Server script addtion and update of vaultwarden script

2024-08-16 15:40:11 -07:00 · 2024-08-16 15:40:11 -07:00 · 38e5391c51
commit 38e5391c51
parent 8f42ce4425
3 changed files with 774 additions and 132 deletions
--- a/Scripts/serversetup.sh
+++ b/Scripts/serversetup.sh
@ -0,0 +1,605 @@
 #!/bin/bash
 # Function to check and modify sources.list files
 check_and_modify_sources() {
    local file="$1"
    if [ -f "$file" ]; then
        if grep -q "^deb cdrom:" "$file" || grep -q "^deb \[arch=" "$file"; then
            print_color "yellow" "CD-ROM or DVD entries found in $file. Commenting them out..."
            sed -i '/^deb cdrom:/s/^/# /' "$file"
            sed -i '/^deb \[arch=/s/^/# /' "$file"
            print_color "green" "CD-ROM and DVD entries in $file have been commented out."
        else
            print_color "green" "No CD-ROM or DVD entries found in $file."
        fi
    fi
 }
 display_ascii_art() {
    local art="$1"
    echo "$art"
 }
 # Function to center text
 center_text() {
    local text="$1"
    local width
    width=$(tput cols) || return
    local padding=$(( (width - ${#text}) / 2 ))
    printf "%${padding}s%s\n" '' "$text"
 }
 # Function to print colored output
 print_color() {
    case $1 in
    "green") echo -e "\e[32m$2\e[0m" ;;
    "red") echo -e "\e[31m$2\e[0m" ;;
    "yellow") echo -e "\e[33m$2\e[0m" ;;
    esac
    sleep 0.1
 }
 # Function to prompt user for yes/no input
 prompt_yes_no() {
    while true; do
        read -r -p "$1 (y/n): " yn
        case $yn in
            [Yy]*) return 0 ;;
            [Nn]*) return 1 ;;
            *) echo "Please answer yes or no." ;;
        esac
    done
 }
 # Function to show progress
 show_progress() {
    local pid=$1
    local delay=0.1
    local spinstr='⠋⠙⠹⠸⠼⠴⠦⠧⠇⠏'
    local start_time=$(date +%s)
    printf "  "
    while ps -p "$pid" > /dev/null 2>&1; do
        local temp=${spinstr#?}
        printf "\r[%c] " "$spinstr"
        local spinstr=$temp${spinstr%"$temp"}
        sleep $delay
        local current_time=$(date +%s)
        local elapsed=$((current_time - start_time))
        printf "%02d:%02d" $((elapsed / 60)) $((elapsed % 60))
    done
    printf "\r[✓] Done!     \n"
 }
 #force scroll for after neoss install no idea why it hangs.
 force_scroll() {
    local lines=${1:-10}
    for i in $(seq 1 $lines); do
        echo
        sleep 0.1
    done
 }
 # Complex ASCII art
 complex_ascii_art=$(cat <<EOF
   ███████╗ ██████╗ ██╗   ██╗██████╗  █████╗ ███╗   ██╗    ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗     ██████╗  █████╗  ██████╗██╗  ██╗
   ██╔════╝██╔═══██╗██║   ██║██╔══██╗██╔══██╗████╗  ██║    ██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗    ██╔══██╗██╔══██╗██╔════╝██║ ██╔╝
   ███████╗██║   ██║██║   ██║██████╔╝███████║██╔██╗ ██║    ███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝    ██████╔╝███████║██║     █████╔╝ 
   ╚════██║██║   ██║╚██╗ ██╔╝██╔══██╗██╔══██║██║╚██╗██║    ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗    ██╔═══╝ ██╔══██║██║     ██╔═██╗ 
   ███████║╚██████╔╝ ╚████╔╝ ██║  ██║██║  ██║██║ ╚████║    ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║    ██║     ██║  ██║╚██████╗██║  ██╗
   ╚══════╝ ╚═════╝   ╚═══╝  ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝    ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝    ╚═╝     ╚═╝  ╚═╝ ╚═════╝╚═╝  ╚═╝
 EOF
 )
 # Simple ASCII art
 simple_ascii_art=$(cat <<'EOF'
