adrien
/
vaultwarden-updater
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add .sh extension and improve control structure to avoid else statement

This commit is contained in:
adrien 2022-06-12 22:01:43 +02:00
parent b0ab525d02
commit 936ed85639
Signed by: adrien
GPG Key ID: 4F17BEA67707AC21
2 changed files with 41 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
README.md
View File

@ -1,28 +1,37 @@
# vaultwarden-updater # vaultwarden-updater
This script checks if Vaultwarden is up to date, updates it if necessary and sends a message to a Telegram bot. This script checks if Vaultwarden is up to date, updates it if necessary and sends a message to a Telegram bot.
## Introduction ## Introduction
The trap to avoid when installing custom software is to update it. It seems obvious but it is never very easy because there is often a compilation part, interoperability management between bricks, backups and so on.
The trap to avoid when installing custom software is to update it. It seems obvious, but it is never very easy because
there is often a compilation part, interoperability management between bricks, backups and so on.
## Requirements ## Requirements
### Software ### Software
It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-vaultwarden.html
Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic
here: https://illuad.fr/2020/06/11/install-vaultwarden.html
Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic
here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html
### System ### System
This script can run on any GNU/Linux machine. This script can run on any GNU/Linux machine.
This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you have followed my article, some of them are required which means they will necessarily be installed. This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you have followed my article, some of them are
required which means they will necessarily be installed.
## Installation ## Installation
Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`. Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`.
``` ```
curl -LOsSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater curl -LOsSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater.sh
sudo mv vaultwarden-updater /usr/local/sbin sudo mv vaultwarden-updater.sh /usr/local/sbin
sudo chmod 750 /usr/local/sbin/vaultwarden-updater sudo chmod 750 /usr/local/sbin/vaultwarden-updater.sh
``` ```
Create the logs' directory. Create the logs' directory.
@ -32,35 +41,39 @@ sudo mkdir -p /var/log/updater/vaultwarden-updater
``` ```
## Configuration ## Configuration
This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`. This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`.
Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Vaultwarden. Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The
variable `username` must match the username with which you installed Vaultwarden.
#### Fast variables setting #### Fast variables setting
For the `key` variable. For the `key` variable.
``` ```
sudo sed -i "s/key=/key=<your_key>/" /usr/local/sbin/vaultwarden-updater sudo sed -i "s/key=/key=<your_key>/" /usr/local/sbin/vaultwarden-updater.sh
``` ```
For the `chat_id` variable. For the `chat_id` variable.
``` ```
sudo sed -i "s/chat_id=/chat_id=<your_chat_id>/" /usr/local/sbin/vaultwarden-updater sudo sed -i "s/chat_id=/chat_id=<your_chat_id>/" /usr/local/sbin/vaultwarden-updater.sh
``` ```
For the `username` variable. For the `username` variable.
``` ```
sudo sed -i "s/username=/username=<your_username>/" /usr/local/sbin/vaultwarden-updater sudo sed -i "s/username=/username=<your_username>/" /usr/local/sbin/vaultwarden-updater.sh
``` ```
## Automation ## Automation
Running this script automatically is a good idea, here is what you should have in the cron jobs of the root user. Running this script automatically is a good idea, here is what you should have in the cron jobs of the root user.
``` ```
sudo crontab -l sudo crontab -l
0 1 * * * /usr/local/sbin/vaultwarden-updater 0 1 * * * /usr/local/sbin/vaultwarden-updater.sh
``` ```
Every day at 1:00 am, the script will check if Vaultwarden is up to date. Every day at 1:00 am, the script will check if Vaultwarden is up to date.

29
vaultwarden-updater → vaultwarden-updater.sh
View File

@ -1,4 +1,4 @@
#! /usr/bin/env bash #!/usr/bin/env bash
# All executed commands are printed to stdout # All executed commands are printed to stdout
set -x set -x
@ -25,11 +25,13 @@ chat_id=
username= username=
function send_message() { function send_message() {
if [ $# -eq 0 ]; then if ! [ $# -eq 0 ]; then
echo "No argument supplied, please specify the message to send"
else
curl --silent --show-error --fail --request POST "https://api.telegram.org/$key/sendMessage" --data chat_id="$chat_id" --data text="$1" --output /dev/null curl --silent --show-error --fail --request POST "https://api.telegram.org/$key/sendMessage" --data chat_id="$chat_id" --data text="$1" --output /dev/null
exit
fi fi
echo "No argument supplied, please specify the message to send"
exit 1
} }
function update_vaultwarden { function update_vaultwarden {
@ -46,15 +48,16 @@ function update_vaultwarden {
mv /tmp/vaultwarden/target/release/vaultwarden /usr/local/bin/vaultwarden mv /tmp/vaultwarden/target/release/vaultwarden /usr/local/bin/vaultwarden
# Set the correct permissions # Set the correct permissions
/usr/bin/chown root:vaultwarden /usr/local/bin/vaultwarden chown root:vaultwarden /usr/local/bin/vaultwarden
/usr/bin/chmod 750 /usr/local/bin/vaultwarden chmod 750 /usr/local/bin/vaultwarden
/usr/sbin/restorecon /usr/local/bin/vaultwarden restorecon /usr/local/bin/vaultwarden
if systemctl start vaultwarden.service; then if ! systemctl start vaultwarden.service; then
send_message "[Vaultwarden] - Vaultwarden has just been updated"
else
send_message "[Vaultwarden] - Vaultwarden service did not start correctly. Please log in as soon as possible and see what went wrong" send_message "[Vaultwarden] - Vaultwarden service did not start correctly. Please log in as soon as possible and see what went wrong"
exit 1
fi fi
send_message "[Vaultwarden] - Vaultwarden has just been updated"
} }
# Retrieve local release # Retrieve local release
@ -64,9 +67,9 @@ local_release=$(/usr/local/bin/vaultwarden --version | awk --field-separator '-'
latest_release=$(git ls-remote https://github.com/dani-garcia/vaultwarden.git HEAD | awk '{print substr($1, 1, length($1) - 32)}') latest_release=$(git ls-remote https://github.com/dani-garcia/vaultwarden.git HEAD | awk '{print substr($1, 1, length($1) - 32)}')
# Compare these two versions # Compare these two versions
if [ "$latest_release" == "$local_release" ]; then if ! [ "$latest_release" == "$local_release" ]; then
send_message "[Vaultwarden] - Vaultwarden is up to date"
else
send_message "[Vaultwarden] - Vaultwarden is not up to date (https://github.com/dani-garcia/vaultwarden/commit/$latest_release)" send_message "[Vaultwarden] - Vaultwarden is not up to date (https://github.com/dani-garcia/vaultwarden/commit/$latest_release)"
update_vaultwarden update_vaultwarden
fi fi
send_message "[Vaultwarden] - Vaultwarden is up to date"