adrien/vaultwarden-updater
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Rename bw-updater to vaultwarden-updater following the project renaming

Browse Source
This commit is contained in:
adrien 2021-04-29 01:31:43 +02:00
parent cedd02c2df
commit eb4fe9de6d
3 changed files with 87 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -1,5 +1,5 @@
# bw-updater # vaultwarden-updater
This script checks if the Bitwarden RS server is up to date, updates it if necessary and sends a message to a Telegram bot. This script checks if Vaultwarden is up to date, updates it if necessary and sends a message to a Telegram bot.
## Introduction ## Introduction
The trap to avoid when installing custom software is to update it. It seems obvious but it is never very easy because there is often a compilation part, interoperability management between bricks, backups and so on. The trap to avoid when installing custom software is to update it. It seems obvious but it is never very easy because there is often a compilation part, interoperability management between bricks, backups and so on.
@ -7,7 +7,7 @@ The trap to avoid when installing custom software is to update it. It seems obvi
## Requirements ## Requirements
### Software ### Software
It is clearly necessary to have deployed a Bitwarden RS instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-a-bitwarden-rs-server.html It is clearly necessary to have deployed a Vaultwarden instance on your server. I wrote an article about this topic here: https://illuad.fr/2020/06/11/install-vaultwarden.html
Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html Since a message is sent to a Telegram bot, it is necessary to have one configured. I wrote an article about this topic here: https://illuad.fr/2020/10/27/get-a-telegram-alert-on-a-ssh-login-with-pam.html
@ -20,38 +20,38 @@ This script uses `git`, `cargo`, `curl` and `restorecon` commands but if you hav
Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`. Since this script must be executed with root rights, it is a good practice to place it in `/usr/local/sbin/`.
``` ```
sudo curl -Lo /usr/local/sbin/bw-updater -sSf https://gitea.illuad.fr/adrien/bw-updater/raw/branch/master/bw-updater sudo curl -Lo /usr/local/sbin/vaultwarden-updater -sSf https://gitea.illuad.fr/adrien/vaultwarden-updater/raw/branch/master/vaultwarden-updater
sudo chmod 750 /usr/local/sbin/bw-updater sudo chmod 750 /usr/local/sbin/vaultwarden-updater
``` ```
Create the logs' directory. Create the logs' directory.
``` ```
sudo mkdir -p /var/log/updater/bitwarden sudo mkdir -p /var/log/updater/vaultwarden-updater
``` ```
## Configuration ## Configuration
This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`. This script requires the configuration of 3 variables to work: `key`, `chat_id` and `username`.
Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Bitwarden RS server. Variables `key` and `chat_id` correspond to the API key and the chat id obtained during the bot creation process. The variable `username` must match the username with which you installed Vaultwarden.
#### Fast variables setting #### Fast variables setting
For the `key` variable. For the `key` variable.
``` ```
sudo sed -i "s/key=/key=<your_key>/" /usr/local/sbin/tls-checker sudo sed -i "s/key=/key=<your_key>/" /usr/local/sbin/vaultwarden-updater
``` ```
For the `chat_id` variable. For the `chat_id` variable.
``` ```
sudo sed -i "s/chat_id=/chat_id=<your_chat_id>/" /usr/local/sbin/tls-checker sudo sed -i "s/chat_id=/chat_id=<your_chat_id>/" /usr/local/sbin/vaultwarden-updater
``` ```
For the `username` variable. For the `username` variable.
``` ```
sudo sed -i "s/username=/username=<your_username>/" /usr/local/sbin/tls-checker sudo sed -i "s/username=/username=<your_username>/" /usr/local/sbin/vaultwarden-updater
``` ```
## Automation ## Automation
@ -59,7 +59,7 @@ Running this script automatically is a good idea, here is what you should have i
``` ```
sudo crontab -l sudo crontab -l
0 1 * * * /usr/local/sbin/bw-updater 0 1 * * * /usr/local/sbin/vaultwarden-updater
``` ```
Every day at 1:00 am, the script will check if the Bitwarden RS server is up to date. Every day at 1:00 am, the script will check if Vaultwarden is up to date.