   ____                         ____                       ___           __  
  / __/__ _  _________ ____    / __/__ _____  _____ ____  / _ \___ _____/ /__
 _\ \/ _ \ |/ / __/ _ `/ _ \  _\ \/ -_) __/ |/ / -_) __/ / ___/ _ `/ __/  '_/
 /___/\___/___/_/  \_,_/_//_/ /___/\__/_/  |___/\__/_/   /_/   \_,_/\__/_/\_\ 
 EOF
 )
 #-------------
 # Main Script
 #-------------
 # Check if script is run as root
 if [[ $EUID -ne 0 ]]; then
    print_color "red" "This script must be run as root"
    exit 1
 fi
 if [ "$1" = "simple" ] || [ "$USE_SIMPLE_ART" = "true" ]; then
    selected_art="$simple_ascii_art"
 else
    # Check terminal width
    if [ "$(tput cols)" -ge 100 ]; then
        selected_art="$complex_ascii_art"
    else
        selected_art="$simple_ascii_art"
    fi
 fi
 clear
 echo
 display_ascii_art "$selected_art"
 echo
 center_text "Created by Enki"
 center_text "Thanks for using this server setup script"
 center_text "This script will walk you through some basic server setup and configuration."
 echo
 print_color "green" "Starting server setup..."
 sleep 5
 #--------------------
 # Update and upgrade
 #--------------------
 print_color "yellow" "Checking and updating package sources..."
 # Check main sources.list and all files in sources.list.d
 check_and_modify_sources "/etc/apt/sources.list"
 for file in /etc/apt/sources.list.d/*.list; do
    check_and_modify_sources "$file"
 done
 # Ensure that at least one valid source is present
 if ! grep -qE '^deb ' /etc/apt/sources.list /etc/apt/sources.list.d/*.list 2>/dev/null; then
    print_color "yellow" "No active package sources found. Adding a default source..."
    echo "deb http://deb.debian.org/debian $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list
 fi
 print_color "yellow" "Updating system..."
 apt update > /tmp/apt_update.log 2>&1 &
 update_pid=$!
 show_progress $update_pid
 wait $update_pid
 update_status=$?
 if [ $update_status -eq 0 ]; then
    print_color "green" "Update completed successfully."
 else
    print_color "red" "Failed to update package lists. Here's the detailed error:"
    cat /tmp/apt_update.log
    exit 1
 fi
 print_color "yellow" "Upgrading system..."
 DEBIAN_FRONTEND=noninteractive apt upgrade -y > /tmp/apt_upgrade.log 2>&1 &
 upgrade_pid=$!
 show_progress $upgrade_pid
 wait $upgrade_pid
 upgrade_status=$?
 if [ $upgrade_status -eq 0 ]; then
    print_color "green" "Upgrade completed successfully."
 else
    print_color "red" "Failed to upgrade packages. Here's the detailed error:"
    cat /tmp/apt_upgrade.log
    exit 1
 fi
 #---------------------
 # Installs Basic Tools 
 #---------------------
 essential_packages=("sudo" "net-tools" "wget" "curl" "git")
 missing_packages=()
 for package in "${essential_packages[@]}"; do
    if ! command -v "$package" &>/dev/null; then
        missing_packages+=("$package")
    fi
 done
 if [ ${#missing_packages[@]} -ne 0 ]; then
    print_color "yellow" "Installing missing basic packages: ${missing_packages[*]}"
    (apt install -y "${missing_packages[@]}" >/dev/null 2>&1) &
    show_progress $!
    print_color "green" "Basic packages installed."
 else
    print_color "green" "All essential packages are already installed."
 fi
 # Ensure sudo is configured correctly
 if ! grep -q "^%sudo" /etc/sudoers; then
    print_color "yellow" "Configuring sudo..."
    echo "%sudo ALL=(ALL:ALL) ALL" >>/etc/sudoers
    print_color "green" "Sudo configured."
