#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source ynh_docker_image_extract source /usr/share/yunohost/helpers #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= admin_mail=$(ynh_user_get_info --username=$admin --key=mail) admin_token=$(ynh_string_random --length=48 | base64) #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." # Download, check integrity, uncompress and patch the source from app.src docker_arg="" if [ $YNH_ARCH == "armhf" ] then docker_arg="--os_arch_variant=linux/arm/v7" fi ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg mkdir -p "$install_dir/live/" chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # MAKE INSTALL #================================================= ynh_script_progression --message="Making install..." mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" ynh_secure_remove --file="$install_dir/build" chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" #================================================= # ADD A CONFIGURATION #================================================= ynh_script_progression --message="Adding a configuration file..." ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Configuring log rotation..." # Use logrotate to manage application logfile(s) mkdir -p "/var/log/$app" chown -R $app:$app "/var/log/$app" ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 #================================================= # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Configuring Fail2Ban..." # Create a dedicated Fail2Ban config mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed"