From ac44ea908a0205464dba4870278719b499316a50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:09:24 +0200 Subject: [PATCH 01/42] v2 --- conf/msg_install | 2 +- conf/nginx.conf | 6 +-- conf/systemd.service | 8 +-- conf/vaultwarden.env | 4 +- manifest.toml | 58 +++++++++++++++++++++ scripts/_common.sh | 2 +- scripts/backup | 18 +++---- scripts/change_url | 72 +++++++++++++------------- scripts/install | 106 +++++++++++++++++++------------------- scripts/remove | 24 ++++----- scripts/restore | 48 ++++++++--------- scripts/upgrade | 120 +++++++++++++++++++++---------------------- 12 files changed, 264 insertions(+), 204 deletions(-) create mode 100644 manifest.toml diff --git a/conf/msg_install b/conf/msg_install index 4d873a1..2b65680 100644 --- a/conf/msg_install +++ b/conf/msg_install @@ -1,5 +1,5 @@ vaultwarden was successfully installed :) -Please open https://__DOMAIN____PATH_URL__/admin +Please open https://__DOMAIN____PATH__/admin The admin token is: __ADMIN_TOKEN__ You will be able to invite users to your vaultwarden instance. If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/vaultwarden_ynh diff --git a/conf/nginx.conf b/conf/nginx.conf index 1b65fd3..f1961f5 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/; # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file client_max_body_size 100M; @@ -17,7 +17,7 @@ location __PATH__/ { include conf.d/yunohost_panel.conf.inc; } -location __FINALPATH__/notifications/hub { +location __INSTALL_DIR__/notifications/hub { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -26,6 +26,6 @@ location __FINALPATH__/notifications/hub { proxy_pass http://127.0.0.1:__WEBSOCKET_PORT__; } -location __FINALPATH__/notifications/hub/negotiate { +location __INSTALL_DIR__/notifications/hub/negotiate { proxy_pass http://127.0.0.1:__ROCKET_PORT__; } \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index a83cd57..6d063e0 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -7,10 +7,10 @@ After=network.target # The user/group vaultwarden is run under. the working directory (see below) should allow write and read access to this user/group User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/live/ -ReadWriteDirectories=__FINALPATH__/live/ __DATADIR__/ /var/log/__APP__/ -EnvironmentFile=__FINALPATH__/live/.env -ExecStart=__FINALPATH__/live/vaultwarden +WorkingDirectory=__INSTALL_DIR__/live/ +ReadWriteDirectories=__INSTALL_DIR__/live/ __DATA_DIR__/ /var/log/__APP__/ +EnvironmentFile=__INSTALL_DIR__/live/.env +ExecStart=__INSTALL_DIR__/live/vaultwarden # Set reasonable connection and process limits LimitNOFILE=1048576 diff --git a/conf/vaultwarden.env b/conf/vaultwarden.env index 0b65bfc..53cda3b 100644 --- a/conf/vaultwarden.env +++ b/conf/vaultwarden.env @@ -10,7 +10,7 @@ ## vaultwarden. ## Main data folder -DATA_FOLDER=__DATADIR__ +DATA_FOLDER=__DATA_DIR__ ## Database URL ## When using SQLite, this is the path to the DB file, default to %DATA_FOLDER%/db.sqlite3 @@ -283,7 +283,7 @@ ADMIN_TOKEN=__ADMIN_TOKEN__ ## It's recommended to configure this value, otherwise certain functionality might not work, ## like attachment downloads, email links and U2F. ## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs -DOMAIN=https://__DOMAIN____PATH_URL__ +DOMAIN=https://__DOMAIN____PATH__ ## Allowed iframe ancestors (Know the risks!) ## https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..d9e2ded --- /dev/null +++ b/manifest.toml @@ -0,0 +1,58 @@ +packaging_format = 2 + +id = "vaultwarden" +name = "Vaultwarden" +description.en = "Manage passwords and other sensitive informations" +description.fr = "Gérez les mots de passe et autres informations sensibles" + +version = "1.28.1~ynh1" + +maintainers = ["yalh76"] + +[upstream] +license = "GPL-3.0-or-later" +demo = "https://vault.bitwarden.com/#/register" +admindoc = "https://github.com/dani-garcia/vaultwarden/wiki" +userdoc = "https://help.bitwarden.com/" +code = "https://github.com/dani-garcia/vaultwarden" +website = "https://github.com/dani-garcia/vaultwarden" +cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) +fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. + +[integration] +yunohost = ">= 11.0.0" +architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +multi_instance = true +ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. +sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "domain" + + [install.path] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "path" + default = "/vaultwarden" + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.admin] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "user" + +[resources] + [resources.system_user] + + [resources.install_dir] + + [resources.data_dir] + + [resources.permissions] + main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index 44aed53..e11b899 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="libpq5" +#REMOVEME? pkg_dependencies="libpq5" pkg_image="vaultwarden/server" diff --git a/scripts/backup b/scripts/backup index b6833b3..6d02ff2 100644 --- a/scripts/backup +++ b/scripts/backup @@ -14,22 +14,22 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Loading installation settings..." +#REMOVEME? ynh_print_info --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -40,13 +40,13 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$datadir" --is_big +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 6c3a863..e5e2fe2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -13,60 +13,60 @@ source /usr/share/yunohost/helpers # RETRIEVE ARGUMENTS #================================================= -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH +#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN +#REMOVEME? old_path=$YNH_APP_OLD_PATH -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH +#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN +#REMOVEME? new_path=$YNH_APP_NEW_PATH -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +#REMOVEME? ynh_script_progression --message="Loading installation settings..." -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#REMOVEME? # Needed for helper "ynh_add_nginx_config" +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) # Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#REMOVEME? #db_name=$(ynh_app_setting_get --app=$app --key=db_name) #db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) -rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) -websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) +#REMOVEME? #db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) +#REMOVEME? rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) +#REMOVEME? websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." +#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= -change_domain=0 -if [ "$old_domain" != "$new_domain" ] +#REMOVEME? change_domain=0 +#REMOVEME? if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + #REMOVEME? change_domain=1 fi -change_path=0 -if [ "$old_path" != "$new_path" ] +#REMOVEME? change_path=0 +#REMOVEME? if [ "$old_path" != "$new_path" ] then - change_path=1 + #REMOVEME? change_path=1 fi #================================================= @@ -83,28 +83,30 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --li #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +ynh_change_url_nginx_config + +#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the NGINX config file if [ $change_path -eq 1 ] then # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" +#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" +#REMOVEME? domain="$old_domain" +#REMOVEME? path="$new_path" # Create a dedicated NGINX config - ynh_add_nginx_config +#REMOVEME? ynh_add_nginx_config fi # Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf +#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" +#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -114,7 +116,7 @@ fi #================================================= ynh_script_progression --message="Modifying a config file..." -config="$final_path/live/.env" +config="$install_dir/live/.env" ynh_backup_if_checksum_is_different --file="$config" @@ -136,9 +138,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 848df74..ba96d81 100644 --- a/scripts/install +++ b/scripts/install @@ -15,22 +15,22 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC -admin=$YNH_APP_ARG_ADMIN +#REMOVEME? domain=$YNH_APP_ARG_DOMAIN +#REMOVEME? path=$YNH_APP_ARG_PATH +#REMOVEME? is_public=$YNH_APP_ARG_IS_PUBLIC +#REMOVEME? admin=$YNH_APP_ARG_ADMIN -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME admin_mail=$(ynh_user_get_info --username=$admin --key=mail) admin_token=$(ynh_string_random --length=48 | base64) @@ -38,72 +38,72 @@ admin_token=$(ynh_string_random --length=48 | base64) #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." +#REMOVEME? ynh_script_progression --message="Validating installation parameters..." -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" +#REMOVEME? install_dir=/var/www/$app +#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url +#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." +#REMOVEME? ynh_script_progression --message="Storing installation settings..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token +#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain +#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path +#REMOVEME? ynh_app_setting_set --app=$app --key=admin --value=$admin +#REMOVEME? ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Finding an available port..." +#REMOVEME? ynh_script_progression --message="Finding an available port..." # Find an available port -websocket_port=$(ynh_find_port --port=3012) -ynh_app_setting_set --app=$app --key=websocket_port --value="$websocket_port" +#REMOVEME? websocket_port=$(ynh_find_port --port=3012) +#REMOVEME? ynh_app_setting_set --app=$app --key=websocket_port --value="$websocket_port" # Find an available port -rocket_port=$(ynh_find_port --port=8095) -ynh_app_setting_set --app=$app --key=rocket_port --value="$rocket_port" +#REMOVEME? rocket_port=$(ynh_find_port --port=8095) +#REMOVEME? ynh_app_setting_set --app=$app --key=rocket_port --value="$rocket_port" #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." +#REMOVEME? ynh_script_progression --message="Installing dependencies..." -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Configuring system user..." +#REMOVEME? ynh_script_progression --message="Configuring system user..." # Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." -ynh_app_setting_set --app=$app --key=final_path --value=$final_path +#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir # Download, check integrity, uncompress and patch the source from app.src docker_arg="" if [ $YNH_ARCH == "armhf" ] then docker_arg="--os_arch_variant=linux/arm/v7" fi -ynh_docker_image_extract --dest_dir="$final_path/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg -mkdir -p "$final_path/live/" +ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg +mkdir -p "$install_dir/live/" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # NGINX CONFIGURATION @@ -120,37 +120,37 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Creating a data directory..." -datadir=/home/yunohost.app/$app -ynh_app_setting_set --app=$app --key=datadir --value=$datadir +#REMOVEME? data_dir=/home/yunohost.app/$app +#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir -mkdir -p $datadir +mkdir -p $data_dir -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" +chown -R $app:$app "$data_dir" #================================================= # MAKE INSTALL #================================================= ynh_script_progression --message="Making install..." -mv -f "$final_path/build/vaultwarden" "$final_path/live/vaultwarden" -rsync -a "$final_path/build/web-vault/" "$final_path/live/web-vault/" -ynh_secure_remove --file="$final_path/build" +mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" +rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" +#REMOVEME? ynh_secure_remove --file="$install_dir/build" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # ADD A CONFIGURATION #================================================= ynh_script_progression --message="Adding a configuration file..." -ynh_add_config --template="../conf/vaultwarden.env" --destination="$final_path/live/.env" +ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" -chmod 400 "$final_path/live/.env" -chown $app:$app "$final_path/live/.env" +chmod 400 "$install_dir/live/.env" +chown $app:$app "$install_dir/live/.env" #================================================= # SETUP SYSTEMD @@ -201,25 +201,25 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Usern #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." +#REMOVEME? ynh_script_progression --message="Configuring permissions..." # Make app public if necessary -if [ $is_public -eq 1 ] +#REMOVEME? if [ $is_public -eq 1 ] then # Everyone can access the app. # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" +#REMOVEME? ynh_permission_update --permission="main" --add="visitors" fi -ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" -ynh_permission_create --permission="admin" --url="/admin" --allowed="$admin" --show_tile="false" +#REMOVEME? ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" +#REMOVEME? ynh_permission_create --permission="admin" --url="/admin" --allowed="$admin" --show_tile="false" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # SEND A README FOR THE ADMIN diff --git a/scripts/remove b/scripts/remove index f6a40ea..5b04b54 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,13 +12,13 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +#REMOVEME? ynh_script_progression --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) #================================================= # STANDARD REMOVE @@ -44,10 +44,10 @@ ynh_remove_systemd_config #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing app main directory..." +#REMOVEME? ynh_script_progression --message="Removing app main directory..." # Remove the app directory securely -ynh_secure_remove --file="$final_path" +#REMOVEME? ynh_secure_remove --file="$install_dir" #================================================= # REMOVE DATA DIR @@ -57,7 +57,7 @@ ynh_secure_remove --file="$final_path" if [ "${YNH_APP_PURGE:-0}" -eq 1 ] then ynh_script_progression --message="Removing app data directory..." - ynh_secure_remove --file="$datadir" +#REMOVEME? ynh_secure_remove --file="$data_dir" fi #================================================= @@ -71,10 +71,10 @@ ynh_remove_nginx_config #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." +#REMOVEME? ynh_script_progression --message="Removing dependencies..." # Remove metapackage and its dependencies -ynh_remove_app_dependencies +#REMOVEME? ynh_remove_app_dependencies #================================================= # REMOVE FAIL2BAN CONFIGURATION @@ -99,10 +99,10 @@ ynh_secure_remove --file="/var/log/$app" #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." +#REMOVEME? ynh_script_progression --message="Removing the dedicated system user..." # Delete a system user -ynh_system_user_delete --username=$app +#REMOVEME? ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index 3f612c6..01f271b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -14,65 +14,65 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +#REMOVEME? ynh_script_progression --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." +#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +#REMOVEME? test ! -d $install_dir \ + || ynh_die --message="There is already a directory: $install_dir " #================================================= # STANDARD RESTORATION STEPS #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." +#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..." # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." -ynh_restore_file --origin_path="$datadir" --not_mandatory +ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $datadir +mkdir -p $data_dir -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" +chown -R $app:$app "$data_dir" #================================================= # RESTORE FAIL2BAN CONFIGURATION @@ -93,10 +93,10 @@ ynh_systemd_action --action=restart --service_name=fail2ban #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." +#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE NGINX CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 7df7129..03b0d08 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -14,19 +14,19 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +#REMOVEME? ynh_script_progression --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) -admin_token=$(ynh_app_setting_get --app=$app --key=admin_token) -rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) -websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) +#REMOVEME? admin_token=$(ynh_app_setting_get --app=$app --key=admin_token) +#REMOVEME? rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) +#REMOVEME? websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) #================================================= # CHECK VERSION @@ -38,17 +38,17 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." +#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { ynh_clean_check_starting # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS @@ -69,18 +69,18 @@ if [ $migration_process -eq 1 ] then # If a migration has been perform # Reload some values changed by the migration process - final_path=$(ynh_app_setting_get --app=$app --key=final_path) - db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? db_name=$(ynh_app_setting_get --app=$app --key=db_name) # Move config file - mv $final_path/live/bitwarden_rs.env $final_path/live/.env + mv $install_dir/live/bitwarden_rs.env $install_dir/live/.env ynh_delete_file_checksum --file="/var/www/$old_app/live/bitwarden_rs.env" - ynh_store_file_checksum --file="$final_path/live/.env" - ynh_secure_remove --file="$final_path/live/bitwarden_rs" + ynh_store_file_checksum --file="$install_dir/live/.env" +#REMOVEME? ynh_secure_remove --file="$install_dir/live/bitwarden_rs" # Manage permissions - ynh_permission_update --permission="main" --add="all_users" - ynh_permission_update --permission="main" --add="visitors" +#REMOVEME? ynh_permission_update --permission="main" --add="all_users" +#REMOVEME? ynh_permission_update --permission="main" --add="visitors" # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $old_app >/dev/null @@ -96,43 +96,43 @@ fi ynh_script_progression --message="Ensuring downward compatibility..." # Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all +#REMOVEME? if ynh_legacy_permissions_exists; then +#REMOVEME? ynh_legacy_permissions_delete_all ynh_app_setting_delete --app=$app --key=is_public fi -if ! ynh_permission_exists --permission="admin"; then +#REMOVEME? if ! ynh_permission_exists --permission="admin"; then # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --show_tile="false" +#REMOVEME? ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --show_tile="false" fi # Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" +#REMOVEME? if ! ynh_permission_exists --permission="api"; then +#REMOVEME? ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" fi -# If datadir doesn't exist, create it -if [ -z $datadir ]; then +# If data_dir doesn't exist, create it +if [ -z $data_dir ]; then ynh_script_progression --message="Making sure data directory exists..." - datadir=/home/yunohost.app/$app - ynh_app_setting_set --app=$app --key=datadir --value=$datadir - mkdir -p $datadir - rsync -arz "$final_path/live/data/" "$datadir/" --delete-after --remove-source-files - ynh_secure_remove --file="$final_path/live/data" - ynh_system_user_create --username=$app --home_dir="$final_path" - chmod 750 "$datadir" - chmod -R o-rwx "$datadir" - chown -R $app:$app "$datadir" + data_dir=/home/yunohost.app/$app +#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir + mkdir -p $data_dir + rsync -arz "$install_dir/live/data/" "$data_dir/" --delete-after --remove-source-files +#REMOVEME? ynh_secure_remove --file="$install_dir/live/data" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" + chmod 750 "$data_dir" + chmod -R o-rwx "$data_dir" + chown -R $app:$app "$data_dir" fi #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." +#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -148,20 +148,20 @@ then then docker_arg="--os_arch_variant=linux/arm/v7" fi - ynh_docker_image_extract --dest_dir="$final_path/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg - mkdir -p "$final_path/live/" + ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg + mkdir -p "$install_dir/live/" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." +#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # NGINX CONFIGURATION @@ -180,25 +180,25 @@ ynh_script_progression --message="Making upgrade..." if [ "$upgrade_type" == "UPGRADE_APP" ] then - mv -f "$final_path/build/vaultwarden" "$final_path/live/vaultwarden" - ynh_secure_remove --file="$final_path/live/web-vault/" - rsync -a "$final_path/build/web-vault/" "$final_path/live/web-vault/" - ynh_secure_remove --file="$final_path/build" + mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" +#REMOVEME? ynh_secure_remove --file="$install_dir/live/web-vault/" + rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" +#REMOVEME? ynh_secure_remove --file="$install_dir/build" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." -ynh_add_config --template="../conf/vaultwarden.env" --destination="$final_path/live/.env" +ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" -chmod 400 "$final_path/live/.env" -chown $app:$app "$final_path/live/.env" +chmod 400 "$install_dir/live/.env" +chown $app:$app "$install_dir/live/.env" #================================================= # SETUP SYSTEMD @@ -248,9 +248,9 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Usern #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # FINISH MIGRATION PROCESS From c3feeb37a50a708af7c2710da7dd131ca6d36d99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:23:53 +0200 Subject: [PATCH 02/42] v2 --- conf/bitwarden_migration | 15 -- conf/bitwarden_post_migration.sh | 38 ---- conf/nginx.conf | 6 +- conf/systemd.service | 2 +- conf/vaultwarden.env | 4 +- doc/{DISCLAIMER.md => ADMIN.md} | 0 doc/POST_INSTALL.md | 3 + manifest.json | 52 ------ manifest.toml | 36 ++-- scripts/_common.sh | 3 - scripts/backup | 21 --- scripts/change_url | 91 ---------- scripts/install | 115 +----------- scripts/remove | 48 ----- scripts/restore | 55 ------ scripts/upgrade | 145 +-------------- scripts/ynh_handle_app_migration | 265 ---------------------------- scripts/ynh_send_readme_to_admin__2 | 129 -------------- tests.toml | 0 19 files changed, 38 insertions(+), 990 deletions(-) delete mode 100644 conf/bitwarden_migration delete mode 100644 conf/bitwarden_post_migration.sh rename doc/{DISCLAIMER.md => ADMIN.md} (100%) create mode 100644 doc/POST_INSTALL.md delete mode 100644 manifest.json delete mode 100644 scripts/ynh_handle_app_migration delete mode 100644 scripts/ynh_send_readme_to_admin__2 create mode 100644 tests.toml diff --git a/conf/bitwarden_migration b/conf/bitwarden_migration deleted file mode 100644 index f5f4468..0000000 --- a/conf/bitwarden_migration +++ /dev/null @@ -1,15 +0,0 @@ -# App main directory -/var/www/$app - -# NGINX web server configuration -/etc/nginx/conf.d/$domain.d/$app.conf - -# App logs -/var/log/$app/ - -# Service configuration -/etc/systemd/system/$app.service - -# Fail2Ban configuration -/etc/fail2ban/jail.d/$app.conf -/etc/fail2ban/filter.d/$app.conf diff --git a/conf/bitwarden_post_migration.sh b/conf/bitwarden_post_migration.sh deleted file mode 100644 index 15c8f53..0000000 --- a/conf/bitwarden_post_migration.