diff --git a/README.md b/README.md index 408b8fe..bc3369e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -# bw-updater -This script checks if the Bitwarden RS server is up to date, updates it if necessary and sends a message to a Telegram bot. +# vaultwarden-updater +This script checks if Vaultwarden is up to date, updates it if necessary and sends a message to a Telegram bot. ## Introduction The trap to avoid when installing custom software is to update it. It seems obvious but it is never very easy because there is often a compilation part, interoperability management between bricks, backups and so on. @@ -7,7 +7,7 @@ The trap to avoid when installing custom software is to update it. It seems obvi ## Requirements ### Software -It is clearly necessary to have deployed a Bitwarden RS instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-a-bitwarden-rs-server.html +It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-vaultwarden.html Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html @@ -20,38 +20,38 @@ This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you hav Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`. ``` -sudo curl -Lo /usr/local/sbin/bw-updater -sSf https://gitea.illuad.fr/adrien/bw-updater/raw/branch/master/bw-updater -sudo chmod 750 /usr/local/sbin/bw-updater +sudo curl -Lo /usr/local/sbin/vaultwarden-updater -sSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater +sudo chmod 750 /usr/local/sbin/vaultwarden-updater ``` Create the logs' directory. ``` -sudo mkdir -p /var/log/updater/bitwarden +sudo mkdir -p /var/log/updater/vaultwarden-updater ``` ## Configuration This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`. -Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Bitwarden RS server. +Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Vaultwarden. #### Fast variables setting For the `key` variable. ``` -sudo sed -i "s/key=/key=/" /usr/local/sbin/tls-checker +sudo sed -i "s/key=/key=/" /usr/local/sbin/vaultwarden-updater ``` For the `chat_id` variable. ``` -sudo sed -i "s/chat_id=/chat_id=/" /usr/local/sbin/tls-checker +sudo sed -i "s/chat_id=/chat_id=/" /usr/local/sbin/vaultwarden-updater ``` For the `username` variable. ``` -sudo sed -i "s/username=/username=/" /usr/local/sbin/tls-checker +sudo sed -i "s/username=/username=/" /usr/local/sbin/vaultwarden-updater ``` ## Automation @@ -59,7 +59,7 @@ Running this script automatically is a good idea, here is what you should have i ``` sudo crontab -l -0 1 * * * /usr/local/sbin/bw-updater +0 1 * * * /usr/local/sbin/vaultwarden-updater ``` -Every day at 1:00 am, the script will check if the Bitwarden RS server is up to date. +Every day at 1:00 am, the script will check if Vaultwarden is up to date. diff --git a/bw-updater b/bw-updater deleted file mode 100644 index 89ac09d..0000000 --- a/bw-updater +++ /dev/null @@ -1,75 +0,0 @@ -#! /usr/bin/env bash - -# all executed commands are printed to stdout -set -x - -# redirect stdout (and stderr to stdout) to a file -exec 1> /var/log/updater/bitwarden/bitwarden-$(date +%F).log 2>&1 - -# abort on nonzero exitstatus -set -o errexit - -# abort on unbound variable -set -o nounset - -# don't hide errors within pipes -set -o pipefail - -# set your API key here -key= - -# set your chat id here -chat_id= - -# set your username -username= - -function send_message() { - if [ $# -eq 0 ] - then - echo "No argument supplied. Please specify the message to send." - else - curl --silent --show-error --fail --request POST https://api.telegram.org/${key}/sendMessage --data chat_id=${chat_id} --data text="${1}" --output /dev/null - fi -} - -function update_bitwarden { - rm --recursive --force /tmp/bitwarden - - # clone the latest release - su --login ${username} --command "git clone https://github.com/dani-garcia/bitwarden_rs.git /tmp/bitwarden" - - # compile the