We use cookies to ensure you get the best experience on our website
Accueil Explorer Aide
S'inscrire Connexion
0ct0pu5
/
Proxmox-scripts
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 00ec87e46b
Branches Tags
Proxmox-scripts
/
setup
/
vaultwarden-install.sh

vaultwarden-install.sh 4.6 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163 
  1. #!/usr/bin/env bash -ex
    2. 

  2. set -euo pipefail
    3. 

  3. shopt -s inherit_errexit nullglob
    4. 

  4. YW=`echo "\033[33m"`
    5. 

  5. RD=`echo "\033[01;31m"`
    6. 

  6. BL=`echo "\033[36m"`
    7. 

  7. GN=`echo "\033[1;92m"`
    8. 

  8. CL=`echo "\033[m"`
    9. 

  9. RETRY_NUM=10
    10. 

  10. RETRY_EVERY=3
    11. 

  11. NUM=$RETRY_NUM
    12. 

  12. CM="${GN}✓${CL}"
    13. 

  13. CROSS="${RD}✗${CL}"
    14. 

  14. BFR="\\r\\033[K"
    15. 

  15. HOLD="-"
    16. 

  16. 

  17. function msg_info() {
    18. 

  18.     local msg="$1"
    19. 

  19.     echo -ne " ${HOLD} ${YW}${msg}..."
    20. 

  20. }
    21. 

  21. 

  22. function msg_ok() {
    23. 

  23.     local msg="$1"
    24. 

  24.     echo -e "${BFR} ${CM} ${GN}${msg}${CL}"
    25. 

  25. }
    26. 

  26. 

  27. msg_info "Setting up Container OS "
    28. 

  28. sed -i "/$LANG/ s/\(^# \)//" /etc/locale.gen
    29. 

  29. locale-gen >/dev/null
    30. 

  30. while [ "$(hostname -I)" = "" ]; do
    31. 

  31.   1>&2 echo -en "${CROSS}${RD}  No Network! "
    32. 

  32.   sleep $RETRY_EVERY
    33. 

  33.   ((NUM--))
    34. 

  34.   if [ $NUM -eq 0 ]
    35. 

  35.   then
    36. 

  36.     1>&2 echo -e "${CROSS}${RD}  No Network After $RETRY_NUM Tries${CL}"    
    37. 

  37.     exit 1
    38. 

  38.   fi
    39. 

  39. done
    40. 

  40. msg_ok "Set up Container OS"
    41. 

  41. msg_ok "Network Connected: ${BL}$(hostname -I)"
    42. 

  42. 

  43. msg_info "Updating Container OS"
    44. 

  44. apt update &>/dev/null
    45. 

  45. apt-get -qqy upgrade &>/dev/null
    46. 

  46. msg_ok "Updated Container OS"
    47. 

  47. 

  48. msg_info "Installing Dependencies"
    49. 

  49. apt-get update &>/dev/null
    50. 

  50. apt-get -qqy install \
    51. 

  51.     git \
    52. 

  52.     nano \
    53. 

  53.     wget \
    54. 

  54.     htop \
    55. 

  55.     pkg-config \
    56. 

  56.     openssl \
    57. 

  57.     libssl1.1 \
    58. 

  58.     libssl-dev \
    59. 

  59.     curl \
    60. 

  60.     sudo &>/dev/null
    61. 

  61. msg_ok "Installed Dependencies"
    62. 

  62. 

  63. msg_info "Installing Build Essentials"
    64. 

  64. apt-get install -y build-essential &>/dev/null
    65. 

  65. msg_ok "Installed Build Essentials"
    66. 

  66. 

  67. msg_info "Installing Rust"
    68. 

  68. curl https://sh.rustup.rs -sSf | sh -s -- -y &>/dev/null
    69. 

  69. echo 'export PATH=~/.cargo/bin:$PATH' >> ~/.bashrc &>/dev/null
    70. 

  70. export PATH=~/.cargo/bin:$PATH &>/dev/null
    71. 

  71. which rustc &>/dev/null
    72. 

  72. msg_ok "Installed Rust"
    73. 

  73. 

  74. msg_info "Installing Node.js"
    75. 

  75. curl -fsSL https://deb.nodesource.com/setup_16.x | bash - &>/dev/null
    76. 

  76. apt-get install -y nodejs &>/dev/null
    77. 

  77. npm -g install npm@7 &>/dev/null
    78. 

  78. which npm &>/dev/null
    79. 

  79. npm i npm@latest -g &>/dev/null
    80. 

  80. msg_ok "Installed Node.js"
    81. 

  81. 

  82. msg_info "Building Vaultwarden (Patience)"
    83. 

  83. git clone https://github.com/dani-garcia/vaultwarden &>/dev/null
    84. 

  84. pushd vaultwarden &>/dev/null
    85. 

  85. cargo clean &>/dev/null 
    86. 

  86. cargo build --features sqlite --release &>/dev/null
    87. 

