" "/opt/vaultwarden/web-vault" "bw_web_*.tar.gz" +msg_info "Configuring Vaultwarden" cat </opt/vaultwarden/.env ADMIN_TOKEN='' ROCKET_ADDRESS=0.0.0.0 @@ -61,22 +52,23 @@ DATABASE_MAX_CONNS=10 WEB_VAULT_FOLDER=/opt/vaultwarden/web-vault WEB_VAULT_ENABLED=true EOF - mv /etc/ssl/certs/ssl-cert-snakeoil.pem /opt/vaultwarden/ mv /etc/ssl/private/ssl-cert-snakeoil.key /opt/vaultwarden/ -msg_info "Creating Service" chown -R vaultwarden:vaultwarden /opt/vaultwarden/ chown root:root /opt/vaultwarden/bin/vaultwarden chmod +x /opt/vaultwarden/bin/vaultwarden chown -R root:root /opt/vaultwarden/web-vault/ chmod +r /opt/vaultwarden/.env +msg_ok "Configured Vaultwarden" -service_path="/etc/systemd/system/vaultwarden.service" -echo "[Unit] +msg_info "Creating Service" +cat </etc/systemd/system/vaultwarden.service +[Unit] Description=Bitwarden Server (Powered by Vaultwarden) Documentation=https://github.com/dani-garcia/vaultwarden After=network.target + [Service] User=vaultwarden Group=vaultwarden @@ -99,10 +91,11 @@ LockPersonality=yes WorkingDirectory=/opt/vaultwarden ReadWriteDirectories=/opt/vaultwarden/data AmbientCapabilities=CAP_NET_BIND_SERVICE + [Install] -WantedBy=multi-user.target" >$service_path -systemctl daemon-reload -$STD systemctl enable --now vaultwarden +WantedBy=multi-user.target +EOF +systemctl enable -q --now vaultwarden msg_ok "Created Service" motd_ssh