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -# Ending the migration process from Bitwarden to Vaultwarden - -set -u - -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -source /usr/share/yunohost/helpers - -#================================================= -# SET VARIABLES -#================================================= - -old_app="__OLD_APP__" -new_app="__NEW_APP__" -script_name="$0" - -#================================================= -# DELETE OLD APP'S SETTINGS -#================================================= - -ynh_secure_remove --file="/etc/yunohost/apps/$old_app" -yunohost app ssowatconf - -#================================================= -# REMOVE THE OLD USER -#================================================= - -ynh_system_user_delete --username="$old_app" - -#================================================= -# DELETE THIS SCRIPT -#================================================= - -echo "rm $script_name" | at now + 1 minutes \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index f1961f5..4c1afff 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -11,7 +11,7 @@ location __PATH__/ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:__ROCKET_PORT__; + proxy_pass http://127.0.0.1:__PORT_ROCKET__; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; @@ -23,9 +23,9 @@ location __INSTALL_DIR__/notifications/hub { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_pass http://127.0.0.1:__WEBSOCKET_PORT__; + proxy_pass http://127.0.0.1:__PORT_WEBSOCKET__; } location __INSTALL_DIR__/notifications/hub/negotiate { - proxy_pass http://127.0.0.1:__ROCKET_PORT__; + proxy_pass http://127.0.0.1:__PORT_ROCKET__; } \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index 6d063e0..78f5103 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,5 +1,5 @@ [Unit] -Description=vaultwarden Server (Rust Edition) +Description=Vaultwarden Server (Rust Edition) Documentation=https://github.com/dani-garcia/vaultwarden After=network.target diff --git a/conf/vaultwarden.env b/conf/vaultwarden.env index 53cda3b..b2158c2 100644 --- a/conf/vaultwarden.env +++ b/conf/vaultwarden.env @@ -69,7 +69,7 @@ WEBSOCKET_ENABLED=true ## Controls the WebSocket server address and port WEBSOCKET_ADDRESS=127.0.0.1 -WEBSOCKET_PORT=__WEBSOCKET_PORT__ +WEBSOCKET_PORT=__PORT_WEBSOCKET__ ## Controls whether users are allowed to create Bitwarden Sends. ## This setting applies globally to all users. @@ -337,7 +337,7 @@ DOMAIN=https://__DOMAIN____PATH__ ## Rocket specific settings ## See https://rocket.rs/v0.4/guide/configuration/ for more details. ROCKET_ADDRESS=127.0.0.1 -ROCKET_PORT=__ROCKET_PORT__ +ROCKET_PORT=__PORT_ROCKET__ ROCKET_WORKERS=1 # ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"} diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 100% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md new file mode 100644 index 0000000..7398bbb --- /dev/null +++ b/doc/POST_INSTALL.md @@ -0,0 +1,3 @@ +Please open https://__DOMAIN____PATH__/admin +The admin token is: __ADMIN_TOKEN__ +You will be able to invite users to your vaultwarden instance. diff --git a/manifest.json b/manifest.json deleted file mode 100644 index cc749eb..0000000 --- a/manifest.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "name": "Vaultwarden", - "id": "vaultwarden", - "packaging_format": 1, - "description": { - "en": "Manage passwords and other sensitive informations", - "fr": "Gérez les mots de passe et autres informations sensibles" - }, - "version": "1.28.1~ynh1", - "url": "https://github.com/dani-garcia/vaultwarden", - "upstream": { - "license": "GPL-3.0-or-later", - "demo": "https://vault.bitwarden.com/#/register", - "admindoc": "https://github.com/dani-garcia/vaultwarden/wiki", - "userdoc": "https://help.bitwarden.com/", - "code": "https://github.com/dani-garcia/vaultwarden" - }, - "license": "GPL-3.0-or-later", - "maintainer": { - "name": "yalh76" - }, - "requirements": { - "yunohost": ">= 11.0.0" - }, - "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/vaultwarden", - "default": "/vaultwarden" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "admin", - "type": "user" - } - ] - } -} diff --git a/manifest.toml b/manifest.toml index d9e2ded..a93a965 100644 --- a/manifest.toml +++ b/manifest.toml @@ -16,26 +16,22 @@ admindoc = "https://github.com/dani-garcia/vaultwarden/wiki" userdoc = "https://help.bitwarden.com/" code = "https://github.com/dani-garcia/vaultwarden" website = "https://github.com/dani-garcia/vaultwarden" -cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) -fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. [integration] -yunohost = ">= 11.0.0" -architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +yunohost = ">= 11.1.21" +architectures = "all" multi_instance = true -ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. -sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. -disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... -ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... -ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" [install] [install.domain] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "domain" [install.path] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "path" default = "/vaultwarden" @@ -44,10 +40,14 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen default = "visitors" [install.admin] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "user" [resources] + + [resources.ports] + websocket.default = 3012 + rocket.default = 8095 + [resources.system_user] [resources.install_dir] @@ -56,3 +56,15 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen [resources.permissions] main.url = "/" + api.url = "/api" + api.additional_urls = "/identity/connect/token" + api.allowed = "visitors" + api.auth_header = false + api.show_tile = false + api.protected = true + admin.url = "/admin" + admin.allowed = "admins" + admin.show_tile = false + + [resources.apt] + packages = "libpq5" diff --git a/scripts/_common.sh b/scripts/_common.sh index e11b899..ce03ddd 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,9 +4,6 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -#REMOVEME? pkg_dependencies="libpq5" - pkg_image="vaultwarden/server" #================================================= diff --git a/scripts/backup b/scripts/backup index 6d02ff2..56012c0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -10,27 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_print_info --message="Loading installation settings..." - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= diff --git a/scripts/change_url b/scripts/change_url index e5e2fe2..828f8de 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,66 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN -#REMOVEME? old_path=$YNH_APP_OLD_PATH - -#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN -#REMOVEME? new_path=$YNH_APP_NEW_PATH - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." - -#REMOVEME? # Needed for helper "ynh_add_nginx_config" -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - -# Add settings here as needed by your application -#REMOVEME? #db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#REMOVEME? #db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) -#REMOVEME? rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) -#REMOVEME? websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. -#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -#REMOVEME? change_domain=0 -#REMOVEME? if [ "$old_domain" != "$new_domain" ] -then - #REMOVEME? change_domain=1 -fi - -#REMOVEME? change_path=0 -#REMOVEME? if [ "$old_path" != "$new_path" ] -then - #REMOVEME? change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -85,30 +25,6 @@ ynh_script_progression --message="Updating NGINX web server configuration..." ynh_change_url_nginx_config -#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified -#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper -#REMOVEME? domain="$old_domain" -#REMOVEME? path="$new_path" - # Create a dedicated NGINX config -#REMOVEME? ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location -#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" -#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location -#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - #================================================= # SPECIFIC MODIFICATIONS #================================================= @@ -135,13 +51,6 @@ ynh_script_progression --message="Starting a systemd service..." # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." - -#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index ba96d81..b7c4f4f 100644 --- a/scripts/install +++ b/scripts/install @@ -8,90 +8,27 @@ source _common.sh source ynh_docker_image_extract -source ynh_send_readme_to_admin__2 source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -#REMOVEME? domain=$YNH_APP_ARG_DOMAIN -#REMOVEME? path=$YNH_APP_ARG_PATH -#REMOVEME? is_public=$YNH_APP_ARG_IS_PUBLIC -#REMOVEME? admin=$YNH_APP_ARG_ADMIN - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - admin_mail=$(ynh_user_get_info --username=$admin --key=mail) admin_token=$(ynh_string_random --length=48 | base64) -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -#REMOVEME? ynh_script_progression --message="Validating installation parameters..." - -#REMOVEME? install_dir=/var/www/$app -#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path - #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -#REMOVEME? ynh_script_progression --message="Storing installation settings..." +ynh_script_progression --message="Storing installation settings..." -#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain -#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path -#REMOVEME? ynh_app_setting_set --app=$app --key=admin --value=$admin -#REMOVEME? ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -#REMOVEME? ynh_script_progression --message="Finding an available port..." - -# Find an available port -#REMOVEME? websocket_port=$(ynh_find_port --port=3012) -#REMOVEME? ynh_app_setting_set --app=$app --key=websocket_port --value="$websocket_port" - -# Find an available port -#REMOVEME? rocket_port=$(ynh_find_port --port=8095) -#REMOVEME? ynh_app_setting_set --app=$app --key=rocket_port --value="$rocket_port" - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Installing dependencies..." - -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring system user..." - -# Create a system user -#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" +ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." -#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir # Download, check integrity, uncompress and patch the source from app.src docker_arg="" if [ $YNH_ARCH == "armhf" ] @@ -113,22 +50,6 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC SETUP -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." - -#REMOVEME? data_dir=/home/yunohost.app/$app -#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir - -mkdir -p $data_dir - -chmod 750 "$data_dir" -chmod -R o-rwx "$data_dir" -chown -R $app:$app "$data_dir" - #================================================= # MAKE INSTALL #================================================= @@ -136,7 +57,7 @@ ynh_script_progression --message="Making install..." mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" -#REMOVEME? ynh_secure_remove --file="$install_dir/build" +ynh_secure_remove --file="$install_dir/build" chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" @@ -198,36 +119,6 @@ touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" -#================================================= -# SETUP SSOWAT -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring permissions..." - -# Make app public if necessary -#REMOVEME? if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. -#REMOVEME? ynh_permission_update --permission="main" --add="visitors" -fi - -#REMOVEME? ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" -#REMOVEME? ynh_permission_create --permission="admin" --url="/admin" --allowed="$admin" --show_tile="false" - -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# SEND A README FOR THE ADMIN -#================================================= -ynh_script_progression --message="Sending a readme for the admin..." - -ynh_send_readme_to_admin --app_message="../conf/msg_install" --recipients="$admin_mail" --type='install' - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 5b04b54..0d6e071 100644 --- a/scripts/remove +++ b/scripts/remove @@ -9,17 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - #================================================= # STANDARD REMOVE #================================================= @@ -41,25 +30,6 @@ ynh_script_progression --message="Stopping and removing the systemd service..." # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE APP MAIN DIR -#================================================= -#REMOVEME? ynh_script_progression --message="Removing app main directory..." - -# Remove the app directory securely -#REMOVEME? ynh_secure_remove --file="$install_dir" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." -#REMOVEME? ynh_secure_remove --file="$data_dir" -fi - #================================================= # REMOVE NGINX CONFIGURATION #================================================= @@ -68,14 +38,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Removing dependencies..." - -# Remove metapackage and its dependencies -#REMOVEME? ynh_remove_app_dependencies - #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= @@ -94,16 +56,6 @@ ynh_script_progression --message="Removing various files..." # Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Removing the dedicated system user..." - -# Delete a system user -#REMOVEME? ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 01f271b..5ec75a6 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,46 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." - -#REMOVEME? test ! -d $install_dir \ - || ynh_die --message="There is already a directory: $install_dir " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir - #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -57,7 +17,6 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$install_dir" -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" @@ -68,10 +27,6 @@ ynh_script_progression --message="Restoring the data directory..." ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $data_dir - -chmod 750 "$data_dir" -chmod -R o-rwx "$data_dir" chown -R $app:$app "$data_dir" #================================================= @@ -88,16 +43,6 @@ ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." - -# Define and install dependencies -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 03b0d08..82a31be 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -11,45 +11,12 @@ source ynh_docker_image_extract source ynh_handle_app_migration source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - -#REMOVEME? admin_token=$(ynh_app_setting_get --app=$app --key=admin_token) -#REMOVEME? rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) -#REMOVEME? websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) - #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -59,81 +26,6 @@ ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" -#================================================= -# HANDLE MIGRATION FROM BITWARDEN -#================================================= - -ynh_handle_app_migration --migration_id="bitwarden" --migration_list="bitwarden_migration" - -if [ $migration_process -eq 1 ] -then - # If a migration has been perform - # Reload some values changed by the migration process -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? db_name=$(ynh_app_setting_get --app=$app --key=db_name) - - # Move config file - mv $install_dir/live/bitwarden_rs.env $install_dir/live/.env - ynh_delete_file_checksum --file="/var/www/$old_app/live/bitwarden_rs.env" - ynh_store_file_checksum --file="$install_dir/live/.env" -#REMOVEME? ynh_secure_remove --file="$install_dir/live/bitwarden_rs" - - # Manage permissions -#REMOVEME? ynh_permission_update --permission="main" --add="all_users" -#REMOVEME? ynh_permission_update --permission="main" --add="visitors" - - # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) - if ynh_exec_warn_less yunohost service status $old_app >/dev/null - then - ynh_script_progression --message="Removing $old_app service integration..." - yunohost service remove $old_app - fi -fi - -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." - -# Cleaning legacy permissions -#REMOVEME? if ynh_legacy_permissions_exists; then -#REMOVEME? ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -#REMOVEME? if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions -#REMOVEME? ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --show_tile="false" -fi - -# Create a permission if needed -#REMOVEME? if ! ynh_permission_exists --permission="api"; then -#REMOVEME? ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" -fi - -# If data_dir doesn't exist, create it -if [ -z $data_dir ]; then - ynh_script_progression --message="Making sure data directory exists..." - data_dir=/home/yunohost.app/$app -#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir - mkdir -p $data_dir - rsync -arz "$install_dir/live/data/" "$data_dir/" --delete-after --remove-source-files -#REMOVEME? ynh_secure_remove --file="$install_dir/live/data" -#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" - chmod 750 "$data_dir" - chmod -R o-rwx "$data_dir" - chown -R $app:$app "$data_dir" -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -152,17 +44,9 @@ then mkdir -p "$install_dir/live/" fi -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." - -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - #================================================= # NGINX CONFIGURATION #================================================= @@ -181,9 +65,9 @@ ynh_script_progression --message="Making upgrade..." if [ "$upgrade_type" == "UPGRADE_APP" ] then mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" -#REMOVEME? ynh_secure_remove --file="$install_dir/live/web-vault/" + ynh_secure_remove --file="$install_dir/live/web-vault/" rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" -#REMOVEME? ynh_secure_remove --file="$install_dir/build" + ynh_secure_remove --file="$install_dir/build" fi chmod 750 "$install_dir" @@ -245,31 +129,6 @@ chown -R $app:$app "/var/log/$app" # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# FINISH MIGRATION PROCESS -#================================================= - -if [ $migration_process -eq 1 ] -then - ynh_script_progression --message="Bitwarden has been successfully migrated to Vaultwarden! \ -A last scheduled operation will run in a couple of minutes to finish the \ -migration in YunoHost side. Do not proceed any application operation while \ -you don't see Vaultwarden as installed." - script_post_migration=bitwarden_post_migration.sh - cp ../conf/$script_post_migration /tmp - ynh_replace_string --match_string="__OLD_APP__" --replace_string="$old_app" --target_file=/tmp/$script_post_migration - ynh_replace_string --match_string="__NEW_APP__" --replace_string="$app" --target_file=/tmp/$script_post_migration - chmod +x /tmp/$script_post_migration - (cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes) -fi - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/ynh_handle_app_migration b/scripts/ynh_handle_app_migration deleted file mode 100644 index 409cdf6..0000000 --- a/scripts/ynh_handle_app_migration +++ /dev/null @@ -1,265 +0,0 @@ -#!/bin/bash - -# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args - -# Make the main steps to migrate an app to its fork. -# -# This helper has to be used for an app which needs to migrate to a new name or a new fork -# (like owncloud to nextcloud or zerobin to privatebin). -# -# This helper will move the files of an app to its new name -# or recreate the things it can't move. -# -# To specify which files it has to move, you have to create a "migration file", stored in ../conf -# This file is a simple list of each file it has to move, -# except that file names must reference the $app variable instead of the real name of the app, -# and every instance-specific variables (like $domain). -# $app is especially important because it's this variable which will be used to identify the old place and the new one for each file. -# -# If a database exists for this app, it will be dumped and then imported in a newly created database, with a new name and new user. -# Don't forget you have to then apply these changes to application-specific settings (depends on the packaged application) -# -# Same things for an existing user, a new one will be created. -# But the old one can't be removed unless it's not used. See below. -# -# If you have some dependencies for your app, it's possible to change the fake debian package which manages them. -# You have to fill the $pkg_dependencies variable, and then a new fake package will be created and installed, -# and the old one will be removed. -# If you don't have a $pkg_dependencies variable, the helper can't know what the app dependencies are. -# -# The app settings.yml will be modified as follows: -# - finalpath will be changed according to the new name (but only if the existing $final_path contains the old app name) -# - The checksums of php-fpm and nginx config files will be updated too. -# - If there is a $db_name value, it will be changed. -# - And, of course, the ID will be changed to the new name too. -# -# Finally, the $app variable will take the value of the new name. -# The helper will set the $migration_process variable to 1 if a migration has been successfully handled. -# -# You have to handle by yourself all the migrations not done by this helper, like configuration or special values in settings.yml -# Also, at the end of the upgrade script, you have to add a post_migration script to handle all the things the helper can't do during YunoHost upgrade (mostly for permission reasons), -# especially remove the old user, move some hooks and remove the old configuration directory -# To launch this script, you have to move it elsewhere and start it after the upgrade script. -# `cp ../conf/$script_post_migration /tmp` -# `(cd /tmp; echo "/tmp/$script_post_migration" | at now + 2 minutes)` -# -# usage: ynh_handle_app_migration migration_id migration_list -# | arg: -i, --migration_id= - ID from which to migrate -# | arg: -l, --migration_list= - File specifying every file to move (one file per line) -ynh_handle_app_migration () { - # Need for end of install - ynh_package_install at - - #================================================= - # LOAD SETTINGS - #================================================= - - old_app=$YNH_APP_INSTANCE_NAME - local old_app_id=$YNH_APP_ID - local old_app_number=$YNH_APP_INSTANCE_NUMBER - - # Declare an array to define the options of this helper. - declare -Ar args_array=( [i]=migration_id= [l]=migration_list= ) - # Get the id from which to migrate - local migration_id - # And the file with the paths to move - local migration_list - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - # Get the new app id in the manifest - local new_app_id=$(grep \"id\": ../manifest.json | cut -d\" -f4) - if [ $old_app_number -eq 1 ]; then - local new_app=$new_app_id - else - local new_app=${new_app_id}__${old_app_number} - fi - - #================================================= - # CHECK IF IT HAS TO MIGRATE - #================================================= - - migration_process=0 - - if [ "$old_app_id" == "$new_app_id" ] - then - # If the 2 id are the same - # No migration to do. - echo 0 - return 0 - else - if [ "$old_app_id" != "$migration_id" ] - then - # If the new app is not the authorized id, fail. - ynh_die --message="Incompatible application for migration from $old_app_id to $new_app_id" - fi - - ynh_print_info --message="Migrate from $old_app_id to $new_app_id" >&2 - - #================================================= - # CHECK IF THE MIGRATION CAN BE DONE - #================================================= - - # TODO Handle multi instance apps... - # Check that there is not already an app installed for this id. - (yunohost app list | grep -q -w "id: $new_app") \ - && ynh_die --message="$new_app is already installed" - - #================================================= - # CHECK THE LIST OF FILES TO MOVE - #================================================= - - local temp_migration_list="$(tempfile)" - - # Build the list by removing blank lines and comment lines - sed '/^#.*\|^$/d' "../conf/$migration_list" > "$temp_migration_list" - - # Check if there is no file in the destination - local file_to_move="" - while read file_to_move - do - # Replace all occurences of $app by $new_app in each file to move. - local move_to_destination="${file_to_move//\$app/$new_app}" - test -e "$move_to_destination" && ynh_die --message="A file named $move_to_destination already exists." - done < "$temp_migration_list" - - #================================================= - # COPY YUNOHOST SETTINGS FOR THIS APP - #================================================= - - local settings_dir="/etc/yunohost/apps" - cp -a "$settings_dir/$old_app" "$settings_dir/$new_app" - cp -a ../{scripts,conf,manifest.json} "$settings_dir/$new_app" - - # Replace the old id by the new one - ynh_replace_string --match_string="\(^id: .