 fi
 #----------------------
 # Set up non-root user
 #----------------------
 if prompt_yes_no "Do you want to set up a new non-root user?"; then
    read -r -p "Enter new username: " new_user
    sudo adduser "$new_user"
    sudo usermod -aG sudo "$new_user"
    print_color "green" "User $new_user has been created and added to sudo group"
 fi
 #---------------
 # SSH hardening
 #---------------
 ssh_hardened=false
 new_ssh_port=""
 if prompt_yes_no "Do you want to harden SSH?"; then
    print_color "yellow" "Configuring SSH..."
    # Backup original sshd_config
    sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
    # Change SSH port
    while true; do
        read -r -p "Enter new SSH port (default: 2222): " ssh_port
        ssh_port=${ssh_port:-2222}
        if [[ "$ssh_port" =~ ^[0-9]+$ ]] && [ "$ssh_port" -ge 1024 ] && [ "$ssh_port" -le 65535 ]; then
            break
        else
            print_color "red" "Invalid port number. Please enter a number between 1024 and 65535."
        fi
    done
    # Apply SSH hardening configurations
    sudo sed -i "s/^#Port 22/Port $ssh_port/" /etc/ssh/sshd_config
    sudo sed -i 's/^#PermitRootLogin .*/PermitRootLogin no/' /etc/ssh/sshd_config
    sudo sed -i 's/^#PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config
    sudo sed -i 's/^#PubkeyAuthentication .*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
    # Allow only the new user (assuming $new_user is set earlier in the script)
    echo "AllowUsers $new_user" | sudo tee -a /etc/ssh/sshd_config > /dev/null
    print_color "yellow" "New SSH configuration:"
    print_color "yellow" "Port: $ssh_port"
    print_color "yellow" "Root login disabled"
    print_color "yellow" "Password authentication disabled"
    print_color "yellow" "Only user $new_user is allowed to login"
    # Test the new configuration
    if sudo sshd -t -f /etc/ssh/sshd_config; then
        print_color "green" "SSH configuration test passed."
        # Restart SSH service
        if sudo systemctl is-active --quiet ssh; then
            sudo systemctl restart ssh
            print_color "green" "SSH service restarted."
        else
            print_color "yellow" "SSH service not found. You may need to restart it manually."
        fi
        print_color "green" "SSH has been hardened. Check the end of the script for instructions on setting up an SSH key and logging in."
        ssh_hardened=true
        new_ssh_port=$ssh_port
    else
        print_color "red" "SSH configuration test failed. Reverting changes..."
        sudo mv /etc/ssh/sshd_config.bak /etc/ssh/sshd_config
        print_color "yellow" "Please check your SSH configuration manually"
    fi
 else
    print_color "yellow" "Skipping SSH hardening."
 fi
 sleep 5
 #-------------
 # UFW setup
 #-------------
 if prompt_yes_no "Do you want to install and configure UFW?"; then
    print_color "yellow" "Installing and configuring UFW..."
    (apt install ufw -y >/dev/null 2>&1) &
    show_progress $!
    ufw default deny incoming >/dev/null 2>&1
    ufw default allow outgoing >/dev/null 2>&1
    ufw allow "$ssh_port"/tcp >/dev/null 2>&1
    ufw allow 80/tcp >/dev/null 2>&1
    ufw allow 443/tcp >/dev/null 2>&1
    echo "y" | ufw enable >/dev/null 2>&1
    print_color "green" "UFW has been installed and configured"
 fi
 #---------------
 # Fail2Ban setup
 #---------------
 if prompt_yes_no "Do you want to install and configure Fail2Ban?"; then
    print_color "yellow" "Installing and configuring Fail2Ban..."
    (apt install fail2ban -y >/dev/null 2>&1) &
    show_progress $!
