We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
Proxmox-scripts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add files via upload

tteckster 3 years ago
parent
798e2ea593
commit
b5c83daf7a
1 changed files with 147 additions and 0 deletions
Split View Show Diff Stats
  1. 147 0
      setup/vault_setup.sh

+ 147 - 0
setup/vault_setup.sh
View File 

@@ -0,0 +1,147 @@
 
+#!/usr/bin/env bash
 
+
 
+set -o errexit
 
+set -o errtrace
 
+set -o nounset
 
+set -o pipefail
 
+shopt -s expand_aliases
 
+alias die='EXIT=$? LINE=$LINENO error_exit'
 
+CROSS='\033[1;31m\xE2\x9D\x8C\033[0m'
 
+CHECKMARK='\033[0;32m\xE2\x9C\x94\033[0m'
 
+RETRY_NUM=5
 
+RETRY_EVERY=3
 
+NUM=$RETRY_NUM
 
+trap die ERR
 
+trap 'die "Script interrupted."' INT
 
+
 
+function error_exit() {
 
+  trap - ERR
 
+  local DEFAULT='Unknown failure occured.'
 
+  local REASON="\e[97m${1:-$DEFAULT}\e[39m"
 
+  local FLAG="\e[91m[ERROR:LXC] \e[93m$EXIT@$LINE"
 
+  msg "$FLAG $REASON"
 
+  exit $EXIT
 
+}
 
+function msg() {
 
+  local TEXT="$1"
 
+  echo -e "$TEXT"
 
+}
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Setting up Container OS... \e[0m"
 
+sed -i "/$LANG/ s/\(^# \)//" /etc/locale.gen
 
+locale-gen >/dev/null
 
+while [ "$(hostname -I)" = "" ]; do
 
+  1>&2 echo -e "${CROSS} \e[1;31m No Network: \e[0m $(date)"
 
+  sleep $RETRY_EVERY
 
+  ((NUM--))
 
+  if [ $NUM -eq 0 ]
 
+  then
 
+    1>&2 echo -e "${CROSS} \e[1;31m No Network After $RETRY_NUM Tries \e[0m"
 
+    exit 1
 
+  fi
 
+done
 
+  echo -e "${CHECKMARK} \e[1;92m Network Connected: \e[0m $(hostname -I)"
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Updating Container OS... \e[0m"
 
+apt-get update &>/dev/null
 
+apt-get -qqy upgrade &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Installing Dependencies... \e[0m"
 
+apt-get update &>/dev/null
 
+apt-get -qqy install \
 
+    git \
 
+    nano \
 
+    wget \
 
+    htop \
 
+    pkg-config \
 
+    openssl \
 
+    libssl1.1 \
 
+    libssl-dev \
 
+    curl \
 
+    sudo &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Installing Build Essentials... \e[0m"
 
+apt-get install -y build-essential &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Installing Rust... \e[0m"
 
+curl https://sh.rustup.rs -sSf | sh -y 
+echo 'export PATH=~/.cargo/bin:$PATH' >> ~/.bashrc 
+export PATH=~/.cargo/bin:$PATH 
+which rustc &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Installing Node.js... \e[0m"
 
+curl -fsSL https://deb.nodesource.com/setup_16.x | bash - &>/dev/null
 
+apt-get install -y nodejs &>/dev/null
 
+npm -g install npm@7 &>/dev/null
 
+which npm &>/dev/null
 
+npm i npm@latest -g &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Building Vaultwarden... \e[0m"
 
+git clone https://github.com/dani-garcia/vaultwarden && pushd vaultwarden &>/dev/null
 
+cargo clean && cargo build --features sqlite --release &>/dev/null
 
+file target/release/vaultwarden &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Building Web-Vault... \e[0m"
 
+pushd target/release/ &>/dev/null
 
+git clone --recurse-submodules https://github.com/bitwarden/web.git web-vault.git && cd web-vault.git &>/dev/null
 
+git checkout v2.25.1 &>/dev/null
 
+git submodule update --init --recursive &>/dev/null
 
+wget https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/v2.25.0.patch &>/dev/null
 
+git apply v2.25.0.patch &>/dev/null
 
+npm ci --legacy-peer-deps && npm audit fix --legacy-peer-deps || true && npm run dist:oss:selfhost &>/dev/null
 
+cp -a build ../web-vault &>/dev/null
 
+cd ..
 
+mkdir data &>/dev/null
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Create Systemd Service... \e[0m"
 
+cp ../../.env.template /etc/vaultwarden.env &>/dev/null
 
+cp vaultwarden /usr/bin/vaultwarden &>/dev/null
 
+chmod +x /usr/bin/vaultwarden &>/dev/null
 
+useradd -m -d /var/lib/vaultwarden vaultwarden &>/dev/null
 
+sudo cp -R data /var/lib/vaultwarden/ &>/dev/null
 
+cp -R web-vault /var/lib/vaultwarden/ &>/dev/null
 
+chown -R vaultwarden:vaultwarden /var/lib/vaultwarden &>/dev/null
 
+
 
+service_path="/etc/systemd/system/vaultwarden.service" &>/dev/null
 
+
 
+echo "[Unit]
 
+Description=Bitwarden Server (Powered by Vaultwarden)
 
+Documentation=https://github.com/dani-garcia/vaultwarden
 
+
 
+After=network.target
 
+
 
+[Service]
 
+User=vaultwarden
 
+Group=vaultwarden
 
+EnvironmentFile=/etc/vaultwarden.env
 
+ExecStart=/usr/bin/vaultwarden
 
+LimitNOFILE=1048576
 
+LimitNPROC=64
 
+PrivateTmp=true
 
+PrivateDevices=true
 
+ProtectHome=true
 
+ProtectSystem=strict
 
+WorkingDirectory=/var/lib/vaultwarden
 
+ReadWriteDirectories=/var/lib/vaultwarden
 
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 
+
 
+[Install]
 
+WantedBy=multi-user.target" > $service_path
 
+
 
+echo -e "${CHECKMARK} \e[1;92m Customizing Container... \e[0m"
 
+rm /etc/motd
 
+rm /etc/update-motd.d/10-uname
 
+touch ~/.hushlogin
 
+GETTY_OVERRIDE="/etc/systemd/system/container-getty@1.service.d/override.conf"
 
+mkdir -p $(dirname $GETTY_OVERRIDE)
 
+cat << EOF > $GETTY_OVERRIDE
 
+[Service]
 
+ExecStart=
 
+ExecStart=-/sbin/agetty --autologin root --noclear --keep-baud tty%I 115200,38400,9600 \$TERM
 
+EOF
 
+systemctl daemon-reload
 
+systemctl restart $(basename $(dirname $GETTY_OVERRIDE) | sed 's/\.d//')
 
+systemctl enable vaultwarden.service &>/dev/null
 
+systemctl start vaultwarden.service &>/dev/null
 
+echo -e "${CHECKMARK} \e[1;92m Cleanup... \e[0m"
 
+rm -rf /vault_setup.sh /var/{cache,log}/* /var/lib/apt/lists/*

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5