*\)$old_app" --replace_string="\1$new_app" --target_file="$settings_dir/$new_app/settings.yml" - # INFO: There a special behavior with yunohost app setting: - # if the id given in argument does not match with the id - # stored in the config file, the config file will be purged. - # That's why we use sed instead of app setting here. - # https://github.com/YunoHost/yunohost/blob/c6b5284be8da39cf2da4e1036a730eb5e0515096/src/yunohost/app.py#L1316-L1321 - - # Change the label if it's simply the name of the app - old_label=$(ynh_app_setting_get --app=$new_app --key=label) - if [ "${old_label,,}" == "$old_app_id" ] - then - # Build the new label from the id of the app. With the first character as upper case - new_label=$(echo $new_app_id | cut -c1 | tr [:lower:] [:upper:])$(echo $new_app_id | cut -c2-) - ynh_app_setting_set --app=$new_app --key=label --value=$new_label - fi - - permissions_name=$(yunohost user permission list $old_app --short --output-as plain) - for permission_name in $permissions_name - do - yunohost tools shell -c "from yunohost.permission import permission_delete; permission_delete('$permission_name', force=True, sync_perm=False)" - done - - yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$new_app.main', url='/' , show_tile=True , sync_perm=True)" - - #================================================= - # MOVE FILES TO THE NEW DESTINATION - #================================================= - - while read file_to_move - do - # Replace all occurence of $app by $new_app in each file to move. - move_to_destination="$(eval echo "${file_to_move//\$app/$new_app}")" - local real_file_to_move="$(eval echo "${file_to_move//\$app/$old_app}")" - ynh_print_info --message="Move file $real_file_to_move to $move_to_destination" >&2 - mv "$real_file_to_move" "$move_to_destination" - done < "$temp_migration_list" - - #================================================= - # UPDATE SETTINGS KNOWN ENTRIES - #================================================= - - # Replace nginx checksum - ynh_replace_string --match_string="\(^checksum__etc_nginx.*\)_$old_app" --replace_string="\1_$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - # Replace php-fpm checksums - ynh_replace_string --match_string="\(^checksum__etc_php.*[-_]\)$old_app" --replace_string="\1$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - # Replace final_path - ynh_replace_string --match_string="\(^final_path: .*\)$old_app" --replace_string="\1$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - # Replace fail2ban_filter - ynh_replace_string --match_string="\(^checksum__etc_fail2ban_filter.*\)_$old_app" --replace_string="\1_$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - # Replace fail2ban_jail - ynh_replace_string --match_string="\(^checksum__etc_fail2ban_jail.*\)_$old_app" --replace_string="\1_$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - # Replace systemd - ynh_replace_string --match_string="\(^checksum__etc_systemd_system.*\)_$old_app" --replace_string="\1_$new_app" --target_file="$settings_dir/$new_app/settings.yml" - - #================================================= - # MOVE THE MYSQL DATABASE - #================================================= - - old_db_name=$(ynh_app_setting_get --app=$old_app --key=db_name) - - # Check if a database exists before trying to move it - if [ -n "$old_db_name" ] && mysqlshow | grep -q "^| $old_db_name" - then - old_db_user=$old_db_name - db_pwd=$(ynh_app_setting_get --app=$old_app --key=mysqlpwd) - - new_db_name=$(ynh_sanitize_dbid --db_name=$new_app) - new_db_user=$new_db_name - ynh_print_info --message="Rename the database $db_name to $new_db_name" >&2 - - local sql_dump="/tmp/${db_name}-$(date '+%s').sql" - - # Dump the old database - ynh_mysql_dump_db --database="$old_db_name" > "$sql_dump" - - # Create a new database - ynh_mysql_setup_db --db_user=$new_db_user --db_name=$new_db_name --db_pwd=$db_pwd - - # Then restore the old one into the new one - ynh_mysql_connect_as --user=$new_db_user --password=$db_pwd --database=$new_db_name < "$sql_dump" - - # Remove the old database - ynh_mysql_remove_db --db_user=$old_db_user --db_name=$old_db_name - - # And the dump - ynh_secure_remove --file="$sql_dump" - - # Update the value of $db_name - db_name=$new_db_name - db_user=$new_db_user - ynh_app_setting_set --app=$new_app --key=db_name --value=$db_name - fi - - #================================================= - # CHANGE THE FAKE DEPENDENCIES PACKAGE - #================================================= - - # Check if a variable $pkg_dependencies exists - # If this variable doesn't exist, this part shall be managed in the upgrade script. - if [ -n "${pkg_dependencies:-}" ] - then - # Define the name of the package - local old_package_name="${old_app//_/-}-ynh-deps" - local new_package_name="${new_app//_/-}-ynh-deps" - - if ynh_package_is_installed --package="$old_package_name" - then - # Install a new fake package - app=$new_app - ynh_install_app_dependencies $pkg_dependencies - # Then remove the old one - app=$old_app - ynh_remove_app_dependencies - fi - fi - - #================================================= - # UPDATE THE ID OF THE APP - #================================================= - - app=$new_app - - # Set migration_process to 1 to inform that an upgrade has been made - migration_process=1 - fi -} diff --git a/scripts/ynh_send_readme_to_admin__2 b/scripts/ynh_send_readme_to_admin__2 deleted file mode 100644 index ee571cc..0000000 --- a/scripts/ynh_send_readme_to_admin__2 +++ /dev/null @@ -1,129 +0,0 @@ -#!/bin/bash - -# Send an email to inform the administrator -# -# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type] -# | arg: -m --app_message= - The file with the content to send to the administrator. -# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root -# example: "root admin@domain" -# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you -# example: "root admin@domain user1 user2" -# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade' -# -# Requires YunoHost version 4.1.0 or higher. -ynh_send_readme_to_admin() { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= ) - local app_message - local recipients - local type - # Manage arguments with getopts - - ynh_handle_getopts_args "$@" - app_message="${app_message:-}" - recipients="${recipients:-root}" - type="${type:-install}" - - # Get the value of admin_mail_html - admin_mail_html=$(ynh_app_setting_get $app admin_mail_html) - admin_mail_html="${admin_mail_html:-0}" - - # Retrieve the email of users - find_mails () { - local list_mails="$1" - local mail - local recipients=" " - # Read each mail in argument - for mail in $list_mails - do - # Keep root or a real email address as it is - if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" - then - recipients="$recipients $mail" - else - # But replace an user name without a domain after by its email - if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) - then - recipients="$recipients $mail" - fi - fi - done - echo "$recipients" - } - recipients=$(find_mails "$recipients") - - # Subject base - local mail_subject="☁️🆈🅽🅷☁️: \`$app\`" - - # Adapt the subject according to the type of mail required. - if [ "$type" = "backup" ]; then - mail_subject="$mail_subject has just been backup." - elif [ "$type" = "change_url" ]; then - mail_subject="$mail_subject has just been moved to a new URL!" - elif [ "$type" = "remove" ]; then - mail_subject="$mail_subject has just been removed!" - elif [ "$type" = "restore" ]; then - mail_subject="$mail_subject has just been restored!" - elif [ "$type" = "upgrade" ]; then - mail_subject="$mail_subject has just been upgraded!" - else # install - mail_subject="$mail_subject has just been installed!" - fi - - ynh_add_config --template="$app_message" --destination="../conf/msg__to_send" - - ynh_delete_file_checksum --file="../conf/msg__to_send" - - local mail_message="This is an automated message from your beloved YunoHost server. - -Specific information for the application $app. - -$(cat "../conf/msg__to_send")" - - # Store the message into a file for further modifications. - echo "$mail_message" > mail_to_send - - # If a html email is required. Apply html tags to the message. - if [ "$admin_mail_html" -eq 1 ] - then - # Insert 'br' tags at each ending of lines. - ynh_replace_string "$" "
" mail_to_send - - # Insert starting HTML tags - sed --in-place '1s@^@\n\n\n\n@' mail_to_send - - # Keep tabulations - ynh_replace_string " " "\ \ " mail_to_send - ynh_replace_string "\t" "\ \ " mail_to_send - - # Insert url links tags - ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "\1" mail_to_send - - # Insert finishing HTML tags - echo -e "\n\n" >> mail_to_send - - # Otherwise, remove tags to keep a plain text. - else - # Remove URL tags - ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send - ynh_replace_string "__URL_TAG2__" ": " mail_to_send - fi - - # Define binary to use for mail command - if [ -e /usr/bin/bsd-mailx ] - then - local mail_bin=/usr/bin/bsd-mailx - else - local mail_bin=/usr/bin/mail.mailutils - fi - - if [ "$admin_mail_html" -eq 1 ] - then - content_type="text/html" - else - content_type="text/plain" - fi - - # Send the email to the recipients - cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients" -} diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..e69de29 From 43255b62500e331589af5434c85684950e31d222 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 22 Jun 2023 07:24:00 +0000 Subject: [PATCH 03/42] Auto-update README --- README.md | 23 +---------------------- README_fr.md | 23 +---------------------- 2 files changed, 2 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index 2abcf4d..ac0388b 100644 --- a/README.md +++ b/README.md @@ -26,30 +26,9 @@ Alternative implementation of the Bitwarden server API written in Rust and compa ![Screenshot of Vaultwarden](./doc/screenshots/screenshot1.png) -## Disclaimers / important information - -### Install - -This package compile Vaultwarden from sources, that can take a long time on a small computer : - -* When installing on a Raspberry Pi 3, this can take more than 1 hour. -* When installing from the webadmin, you can encounter the "504 Gateway Timeout": this is fine, just let it finish in the background. - -### Migrate from Bitwarden - -This package handle the migration from Bitwarden to Vaultwarden. -For that, you will have to upgrade your Bitwarden application with this repository. -This can only be done from the command-line interface - e.g. through SSH. -Once you're connected, you simply have to execute the following: - -```bash -sudo yunohost app upgrade bitwarden -u https://github.com/YunoHost-Apps/vaultwarden_ynh --debug -``` - -The `--debug` option will let you see the full output. If you encounter any issue, please paste it. - ## Documentation and resources +* Official app website: * Official user documentation: * Official admin documentation: * Upstream app code repository: diff --git a/README_fr.md b/README_fr.md index cc33214..e5e0d90 100644 --- a/README_fr.md +++ b/README_fr.md @@ -26,30 +26,9 @@ Alternative implementation of the Bitwarden server API written in Rust and compa ![Capture d’écran de Vaultwarden](./doc/screenshots/screenshot1.png) -## Avertissements / informations importantes - -### Install - -This package compile Vaultwarden from sources, that can take a long time on a small computer : - -* When installing on a Raspberry Pi 3, this can take more than 1 hour. -* When installing from the webadmin, you can encounter the "504 Gateway Timeout": this is fine, just let it finish in the background. - -### Migrate from Bitwarden - -This package handle the migration from Bitwarden to Vaultwarden. -For that, you will have to upgrade your Bitwarden application with this repository. -This can only be done from the command-line interface - e.g. through SSH. -Once you're connected, you simply have to execute the following: - -```bash -sudo yunohost app upgrade bitwarden -u https://github.com/YunoHost-Apps/vaultwarden_ynh --debug -``` - -The `--debug` option will let you see the full output. If you encounter any issue, please paste it. - ## Documentations et ressources +* Site officiel de l’app : * Documentation officielle utilisateur : * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : From d6045835019c58f62041021211f65f43e7da6654 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:28:10 +0200 Subject: [PATCH 04/42] v2 --- .github/workflows/updater.sh | 65 -------------------------------- .github/workflows/updater.yml | 50 ------------------------ check_process | 31 --------------- conf/msg_install | 5 --- scripts/upgrade | 1 - scripts/ynh_docker_image_extract | 2 +- tests.toml | 9 +++++ 7 files changed, 10 insertions(+), 153 deletions(-) delete mode 100644 .github/workflows/updater.sh delete mode 100644 .github/workflows/updater.yml delete mode 100644 check_process delete mode 100644 conf/msg_install diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100644 index c6c82b4..