    # Create a custom jail configuration
    cat <<EOF >/etc/fail2ban/jail.local
 [DEFAULT]
 bantime  = 10m
 findtime  = 10m
 maxretry = 5
 # Avoid banning local network
 ignoreip = 127.0.0.1/8 ::1
 [sshd]
 enabled = true
 port    = $ssh_port
 logpath = %(sshd_log)s
 backend = %(sshd_backend)s
 EOF
    systemctl enable fail2ban >/dev/null 2>&1
    systemctl start fail2ban >/dev/null 2>&1
    print_color "green" "Fail2Ban has been installed and configured"
    print_color "yellow" "Default Fail2Ban settings:"
    print_color "yellow" "- Ban time: 10 minutes"
    print_color "yellow" "- Find time: 10 minutes"
    print_color "yellow" "- Max retries: 5"
    print_color "yellow" "- Ignored IP: localhost"
    print_color "yellow" "You can adjust these settings in /etc/fail2ban/jail.local"
 fi
 #---------------
 # Install Nginx
 #---------------
 if prompt_yes_no "Do you want to install Nginx?"; then
    print_color "yellow" "Installing Nginx..."
    (apt install nginx -y > /dev/null 2>&1) &
    show_progress $!
    systemctl enable nginx > /dev/null 2>&1
    systemctl start nginx > /dev/null 2>&1
    print_color "green" "Nginx has been installed and started"
 fi
 #---------------
 # Install Docker
 #---------------
 if prompt_yes_no "Do you want to install Docker?"; then
    print_color "yellow" "Installing Docker using the official method..."
    # Uninstall old versions
    print_color "yellow" "Removing old Docker versions if present..."
    for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do
        (sudo apt remove $pkg -y -qq > /dev/null 2>&1) &
        show_progress $!
    done
    # Update the apt package index
    print_color "yellow" "Updating apt package index..."
    (sudo apt update -qq > /dev/null 2>&1) &
    show_progress $!
    # Install packages to allow apt to use a repository over HTTPS
    print_color "yellow" "Installing required packages..."
    (sudo apt install ca-certificates curl -y -qq > /dev/null 2>&1) &
    show_progress $!
    # Add Docker's official GPG key
    print_color "yellow" "Adding Docker's official GPG key..."
    sudo install -m 0755 -d /etc/apt/keyrings
    sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
    sudo chmod a+r /etc/apt/keyrings/docker.asc
    # Set up the repository
    print_color "yellow" "Setting up the Docker repository..."
    echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
    $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
    sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    # Update the apt package index again
    print_color "yellow" "Updating apt package index..."
    (sudo apt update -qq > /dev/null 2>&1) &
    show_progress $!
    # Install Docker Engine, containerd, and Docker Compose
    print_color "yellow" "Installing Docker Engine, containerd, and Docker Compose..."
    (sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y -qq > /dev/null 2>&1) &
    show_progress $!
    # Verify Docker installation
    if docker --version > /dev/null 2>&1; then
        print_color "green" "Docker has been successfully installed."
        # Add user to the docker group
        print_color "yellow" "Adding $new_user to the docker group..."
        sudo usermod -aG docker "$new_user"
        # Verify group membership
        if id -nG "$new_user" | grep -qw "docker"; then
            print_color "green" "$new_user has been successfully added to the docker group."
        else
            print_color "red" "Failed to add $new_user to the docker group. Please add manually with: sudo usermod -aG docker $new_user"
        fi
        print_color "yellow" "Please log out and log back in for the group changes to take effect."
        print_color "yellow" "After logging back in, you can verify Docker works without sudo by running: docker run hello-world"
    else
        print_color "red" "Docker installation seems to have failed. Please check the logs and try again."
    fi
 else
    print_color "yellow" "Skipping Docker installation"
 fi
 #-------------------------
 # Install additional tools
 #-------------------------
 tools=("btop" "goaccess" "ncdu" "mc")
 for tool in "${tools[@]}"; do
    if prompt_yes_no "Do you want to install $tool?"; then
        print_color "yellow" "Installing $tool..."
