diff --git a/README.md b/README.md index 9d4bea1..b969a46 100644 --- a/README.md +++ b/README.md @@ -1,28 +1,37 @@ # vaultwarden-updater + This script checks if Vaultwarden is up to date, updates it if necessary and sends a message to a Telegram bot. ## Introduction -The trap to avoid when installing custom software is to update it. It seems obvious but it is never very easy because there is often a compilation part, interoperability management between bricks, backups and so on. + +The trap to avoid when installing custom software is to update it. It seems obvious, but it is never very easy because +there is often a compilation part, interoperability management between bricks, backups and so on. ## Requirements ### Software -It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-vaultwarden.html -Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html +It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic +here: https://illuad.fr/2020/06/11/install-vaultwarden.html + +Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic +here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html ### System + This script can run on any GNU/Linux machine. -This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you have followed my article, some of them are required which means they will necessarily be installed. +This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you have followed my article, some of them are +required which means they will necessarily be installed. ## Installation + Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`. ``` -curl -LOsSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater -sudo mv vaultwarden-updater /usr/local/sbin -sudo chmod 750 /usr/local/sbin/vaultwarden-updater +curl -LOsSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater.sh +sudo mv vaultwarden-updater.sh /usr/local/sbin +sudo chmod 750 /usr/local/sbin/vaultwarden-updater.sh ``` Create the logs' directory. @@ -32,35 +41,39 @@ sudo mkdir -p /var/log/updater/vaultwarden-updater ``` ## Configuration + This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`. -Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Vaultwarden. +Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The +variable `username` must match the username with which you installed Vaultwarden. #### Fast variables setting + For the `key` variable. ``` -sudo sed -i "s/key=/key=/" /usr/local/sbin/vaultwarden-updater +sudo sed -i "s/key=/key=/" /usr/local/sbin/vaultwarden-updater.sh ``` For the `chat_id` variable. ``` -sudo sed -i "s/chat_id=/chat_id=/" /usr/local/sbin/vaultwarden-updater +sudo sed -i "s/chat_id=/chat_id=/" /usr/local/sbin/vaultwarden-updater.sh ``` For the `username` variable. ``` -sudo sed -i "s/username=/username=/" /usr/local/sbin/vaultwarden-updater +sudo sed -i "s/username=/username=/" /usr/local/sbin/vaultwarden-updater.sh ``` ## Automation + Running this script automatically is a good idea, here is what you should have in the cron jobs of the root user. ``` sudo crontab -l -0 1 * * * /usr/local/sbin/vaultwarden-updater +0 1 * * * /usr/local/sbin/vaultwarden-updater.sh ``` Every day at 1:00 am, the script will check if Vaultwarden is up to date. diff --git a/vaultwarden-updater b/vaultwarden-updater.sh similarity index 77% rename from vaultwarden-updater rename to vaultwarden-updater.sh index 99bc51f..2863ef1 100644 --- a/vaultwarden-updater +++ b/vaultwarden-updater.sh @@ -1,4 +1,4 @@ -#! /usr/bin/env bash +#!/usr/bin/env bash # All executed commands are printed to stdout set -x @@ -25,11 +25,13 @@ chat_id= username= function send_message() { - if [ $# -eq 0 ]; then - echo "No argument supplied, please specify the message to send" - else + if ! [ $# -eq 0 ]; then curl --silent --show-error --fail --request POST "https://api.telegram.org/$key/sendMessage" --data chat_id="$chat_id" --data text="$1" --output /dev/null + exit fi + + echo "No argument supplied, please specify the message to send" + exit 1 } function update_vaultwarden { @@ -46,15 +48,16 @@ function update_vaultwarden { mv /tmp/vaultwarden/target/release/vaultwarden /usr/local/bin/vaultwarden # Set the correct permissions - /usr/bin/chown root:vaultwarden /usr/local/bin/vaultwarden - /usr/bin/chmod 750 /usr/local/bin/vaultwarden - /usr/sbin/restorecon /usr/local/bin/vaultwarden + chown root:vaultwarden /usr/local/bin/vaultwarden + chmod 750 /usr/local/bin/vaultwarden + restorecon /usr/local/bin/vaultwarden - if systemctl start vaultwarden.service; then - send_message "[Vaultwarden] - Vaultwarden has just been updated" - else + if ! systemctl start vaultwarden.service; then send_message "[Vaultwarden] - Vaultwarden service did not start correctly. Please log in as soon as possible and see what went wrong" + exit 1 fi + + send_message "[Vaultwarden] - Vaultwarden has just been updated" } # Retrieve local release @@ -64,9 +67,9 @@ local_release=$(/usr/local/bin/vaultwarden --version | awk --field-separator '-' latest_release=$(git ls-remote https://github.com/dani-garcia/vaultwarden.git HEAD | awk '{print substr($1, 1, length($1) - 32)}') # Compare these two versions -if [ "$latest_release" == "$local_release" ]; then - send_message "[Vaultwarden] - Vaultwarden is up to date" -else +if ! [ "$latest_release" == "$local_release" ]; then send_message "[Vaultwarden] - Vaultwarden is not up to date (https://github.com/dani-garcia/vaultwarden/commit/$latest_release)" update_vaultwarden fi + +send_message "[Vaultwarden] - Vaultwarden is up to date"