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -echo "REPO=$repo" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml deleted file mode 100644 index 08ec1b3..0000000 --- a/.github/workflows/updater.yml +++ /dev/null @@ -1,50 +0,0 @@ -# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. -# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. -# This file should be enough by itself, but feel free to tune it to your needs. -# It calls updater.sh, which is where you should put the app-specific update steps. -name: Check for new upstream releases -on: - # Allow to manually trigger the workflow - workflow_dispatch: - # Run it every day at 6:00 UTC - schedule: - - cron: '0 6 * * *' -jobs: - updater: - runs-on: ubuntu-latest - steps: - - name: Fetch the source code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Run the updater script - id: run_updater - run: | - # Setting up Git user - git config --global user.name 'yunohost-bot' - git config --global user.email 'yunohost-bot@users.noreply.github.com' - # Run the updater script - /bin/bash .github/workflows/updater.sh - - name: Commit changes - id: commit - if: ${{ env.PROCEED == 'true' }} - run: | - git commit -am "Upgrade to v$VERSION" - - name: Create Pull Request - id: cpr - if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update to version ${{ env.VERSION }} - committer: 'yunohost-bot ' - author: 'yunohost-bot ' - signoff: false - base: testing - branch: ci-auto-update-v${{ env.VERSION }} - delete-branch: true - title: 'Upgrade to version ${{ env.VERSION }}' - body: | - Upgrade to v${{ env.VERSION }} - draft: false - diff --git a/check_process b/check_process deleted file mode 100644 index 47a5527..0000000 --- a/check_process +++ /dev/null @@ -1,31 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - is_public=1 - admin="john" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - # Bitwarden 1.20.0~ynh4 - #upgrade=1 from_commit=d5e1fa7d327c55d8e5ae4c24e7c6aaac006256db - # 1.21.0~ynh1 - upgrade=1 from_commit=3f7d7d2740a1cb3f16a290b64c89e84422d06ede - # 1.21.0~ynh2 - upgrade=1 from_commit=703d5a9cb86d127c7723bb380d7c392a8eb9e703 - # 1.23.0~ynh1 - upgrade=1 from_commit=2808a3a8e985bb5431f6d8f2353b07201355afe4 - # 1.23.0~ynh3 - upgrade=1 from_commit=7492e0d21c795696f4ff44912edc199437d4bb71 - backup_restore=1 - multi_instance=1 - port_already_use=0 - change_url=1 -;;; Options -Email= -Notification=none diff --git a/conf/msg_install b/conf/msg_install deleted file mode 100644 index 2b65680..0000000 --- a/conf/msg_install +++ /dev/null @@ -1,5 +0,0 @@ -vaultwarden was successfully installed :) -Please open https://__DOMAIN____PATH__/admin -The admin token is: __ADMIN_TOKEN__ -You will be able to invite users to your vaultwarden instance. -If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/vaultwarden_ynh diff --git a/scripts/upgrade b/scripts/upgrade index 82a31be..b53427c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -8,7 +8,6 @@ source _common.sh source ynh_docker_image_extract -source ynh_handle_app_migration source /usr/share/yunohost/helpers #================================================= diff --git a/scripts/ynh_docker_image_extract b/scripts/ynh_docker_image_extract index 4c19d13..dde5ba1 100644 --- a/scripts/ynh_docker_image_extract +++ b/scripts/ynh_docker_image_extract @@ -42,7 +42,7 @@ ynh_docker_image_extract() { # Extract source into the app dir mkdir --parents "$dest_dir" - if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then + if [ -n "${install_dir:-}" ] && [ "$dest_dir" == "$install_dir" ]; then _ynh_apply_default_permissions $dest_dir fi diff --git a/tests.toml b/tests.toml index e69de29..10eed3d 100644 --- a/tests.toml +++ b/tests.toml @@ -0,0 +1,9 @@ +test_format = 1.0 + +[default] + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.8899759a3264b9200920cf5f546fc519297b78ac.name = "Upgrade from 1.28.1~ynh1" From 581c18c6ab818a8a58e886cfea78e77500cdee07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:35:40 +0200 Subject: [PATCH 05/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index a93a965..eb997ff 100644 --- a/manifest.toml +++ b/manifest.toml @@ -57,7 +57,7 @@ ram.runtime = "50M" [resources.permissions] main.url = "/" api.url = "/api" - api.additional_urls = "/identity/connect/token" + api.additional_urls = ["/identity/connect/token"] api.allowed = "visitors" api.auth_header = false api.show_tile = false From aad2b244927816eb86a1c28ef55b1e1ab7c165a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:46:29 +0200 Subject: [PATCH 06/42] Update manifest.toml --- manifest.toml | 1 - 1 file changed, 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index eb997ff..88bfab5 100644 --- a/manifest.toml +++ b/manifest.toml @@ -15,7 +15,6 @@ demo = "https://vault.bitwarden.com/#/register" admindoc = "https://github.com/dani-garcia/vaultwarden/wiki" userdoc = "https://help.bitwarden.com/" code = "https://github.com/dani-garcia/vaultwarden" -website = "https://github.com/dani-garcia/vaultwarden" [integration] yunohost = ">= 11.1.21" From d41fd64d696dcda01710061fa0ca4e48fdbd230c Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 22 Jun 2023 07:46:35 +0000 Subject: [PATCH 07/42] Auto-update README --- README.md | 1 - README_fr.md | 1 - 2 files changed, 2 deletions(-) diff --git a/README.md b/README.md index ac0388b..7e52fc8 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,6 @@ Alternative implementation of the Bitwarden server API written in Rust and compa ## Documentation and resources -* Official app website: * Official user documentation: * Official admin documentation: * Upstream app code repository: diff --git a/README_fr.md b/README_fr.md index e5e0d90..849a866 100644 --- a/README_fr.md +++ b/README_fr.md @@ -28,7 +28,6 @@ Alternative implementation of the Bitwarden server API written in Rust and compa ## Documentations et ressources -* Site officiel de l’app : * Documentation officielle utilisateur : * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : From 69664c43b8059915f092dd5c2e750a071bd7506a Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 9 Jul 2023 09:41:59 +0200 Subject: [PATCH 08/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 88bfab5..da14a47 100644 --- a/manifest.toml +++ b/manifest.toml @@ -56,7 +56,7 @@ ram.runtime = "50M" [resources.permissions] main.url = "/" api.url = "/api" - api.additional_urls = ["/identity/connect/token"] + api.additional_urls = ["/identity"] api.allowed = "visitors" api.auth_header = false api.show_tile = false From 61a292b30daa36c1bd4a93a744fcb808795d0412 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 9 Jul 2023 09:12:24 +0000 Subject: [PATCH 09/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7c7ef95..7e52fc8 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.28.1~ynh2 +**Shipped version:** 1.28.1~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 24fee9a..849a866 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Version incluse :** 1.28.1~ynh2 +**Version incluse :** 1.28.1~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 2a7a6787fa2251e00ceaba5a8e83250e3ad8c5a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 9 Jul 2023 16:09:22 +0200 Subject: [PATCH 10/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index da14a47..3e163de 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.28.1~ynh1" +version = "1.29~ynh1" maintainers = ["yalh76"] From dae4d148e6f883f32ecaf8e14595756e78c1d06d Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 9 Jul 2023 14:09:26 +0000 Subject: [PATCH 11/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7e52fc8..70c0f6e 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.28.1~ynh1 +**Shipped version:** 1.29~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 849a866..98a2d11 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Version incluse :** 1.28.1~ynh1 +**Version incluse :** 1.29~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 59e64712bea6255c49a7d241d7d707712e59ccff Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 14 Jul 2023 09:21:11 +0000 Subject: [PATCH 12/42] Auto-update README --- README.md | 2 +- README_fr.md | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 336ebe4..70c0f6e 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.0~ynh1 +**Shipped version:** 1.29~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index d025fef..98a2d11 100644 --- a/README_fr.md +++ b/README_fr.md @@ -20,7 +20,6 @@ Alternative implementation of the Bitwarden server API written in Rust and compa **Version incluse :** 1.29~ynh1 - **Démo :** https://vault.bitwarden.com/#/register ## Captures d’écran From 6c2e4e9134745dad0b296e81d20c145f4f039251 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 14 Jul 2023 13:25:47 +0200 Subject: [PATCH 13/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 3e163de..582f578 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.29~ynh1" +version = "1.29.0~ynh1" maintainers = ["yalh76"] From caf60d3700ba559d19d594efa1e16a6bd9e8225f Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 14 Jul 2023 11:25:52 +0000 Subject: [PATCH 14/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 70c0f6e..336ebe4 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29~ynh1 +**Shipped version:** 1.29.0~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 98a2d11..10cab66 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Version incluse :** 1.29~ynh1 +**Version incluse :** 1.29.0~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 6a267c2dc98e2df7def18da34a69b4f21657320e Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 14 Jul 2023 13:56:24 +0200 Subject: [PATCH 15/42] add fr --- doc/ADMIN.md | 13 ------------- doc/DESCRIPTION_fr.md | 1 + doc/POST_INSTALL_fr.md | 3 +++ 3 files changed, 4 insertions(+), 13 deletions(-) create mode 100644 doc/DESCRIPTION_fr.md create mode 100644 doc/POST_INSTALL_fr.md diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 8988681..265c050 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -4,16 +4,3 @@ This package compile Vaultwarden from sources, that can take a long time on a sm * When installing on a Raspberry Pi 3, this can take more than 1 hour. * When installing from the webadmin, you can encounter the "504 Gateway Timeout": this is fine, just let it finish in the background. - -### Migrate from Bitwarden - -This package handle the migration from Bitwarden to Vaultwarden. -For that, you will have to upgrade your Bitwarden application with this repository. -This can only be done from the command-line interface - e.g. through SSH. -Once you're connected, you simply have to execute the following: - -```bash -sudo yunohost app upgrade bitwarden -u https://github.com/YunoHost-Apps/vaultwarden_ynh --debug -``` - -The `--debug` option will let you see the full output. If you encounter any issue, please paste it. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..82d5f5d --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. \ No newline at end of file diff --git a/doc/POST_INSTALL_fr.md b/doc/POST_INSTALL_fr.md new file mode 100644 index 0000000..0703455 --- /dev/null +++ b/doc/POST_INSTALL_fr.md @@ -0,0 +1,3 @@ +Veuillez ouvrir https://__DOMAIN____PATH__/admin +Le jeton d'administration est : __ADMIN_TOKEN__ +Vous pourrez inviter des utilisateurs dans votre instance de Vaultwarden. \ No newline at end of file From a8552f1bacb98e5a5113b1e9765022fdb3848f91 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 14 Jul 2023 11:56:37 +0000 Subject: [PATCH 16/42] Auto-update README --- README_fr.