        (apt install "$tool" -y > /dev/null 2>&1) &
        show_progress $!
        print_color "green" "$tool has been installed"
    fi
 done
 #--------------------------------
 # Install Node.js, npm, and Neoss
 #--------------------------------
 if prompt_yes_no "Do you want to install Neoss? This requires Node.js and npm to be installed as well."; then
    print_color "yellow" "Installing Node.js and npm..."
    # Download and run the NodeSource setup script
    print_color "yellow" "Adding NodeSource repository..."
    if curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash - > /dev/null 2>&1; then
        print_color "green" "NodeSource repository added successfully."
    else
        print_color "red" "Failed to add NodeSource repository. Aborting Node.js installation."
        return 1
    fi
    # Install Node.js (which includes npm)
    print_color "yellow" "Installing Node.js and npm..."
    if apt install -y nodejs > /dev/null 2>&1; then
        print_color "green" "Node.js and npm installed successfully."
    else
        print_color "red" "Failed to install Node.js and npm. Please check your internet connection and try again."
        return 1
    fi
    # Verify installation
    if node --version > /dev/null 2>&1 && npm --version > /dev/null 2>&1; then
        NODE_VERSION=$(node --version)
        NPM_VERSION=$(npm --version)
        print_color "green" "Node.js ${NODE_VERSION} and npm ${NPM_VERSION} have been successfully installed"
        # Install Neoss
        print_color "yellow" "Installing Neoss..."
        npm install -g neoss > /tmp/neoss_install.log 2>&1 &
        install_pid=$!
        show_progress $install_pid
        wait $install_pid
        install_status=$?
        if [ $install_status -eq 0 ]; then
            NEOSS_VERSION=$(neoss --version 2>/dev/null || echo "version unknown")
            print_color "green" "Neoss installation successful."
            print_color "green" "Version: ${NEOSS_VERSION}"
        else
            print_color "red" "Neoss installation failed. Error log:"
            cat /tmp/neoss_install.log
            print_color "red" "You can try to install it manually later with 'npm install -g neoss'."
        fi
    else
        print_color "red" "Node.js and npm installation verification failed. Please check the installation manually."
        return 1
    fi
    sleep 0.5
    force_scroll 5
 else
    print_color "yellow" "Skipping Node.js, npm, and Neoss installation"
 fi
 #------------------------
 # Configure log rotation
 #------------------------
 if prompt_yes_no "Do you want to configure log rotation?"; then
    print_color "yellow" "Configuring log rotation..."
    # Default settings
    rotate_frequency="weekly"
    rotate_count=4
    rotate_size="100M"
    if prompt_yes_no "Do you want to customize global log rotation settings?"; then
        read -r -p "Enter rotation frequency (daily/weekly/monthly) [default: weekly]: " custom_frequency
        rotate_frequency=${custom_frequency:-$rotate_frequency}
        read -r -p "Enter number of log files to keep [default: 4]: " custom_count
        rotate_count=${custom_count:-$rotate_count}
        read -r -p "Enter max size of log file before rotation (e.g., 100M, 500M, 1G) [default: 100M]: " custom_size
        rotate_size=${custom_size:-$rotate_size}
    else
        print_color "yellow" "Using default settings for global log rotation."
    fi
    # Update global configuration
    cat <<EOF >/etc/logrotate.conf
 # Global log rotation settings
 ${rotate_frequency}
 rotate ${rotate_count}
 create
 compress
 dateext
 # Rotate log files larger than ${rotate_size} even before the scheduled rotation time
 size ${rotate_size}
 include /etc/logrotate.d
 # System-specific logs may be configured here
 EOF
    print_color "green" "Global log rotation has been configured with the following settings:"
    print_color "yellow" "- Rotation frequency: ${rotate_frequency}"
    print_color "yellow" "- Number of log files to keep: ${rotate_count}"
    print_color "yellow" "- Max size before rotation: ${rotate_size}"
    print_color "yellow" "You can further adjust these settings in /etc/logrotate.conf"
    # Nginx-specific configuration
    if command -v nginx &>/dev/null || [ -d "/etc/nginx" ]; then
        print_color "yellow" "Nginx installation detected."