binary - su --login ${username} --command "/home/${username}/.cargo/bin/cargo build --quiet --features sqlite --release --manifest-path=/tmp/bitwarden/Cargo.toml" - systemctl stop bitwarden.service - - # move the binary to the right place - mv /tmp/bitwarden/target/release/bitwarden_rs /usr/local/bin/bitwarden - - # set the correct permissions - chown root:bitwarden /usr/local/bin/bitwarden - chmod 750 /usr/local/bin/bitwarden - /usr/sbin/restorecon /usr/local/bin/bitwarden - - if systemctl start bitwarden.service - then - send_message "[Bitwarden] - Bitwarden RS has just been updated." - else - send_message "[Bitwarden] - Bitwarden RS service did not start correctly. Please log in as soon as possible and see what went wrong." - fi -} - -# retrieve local release -local_release=$(/usr/local/bin/bitwarden --version | awk --field-separator '-' '{print $2}') - -# retrieve the latest release -latest_release=$(git ls-remote https://github.com/dani-garcia/bitwarden_rs.git HEAD | awk '{print substr($1, 1, length($1) - 32)}') - -# compare these two versions -if [ ${latest_release} == ${local_release} ] -then - send_message "[Bitwarden] - Bitwarden RS is up to date." -else - send_message "[Bitwarden] - Bitwarden RS is not up to date (https://github.com/dani-garcia/bitwarden_rs/commit/${latest_release})." - update_bitwarden -fi diff --git a/vaultwarden-updater b/vaultwarden-updater new file mode 100644 index 0000000..c081eaa --- /dev/null +++ b/vaultwarden-updater @@ -0,0 +1,75 @@ +#! /usr/bin/env bash + +# all executed commands are printed to stdout +set -x + +# redirect stdout (and stderr to stdout) to a file +exec 1> /var/log/updater/vaultwarden-updater/vaultwarden-updater-$(date +%F).log 2>&1 + +# abort on nonzero exitstatus +set -o errexit + +# abort on unbound variable +set -o nounset + +# don't hide errors within pipes +set -o pipefail + +# set your API key here +key= + +# set your chat id here +chat_id= + +# set your username +username= + +function send_message() { + if [ $# -eq 0 ] + then + echo "No argument supplied. Please specify the message to send." + else + curl --silent --show-error --fail --request POST https://api.telegram.org/${key}/sendMessage --data chat_id=${chat_id} --data text="${1}" --output /dev/null + fi +} + +function update_vaultwarden { + rm --recursive --force /tmp/vaultwarden + + # clone the latest release + su --login ${username} --command "git clone https://github.com/dani-garcia/vaultwarden.git /tmp/vaultwarden" + + # compile the binary + su --login ${username} --command "/home/${username}/.cargo/bin/cargo build --quiet --features sqlite --release --manifest-path=/tmp/vaultwarden/Cargo.toml" + systemctl stop vaultwarden.service + + # move the binary to the right place + mv /tmp/vaultwarden/target/release/vaultwarden /usr/local/bin/vaultwarden + + # set the correct permissions + chown root:vaultwarden /usr/local/bin/vaultwarden + chmod 750 /usr/local/bin/vaultwarden + /usr/sbin/restorecon /usr/local/bin/vaultwarden + + if systemctl start vaultwarden.service + then + send_message "[Vaultwarden] - Vaultwarden has just been updated." + else + send_message "[Vaultwarden] - Vaultwarden service did not start correctly. Please log in as soon as possible and see what went wrong." + fi +} + +# retrieve local release +local_release=$(/usr/local/bin/vaultwarden --version | awk --field-separator '-' '{print $2}') + +# retrieve the latest release +latest_release=$(git ls-remote https://github.com/dani-garcia/vaultwarden.git HEAD | awk '{print substr($1, 1, length($1) - 32)}') + +# compare these two versions +if [ ${latest_release} == ${local_release} ] +then + send_message "[Vaultwarden] - Vaultwarden is up to date." +else + send_message "[Vaultwarden] - Vaultwarden is not up to date (https://github.com/dani-garcia/vaultwarden/commit/${latest_release})." + update_vaultwarden +fi