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README_fr.md b/README_fr.md index 10cab66..4c6b404 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,7 +16,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po ## Vue d’ensemble -Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. +Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. **Version incluse :** 1.29.0~ynh1 From 13cd57f9c0ff5ead0c124a807e7d2f13720ffe79 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 1 Sep 2023 21:10:47 +0000 Subject: [PATCH 17/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6e5252b..336ebe4 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.1~ynh1 +**Shipped version:** 1.29.0~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 9bb293e..4c6b404 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. -**Version incluse :** 1.29.1~ynh1 +**Version incluse :** 1.29.0~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 2b59c823dc2a2938e304391873cd6a780a80e575 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 1 Sep 2023 23:11:33 +0200 Subject: [PATCH 18/42] Update manifest.toml --- manifest.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index 582f578..bd40846 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.29.0~ynh1" +version = "1.29.2~ynh1" maintainers = ["yalh76"] @@ -17,7 +17,7 @@ userdoc = "https://help.bitwarden.com/" code = "https://github.com/dani-garcia/vaultwarden" [integration] -yunohost = ">= 11.1.21" +yunohost = ">= 11.2" architectures = "all" multi_instance = true ldap = false From 5e5556f60b5aa62cce89463985f2bb38e33b69ef Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 1 Sep 2023 21:11:43 +0000 Subject: [PATCH 19/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 336ebe4..a2cf771 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.0~ynh1 +**Shipped version:** 1.29.2~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 4c6b404..124b86d 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. -**Version incluse :** 1.29.0~ynh1 +**Version incluse :** 1.29.2~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 57dbfd11276ed20120e53a75fddc621738301b5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 9 Sep 2023 15:59:23 +0200 Subject: [PATCH 20/42] cleaning --- doc/{ADMIN.md => PRE_INSTALL.md} | 2 -- doc/PRE_INSTALL_fr.md | 4 ++++ 2 files changed, 4 insertions(+), 2 deletions(-) rename doc/{ADMIN.md => PRE_INSTALL.md} (95%) create mode 100644 doc/PRE_INSTALL_fr.md diff --git a/doc/ADMIN.md b/doc/PRE_INSTALL.md similarity index 95% rename from doc/ADMIN.md rename to doc/PRE_INSTALL.md index 265c050..ca6a44c 100644 --- a/doc/ADMIN.md +++ b/doc/PRE_INSTALL.md @@ -1,5 +1,3 @@ -### Install - This package compile Vaultwarden from sources, that can take a long time on a small computer : * When installing on a Raspberry Pi 3, this can take more than 1 hour. diff --git a/doc/PRE_INSTALL_fr.md b/doc/PRE_INSTALL_fr.md new file mode 100644 index 0000000..2242975 --- /dev/null +++ b/doc/PRE_INSTALL_fr.md @@ -0,0 +1,4 @@ +Ce package compile Vaultwarden à partir des sources, ce qui peut prendre beaucoup de temps sur un petit ordinateur : + +* Lors de l'installation sur un Raspberry Pi 3, cela peut prendre plus d'une heure. +* Lors de l'installation depuis l'administrateur Web, vous pouvez rencontrer le "504 Gateway Timeout" : c'est très bien, laissez-le simplement se terminer en arrière-plan. \ No newline at end of file From 657f09cb9a2c0da19a92d3e5c6c93db5b642ec08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 13:59:51 +0200 Subject: [PATCH 21/42] fix --- conf/nginx.conf | 3 --- scripts/install | 39 +++++++++++---------------------------- 2 files changed, 11 insertions(+), 31 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 4c1afff..b3a299b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -12,9 +12,6 @@ location __PATH__/ { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://127.0.0.1:__PORT_ROCKET__; - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; } location __INSTALL_DIR__/notifications/hub { diff --git a/scripts/install b/scripts/install index b7c4f4f..ab1a853 100644 --- a/scripts/install +++ b/scripts/install @@ -50,6 +50,17 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config +# Create a dedicated systemd config +ynh_add_systemd_config + +# Use logrotate to manage application logfile(s) +mkdir -p "/var/log/$app" +chown -R $app:$app "/var/log/$app" + +ynh_use_logrotate + +yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" + #================================================= # MAKE INSTALL #================================================= @@ -59,7 +70,6 @@ mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" ynh_secure_remove --file="$install_dir/build" -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" @@ -73,33 +83,6 @@ ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/ chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring a systemd service..." - -# Create a dedicated systemd config -ynh_add_systemd_config - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." - -# Use logrotate to manage application logfile(s) -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" -ynh_use_logrotate - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" - #================================================= # START SYSTEMD SERVICE #================================================= From bf9ba343309f3587ac6dc9f270e51ee09ead3e77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 14:21:14 +0200 Subject: [PATCH 22/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index bd40846..9455477 100644 --- a/manifest.toml +++ b/manifest.toml @@ -66,4 +66,4 @@ ram.runtime = "50M" admin.show_tile = false [resources.apt] - packages = "libpq5" + packages = "libpq5 rsync" From cc7425ec262d4e582ba594d66acb807648659707 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 14:28:25 +0200 Subject: [PATCH 23/42] Update install --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index ab1a853..01e6261 100644 --- a/scripts/install +++ b/scripts/install @@ -100,7 +100,7 @@ ynh_script_progression --message="Configuring Fail2Ban..." mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" +ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" #================================================= # END OF SCRIPT From bad0ac4dbc822f8e67d6eaea5091b71b42dfb348 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 14:39:06 +0200 Subject: [PATCH 24/42] fix --- conf/vaultwarden.env | 2 +- scripts/install | 18 +++++++--------- scripts/remove | 25 +++------------------- scripts/restore | 49 ++++++++++---------------------------------- scripts/upgrade | 39 ++++++++--------------------------- 5 files changed, 31 insertions(+), 102 deletions(-) diff --git a/conf/vaultwarden.env b/conf/vaultwarden.env index b2158c2..ae0aa40 100644 --- a/conf/vaultwarden.env +++ b/conf/vaultwarden.env @@ -23,7 +23,7 @@ DATA_FOLDER=__DATA_DIR__ ## Details: ## - https://docs.diesel.rs/diesel/pg/struct.PgConnection.html ## - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING -# DATABASE_URL=postgresql://user:password@host[:port]/database_name +# DATABASE_URL=postgresql://__DB_USER:__DB_PWD__@host[:port]/__DB_NAME__ ## Database max connections ## Define the size of the connection pool used for connecting to the database. diff --git a/scripts/install b/scripts/install index 01e6261..c4cb003 100644 --- a/scripts/install +++ b/scripts/install @@ -59,6 +59,13 @@ chown -R $app:$app "/var/log/$app" ynh_use_logrotate +# Create a dedicated Fail2Ban config +mkdir -p "/var/log/$app" +touch "/var/log/$app/$app.log" +chown -R $app:$app "/var/log/$app" + +ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" + yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= @@ -91,17 +98,6 @@ ynh_script_progression --message="Starting a systemd service..." # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." - -# Create a dedicated Fail2Ban config -mkdir -p "/var/log/$app" -touch "/var/log/$app/$app.log" -chown -R $app:$app "/var/log/$app" -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 0d6e071..a0047d1 100644 --- a/scripts/remove +++ b/scripts/remove @@ -22,40 +22,21 @@ then yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." - # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." - # Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." - # Remove the log files ynh_secure_remove --file="/var/log/$app" +# Remove the config file +ynh_secure_remove --file="/$data_dir/config.json" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 5ec75a6..c71a448 100644 --- a/scripts/restore +++ b/scripts/restore @@ -30,9 +30,18 @@ ynh_restore_file --origin_path="$data_dir" --not_mandatory chown -R $app:$app "$data_dir" #================================================= -# RESTORE FAIL2BAN CONFIGURATION +# RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service --quiet + +mkdir -p "/var/log/$app" +chown -R $app:$app "/var/log/$app" +ynh_restore_file --origin_path="/etc/logrotate.d/$app" # Create a dedicated Fail2Ban config mkdir -p "/var/log/$app" @@ -43,35 +52,6 @@ ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." - -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable $app.service --quiet - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." - -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= @@ -81,13 +61,6 @@ ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index b53427c..f3a301e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -46,14 +46,6 @@ fi chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC UPGRADE #================================================= @@ -88,25 +80,23 @@ chown $app:$app "$install_dir/live/.env" #================================================= ynh_script_progression --message="Upgrading systemd configuration..." +# Create a dedicated NGINX config +ynh_add_nginx_config + # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." - mkdir -p "/var/log/$app" chown -R $app:$app "/var/log/$app" # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." +mkdir -p "/var/log/$app" +touch "/var/log/$app/$app.log" +chown -R $app:$app "/var/log/$app" + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" @@ -117,17 +107,6 @@ ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." - -mkdir -p "/var/log/$app" -touch "/var/log/$app/$app.log" -chown -R $app:$app "/var/log/$app" -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" - #================================================= # END OF SCRIPT #================================================= From 8a27858559bc8adc1553203a4ece23264d5cf864 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 14:56:03 +0200 Subject: [PATCH 25/42] fix --- manifest.toml | 2 +- scripts/upgrade | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index 9455477..2324091 100644 --- a/manifest.toml +++ b/manifest.toml @@ -66,4 +66,4 @@ ram.runtime = "50M" admin.show_tile = false [resources.apt] - packages = "libpq5 rsync" + packages = "libpq5, rsync" diff --git a/scripts/upgrade b/scripts/upgrade index f3a301e..5f83157 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -96,7 +96,7 @@ touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" +ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" From 127170c68320c17f080f60e8c3facb60ccbcf8ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 15:22:37 +0200 Subject: [PATCH 26/42] Update vaultwarden.env --- conf/vaultwarden.