  87. file target/release/vaultwarden &>/dev/null
    88. 

  88. msg_ok "Built Vaultwarden"
    89. 

  89. 

  90. msg_info "Building Web-Vault"
    91. 

  91. pushd target/release/ &>/dev/null
    92. 

  92. git clone --recurse-submodules https://github.com/bitwarden/web.git web-vault.git &>/dev/null
    93. 

  93. cd web-vault.git &>/dev/null
    94. 

  94. git checkout v2.25.1 &>/dev/null
    95. 

  95. git submodule update --init --recursive &>/dev/null
    96. 

  96. wget https://raw.githubusercontent.com/dani-garcia/bw_web_builds/master/patches/v2.25.0.patch &>/dev/null
    97. 

  97. git apply v2.25.0.patch &>/dev/null
    98. 

  98. npm ci --silent --legacy-peer-deps &>/dev/null
    99. 

  99. npm audit fix --silent --legacy-peer-deps || true &>/dev/null
    100. 

  100. npm run --silent dist:oss:selfhost &>/dev/null
    101. 

  101. cp -a build ../web-vault &>/dev/null
    102. 

  102. cd ..
    103. 

  103. mkdir data 
    104. 

  104. msg_ok "Built Web-Vault"
    105. 

  105. 

  106. msg_info "Creating Service"
    107. 

  107. cp ../../.env.template /etc/vaultwarden.env &>/dev/null
    108. 

  108. cp vaultwarden /usr/bin/vaultwarden &>/dev/null
    109. 

  109. chmod +x /usr/bin/vaultwarden &>/dev/null
    110. 

  110. useradd -m -d /var/lib/vaultwarden vaultwarden &>/dev/null
    111. 

  111. sudo cp -R data /var/lib/vaultwarden/ &>/dev/null
    112. 

  112. cp -R web-vault /var/lib/vaultwarden/ &>/dev/null
    113. 

  113. chown -R vaultwarden:vaultwarden /var/lib/vaultwarden &>/dev/null
    114. 

  114. 

  115. service_path="/etc/systemd/system/vaultwarden.service" &>/dev/null
    116. 

  116. 

  117. echo "[Unit]
    118. 

  118. Description=Bitwarden Server (Powered by Vaultwarden)
    119. 

  119. Documentation=https://github.com/dani-garcia/vaultwarden
    120. 

  120. After=network.target
    121. 

  121. [Service]
    122. 

  122. User=vaultwarden
    123. 

  123. Group=vaultwarden
    124. 

  124. EnvironmentFile=/etc/vaultwarden.env
    125. 

  125. ExecStart=/usr/bin/vaultwarden
    126. 

  126. LimitNOFILE=1048576
    127. 

  127. PrivateTmp=true
    128. 

  128. PrivateDevices=true
    129. 

  129. ProtectHome=true
    130. 

  130. ProtectSystem=strict
    131. 

  131. WorkingDirectory=/var/lib/vaultwarden
    132. 

  132. ReadWriteDirectories=/var/lib/vaultwarden
    133. 

  133. AmbientCapabilities=CAP_NET_BIND_SERVICE
    134. 

  134. [Install]
    135. 

  135. WantedBy=multi-user.target" > $service_path
    136. 

  136. systemctl daemon-reload
    137. 

  137. systemctl enable vaultwarden.service &>/dev/null
    138. 

  138. systemctl start vaultwarden.service &>/dev/null
    139. 

  139. msg_ok "Created Service"
    140. 

  140. 

  141. PASS=$(grep -w "root" /etc/shadow | cut -b6);
    142. 

  142.   if [[ $PASS != $ ]]; then
    143. 

  143. msg_info "Customizing Container"
    144. 

  144. rm /etc/motd
    145. 

  145. rm /etc/update-motd.d/10-uname
    146. 

  146. touch ~/.hushlogin
    147. 

  147. GETTY_OVERRIDE="/etc/systemd/system/container-getty@1.service.d/override.conf"
    148. 

  148. mkdir -p $(dirname $GETTY_OVERRIDE)
    149. 

  149. cat << EOF > $GETTY_OVERRIDE
    150. 

  150. [Service]
    151. 

  151. ExecStart=
    152. 

  152. ExecStart=-/sbin/agetty --autologin root --noclear --keep-baud tty%I 115200,38400,9600 \$TERM
    153. 

  153. EOF
    154. 

  154. systemctl daemon-reload
    155. 

  155. systemctl restart $(basename $(dirname $GETTY_OVERRIDE) | sed 's/\.d//')
    156. 

  156. msg_ok "Customized Container"
    157. 

  157.   fi
    158. 

  158.   
    159. 

  159. msg_info "Cleaning up"
    160. 

  160. apt-get autoremove >/dev/null
    161. 

  161. apt-get autoclean >/dev/null
    162. 

  162. rm -rf /var/{cache,log}/* /var/lib/apt/lists/*
    163. 

  163. msg_ok "Cleaned"
    164.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5