75
bw-updater
View File

@ -1,75 +0,0 @@
#! /usr/bin/env bash
# all executed commands are printed to stdout
set -x
# redirect stdout (and stderr to stdout) to a file
exec 1> /var/log/updater/bitwarden/bitwarden-$(date +%F).log 2>&1
# abort on nonzero exitstatus
set -o errexit
# abort on unbound variable
set -o nounset
# don't hide errors within pipes
set -o pipefail
# set your API key here
key=
# set your chat id here
chat_id=
# set your username
username=
function send_message() {
if [ $# -eq 0 ]
then
echo "No argument supplied. Please specify the message to send."
else
curl --silent --show-error --fail --request POST https://api.telegram.org/${key}/sendMessage --data chat_id=${chat_id} --data text="${1}" --output /dev/null
fi
}
function update_bitwarden {
rm --recursive --force /tmp/bitwarden
# clone the latest release
su --login ${username} --command "git clone https://github.com/dani-garcia/bitwarden_rs.git /tmp/bitwarden"
# compile the binary
su --login ${username} --command "/home/${username}/.cargo/bin/cargo build --quiet --features sqlite --release --manifest-path=/tmp/bitwarden/Cargo.toml"
systemctl stop bitwarden.service
# move the binary to the right place
mv /tmp/bitwarden/target/release/bitwarden_rs /usr/local/bin/bitwarden
# set the correct permissions
chown root:bitwarden /usr/local/bin/bitwarden
chmod 750 /usr/local/bin/bitwarden
/usr/sbin/restorecon /usr/local/bin/bitwarden
if systemctl start bitwarden.service
then
send_message "[Bitwarden] - Bitwarden RS has just been updated."
else
send_message "[Bitwarden] - Bitwarden RS service did not start correctly. Please log in as soon as possible and see what went wrong."
fi
}
# retrieve local release
local_release=$(/usr/local/bin/bitwarden --version | awk --field-separator '-' '{print $2}')
# retrieve the latest release
latest_release=$(git ls-remote https://github.com/dani-garcia/bitwarden_rs.git HEAD | awk '{print substr($1, 1, length($1) - 32)}')
# compare these two versions
if [ ${latest_release} == ${local_release} ]
then
send_message "[Bitwarden] - Bitwarden RS is up to date."
else
send_message "[Bitwarden] - Bitwarden RS is not up to date (https://github.com/dani-garcia/bitwarden_rs/commit/${latest_release})."
update_bitwarden
fi

75
vaultwarden-updater Normal file
View File

@ -0,0 +1,75 @@
#! /usr/bin/env bash
# all executed commands are printed to stdout
set -x
# redirect stdout (and stderr to stdout) to a file
exec 1> /var/log/updater/vaultwarden-updater/vaultwarden-updater-$(date +%F).log 2>&1
# abort on nonzero exitstatus
set -o errexit
# abort on unbound variable
set -o nounset
# don't hide errors within pipes
set -o pipefail
# set your API key here
key=
# set your chat id here
chat_id=
# set your username
username=
function send_message() {
if [ $# -eq 0 ]
then
echo "No argument supplied. Please specify the message to send."
else
curl --silent --show-error --fail --request POST https://api.telegram.org/${key}/sendMessage --data chat_id=${chat_id} --data text="${1}" --output /dev/null
fi
}
function update_vaultwarden {
rm --recursive --force /tmp/vaultwarden
# clone the latest release
su --login ${username} --command "git clone https://github.com/dani-garcia/vaultwarden.git /tmp/vaultwarden"
# compile the binary
su --login ${username} --command "/home/${username}/.cargo/bin/cargo build --quiet --features sqlite --release --manifest-path=/tmp/vaultwarden/Cargo.toml"
systemctl stop vaultwarden.service
# move the binary to the right place
mv /tmp/vaultwarden/target/release/vaultwarden /usr/local/bin/vaultwarden
# set the correct permissions
chown root:vaultwarden /usr/local/bin/vaultwarden
chmod 750 /usr/local/bin/vaultwarden
/usr/sbin/restorecon /usr/local/bin/vaultwarden
if systemctl start vaultwarden.service
then
send_message "[Vaultwarden] - Vaultwarden has just been updated."
else
send_message "[Vaultwarden] - Vaultwarden service did not start correctly. Please log in as soon as possible and see what went wrong."
fi
}
# retrieve local release
local_release=$(/usr/local/bin/vaultwarden --version | awk --field-separator '-' '{print $2}')
# retrieve the latest release
latest_release=$(git ls-remote https://github.com/dani-garcia/vaultwarden.git HEAD | awk '{print substr($1, 1, length($1) - 32)}')
# compare these two versions
if [ ${latest_release} == ${local_release} ]
then
send_message "[Vaultwarden] - Vaultwarden is up to date."
else
send_message "[Vaultwarden] - Vaultwarden is not up to date (https://github.com/dani-garcia/vaultwarden/commit/${latest_release})."
update_vaultwarden
fi