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/vaultwarden.env b/conf/vaultwarden.env index ae0aa40..b2158c2 100644 --- a/conf/vaultwarden.env +++ b/conf/vaultwarden.env @@ -23,7 +23,7 @@ DATA_FOLDER=__DATA_DIR__ ## Details: ## - https://docs.diesel.rs/diesel/pg/struct.PgConnection.html ## - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING -# DATABASE_URL=postgresql://__DB_USER:__DB_PWD__@host[:port]/__DB_NAME__ +# DATABASE_URL=postgresql://user:password@host[:port]/database_name ## Database max connections ## Define the size of the connection pool used for connecting to the database. From 86c9f73242d506184bf25a1d84c7911dddcd41b7 Mon Sep 17 00:00:00 2001 From: eric_G <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 15:25:01 +0200 Subject: [PATCH 27/42] Update manifest.toml Co-authored-by: Alexandre Aubin --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 2324091..2eda7b2 100644 --- a/manifest.toml +++ b/manifest.toml @@ -66,4 +66,4 @@ ram.runtime = "50M" admin.show_tile = false [resources.apt] - packages = "libpq5, rsync" + packages = "libpq5, rsync, libssl3" From bd92f4a3cc2ec8ba87ddb40a46dc1135e76fd9c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 15:29:47 +0200 Subject: [PATCH 28/42] cleaning --- scripts/install | 4 ++-- scripts/remove | 5 +++-- scripts/restore | 6 ++++-- scripts/upgrade | 4 ++-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/scripts/install b/scripts/install index c4cb003..33d52f3 100644 --- a/scripts/install +++ b/scripts/install @@ -43,9 +43,9 @@ chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" #================================================= -# NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config diff --git a/scripts/remove b/scripts/remove index a0047d1..dd265e4 100644 --- a/scripts/remove +++ b/scripts/remove @@ -10,10 +10,11 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# STANDARD REMOVE +# REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEMD SERVICE #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null diff --git a/scripts/restore b/scripts/restore index c71a448..561981d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -30,9 +30,11 @@ ynh_restore_file --origin_path="$data_dir" --not_mandatory chown -R $app:$app "$data_dir" #================================================= -# RESTORE THE NGINX CONFIGURATION +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." +# RESTORE THE PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" diff --git a/scripts/upgrade b/scripts/upgrade index 5f83157..bcace32 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -76,9 +76,9 @@ chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" #================================================= -# SETUP SYSTEMD +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config From 4b474cc80a01b62c5f22cfd7bd15a3956eb110f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 15 Sep 2023 16:42:57 +0200 Subject: [PATCH 29/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 2eda7b2..0cd0562 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.29.2~ynh1" +version = "1.29.1~ynh1" maintainers = ["yalh76"] From 8146ff6b874d21785dbdd7bd1fbadc6877f7b3ec Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 15 Sep 2023 14:43:02 +0000 Subject: [PATCH 30/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a2cf771..6e5252b 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.2~ynh1 +**Shipped version:** 1.29.1~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 124b86d..9bb293e 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. -**Version incluse :** 1.29.2~ynh1 +**Version incluse :** 1.29.1~ynh1 **Démo :** https://vault.bitwarden.com/#/register From bf8aa596901eaa8862d2a18cc2504c4d52080063 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 Sep 2023 17:24:53 +0200 Subject: [PATCH 31/42] manifest: remove libssl3 dependency which doesnt fix the issue it's meant to fix --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 0cd0562..56161c4 100644 --- a/manifest.toml +++ b/manifest.toml @@ -66,4 +66,4 @@ ram.runtime = "50M" admin.show_tile = false [resources.apt] - packages = "libpq5, rsync, libssl3" + packages = "libpq5, rsync" From cedd2174536debbfd4fd40f56ca54d15c8a77718 Mon Sep 17 00:00:00 2001 From: eric_G <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 15 Oct 2023 19:19:12 +0200 Subject: [PATCH 32/42] Update doc/PRE_INSTALL.md Co-authored-by: Salamandar <6552989+Salamandar@users.noreply.github.com> --- doc/PRE_INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/PRE_INSTALL.md b/doc/PRE_INSTALL.md index ca6a44c..861e397 100644 --- a/doc/PRE_INSTALL.md +++ b/doc/PRE_INSTALL.md @@ -1,4 +1,4 @@ -This package compile Vaultwarden from sources, that can take a long time on a small computer : +This package compiles Vaultwarden from sources, that can take a long time on a small computer : * When installing on a Raspberry Pi 3, this can take more than 1 hour. * When installing from the webadmin, you can encounter the "504 Gateway Timeout": this is fine, just let it finish in the background. From 1915cd80cad1ef632775520e3d49cedc41832875 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 15 Oct 2023 17:19:17 +0000 Subject: [PATCH 33/42] Auto-update README --- README.md | 1 - README_fr.md | 1 - 2 files changed, 2 deletions(-) diff --git a/README.md b/README.md index 6e5252b..7b16491 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,6 @@ Alternative implementation of the Bitwarden server API written in Rust and compa * Official user documentation: * Official admin documentation: * Upstream app code repository: -* YunoHost documentation for this app: * Report a bug: ## Developer info diff --git a/README_fr.md b/README_fr.md index 9bb293e..4dd7e24 100644 --- a/README_fr.md +++ b/README_fr.md @@ -31,7 +31,6 @@ Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et com * Documentation officielle utilisateur : * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : -* Documentation YunoHost pour cette app : * Signaler un bug : ## Informations pour les développeurs From ea8837a2d419997f7c2d1a647804c2fabf492900 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 17 Oct 2023 19:52:01 +0200 Subject: [PATCH 34/42] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 56161c4..2324091 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.29.1~ynh1" +version = "1.29.2~ynh1" maintainers = ["yalh76"] From 8bef03359eb0621698627f1dbe8c45aced0ba64a Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 17 Oct 2023 17:52:06 +0000 Subject: [PATCH 35/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7b16491..877c42f 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.1~ynh1 +**Shipped version:** 1.29.2~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index 4dd7e24..cba50fb 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. -**Version incluse :** 1.29.1~ynh1 +**Version incluse :** 1.29.2~ynh1 **Démo :** https://vault.bitwarden.com/#/register From e8a42ee2c0d40818c31d84858a61e27ec972f37c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 17 Oct 2023 19:53:32 +0200 Subject: [PATCH 36/42] Revert "Update manifest.toml" This reverts commit ea8837a2d419997f7c2d1a647804c2fabf492900. --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 2324091..56161c4 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Vaultwarden" description.en = "Manage passwords and other sensitive informations" description.fr = "Gérez les mots de passe et autres informations sensibles" -version = "1.29.2~ynh1" +version = "1.29.1~ynh1" maintainers = ["yalh76"] From d3cabc11b5a45b7fecff008f6a5e928ffd94df72 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 17 Oct 2023 17:53:44 +0000 Subject: [PATCH 37/42] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 877c42f..7b16491 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. -**Shipped version:** 1.29.2~ynh1 +**Shipped version:** 1.29.1~ynh1 **Demo:** https://vault.bitwarden.com/#/register diff --git a/README_fr.md b/README_fr.md index cba50fb..4dd7e24 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Implémentation alternative de l'API du serveur Bitwarden écrite en Rust et compatible avec les clients Bitwarden en amont*, parfaite pour un déploiement auto-hébergé où l'exécution du service officiel gourmand en ressources n'est peut-être pas idéale. -**Version incluse :** 1.29.2~ynh1 +**Version incluse :** 1.29.1~ynh1 **Démo :** https://vault.bitwarden.com/#/register From 081e3c7faebc7c4140b2ab5c65eab92bbc72a1b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 22 Oct 2023 18:47:52 +0200 Subject: [PATCH 38/42] Update vaultwarden.env --- conf/vaultwarden.env | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/vaultwarden.env b/conf/vaultwarden.env index b2158c2..b19ea8d 100644 --- a/conf/vaultwarden.env +++ b/conf/vaultwarden.env @@ -349,8 +349,8 @@ SMTP_FROM=vaultwarden-rs@__DOMAIN__ SMTP_FROM_NAME=Vaultwarden SMTP_SECURITY=off SMTP_PORT=25 -# SMTP_USERNAME=username -# SMTP_PASSWORD=password +SMTP_USERNAME=__APP__ +SMTP_PASSWORD=__MAIL_PWD__ # SMTP_TIMEOUT=15 ## Defaults for SSL is "Plain" and "Login" and nothing for Non-SSL connections. From bd8eabafcf10b63b86f7ddbba05ac01865aac11c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 22 Oct 2023 18:48:45 +0200 Subject: [PATCH 39/42] Update manifest.toml --- manifest.toml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/manifest.toml b/manifest.toml index 56161c4..32ade47 100644 --- a/manifest.toml +++ b/manifest.toml @@ -43,16 +43,17 @@ ram.runtime = "50M" [resources] - [resources.ports] - websocket.default = 3012 - rocket.default = 8095 - [resources.system_user] + allow_email = true [resources.install_dir] [resources.data_dir] + [resources.ports] + websocket.default = 3012 + rocket.default = 8095 + [resources.permissions] main.url = "/" api.url = "/api" From 8c6f0e487f20c22eb348a01deb8faa156ec910f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 22 Oct 2023 18:52:48 +0200 Subject: [PATCH 40/42] cleaning --- scripts/change_url | 13 ++++++++----- scripts/install | 2 +- scripts/upgrade | 2 +- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index 828f8de..e0776dd 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -16,7 +16,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped vaultwarden Server" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped vaultwarden Server" #================================================= # MODIFY URL IN NGINX CONF @@ -32,14 +32,17 @@ ynh_change_url_nginx_config #================================================= ynh_script_progression --message="Modifying a config file..." -config="$install_dir/live/.env" +ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" -ynh_backup_if_checksum_is_different --file="$config" +chmod 400 "$install_dir/live/.env" +chown $app:$app "$install_dir/live/.env" -ynh_replace_string --match_string="DOMAIN=https://$old_domain$old_path" --replace_string="DOMAIN=https://$new_domain$new_path" --target_file="$config" +#ynh_backup_if_checksum_is_different --file="$install_dir/live/.env" + +#ynh_replace_string --match_string="DOMAIN=https://$old_domain$old_path" --replace_string="DOMAIN=https://$new_domain$new_path" --target_file="$install_dir/live/.env" # Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$config" +#ynh_store_file_checksum --file="$install_dir/live/.env" #================================================= # GENERIC FINALISATION diff --git a/scripts/install b/scripts/install index 33d52f3..0dcd2ab 100644 --- a/scripts/install +++ b/scripts/install @@ -85,7 +85,7 @@ chown -R $app:$app "$install_dir" #================================================= ynh_script_progression --message="Adding a configuration file..." -ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" +ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" diff --git a/scripts/upgrade b/scripts/upgrade index bcace32..916e740 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -70,7 +70,7 @@ chown -R $app:$app "$install_dir" #================================================= ynh_script_progression --message="Updating a configuration file..." -ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" +ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" From 6ba4da85d4fe393aa0719b84db9f9c1fe8974512 Mon Sep 17 00:00:00 2001 From: eric_G <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 24 Oct 2023 11:23:56 +0200 Subject: [PATCH 41/42] Update scripts/change_url Co-authored-by: Salamandar <6552989+Salamandar@users.noreply.github.com> --- scripts/change_url | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index e0776dd..3b13aa4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -16,7 +16,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped vaultwarden Server" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped Vaultwarden Server" #================================================= # MODIFY URL IN NGINX CONF From 3c991c7044b91a5054c11b89b7cc4c7dc25cd57d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 24 Oct 2023 11:25:44 +0200 Subject: [PATCH 42/42] Update change_url --- scripts/change_url | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index 3b13aa4..c5f3d2d 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -16,7 +16,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped Vaultwarden Server" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # MODIFY URL IN NGINX CONF