        if prompt_yes_no "Do you want to configure Nginx-specific log rotation?"; then
            mkdir -p /etc/logrotate.d
            cat <<EOF >/etc/logrotate.d/nginx
 /var/log/nginx/*.log {
    ${rotate_frequency}
    missingok
    rotate ${rotate_count}
    compress
    delaycompress
    notifempty
    create 0640 www-data adm
    sharedscripts
    maxsize ${rotate_size}
    postrotate
        if [ -f /var/run/nginx.pid ]; then
            kill -USR1 \$(cat /var/run/nginx.pid)
        fi
    endscript
 }
 EOF
            print_color "green" "Nginx-specific log rotation has been configured."
            print_color "yellow" "Nginx log rotation configuration created at /etc/logrotate.d/nginx"
        else
            print_color "yellow" "Skipping Nginx-specific log rotation configuration."
        fi
    else
        print_color "yellow" "Nginx installation not detected. Skipping Nginx-specific log rotation configuration."
    fi
    # Docker-specific configuration
    if command -v docker &>/dev/null; then
        if prompt_yes_no "Docker is installed. Do you want to configure Docker-specific log rotation?"; then
            mkdir -p /etc/docker
            cat <<EOF >/etc/docker/daemon.json
 {
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "${rotate_size}",
    "max-file": "${rotate_count}"
  }
 }
 EOF
            print_color "green" "Docker-specific log rotation has been configured."
            print_color "yellow" "Note: You'll need to restart Docker for these changes to take effect."
            if prompt_yes_no "Do you want to restart Docker now?"; then
                systemctl restart docker
                print_color "green" "Docker has been restarted."
            else
                print_color "yellow" "Please remember to restart Docker later for the log rotation changes to take effect."
            fi
        else
            print_color "yellow" "Skipping Docker-specific log rotation configuration."
        fi
    fi
 else
    print_color "yellow" "Skipping log rotation configuration."
 fi
 #---------------
 # End of Script
 #---------------
 if [ "$ssh_hardened" = true ]; then
    print_color "yellow" "===== IMPORTANT: SSH KEY SETUP ====="
    print_color "yellow" "SSH has been hardened. If you haven't set up an SSH key, do so before logging out!"
    print_color "yellow" "Please test your SSH connection in a new terminal before closing this session."
    print_color "yellow" "Follow these steps on your local machine:"
    print_color "yellow" "1. Generate an SSH key:"
    print_color "yellow" "   ssh-keygen -t ed25519 -C 'your_email@example.com'"
    print_color "yellow" "2. Copy the key to your server:"
    print_color "yellow" "   ssh-copy-id -i ~/.ssh/id_ed25519.pub -p $ssh_port $new_user@your_server_ip"
    print_color "yellow" "3. Test your new key:"
    print_color "yellow" "   ssh -p $ssh_port $new_user@your_server_ip"
    print_color "yellow" "4. If successful, run this script again to disable password authentication."
    print_color "yellow" "If you can't connect, check your SSH configuration at /etc/ssh/sshd_config"
    print_color "yellow" "====================================="
 fi
 print_color "green" "Server setup complete!"
--- a/Scripts/vaultwarden.sh
+++ b/Scripts/vaultwarden.sh
@ -1,58 +1,92 @@
 #!/bin/bash
-# Check if script is run as root
+# Function to show progress
-if [ "$EUID" -ne 0 ]; then
+show_progress() {
-    echo "This script must be run as root. Please use sudo or run as root."
+    local pid=$1
-    exit 1
+    local delay=0.1
-fi
+    local spinstr='⠋⠙⠹⠸⠼⠴⠦⠧⠇⠏'
    local start_time=$(date +%s)
    printf "  "
    while ps -p "$pid" > /dev/null 2>&1; do
        local temp=${spinstr#?}
        printf "\r[%c] " "$spinstr"
        local spinstr=$temp${spinstr%"$temp"}
        sleep $delay
        local current_time=$(date +%s)
        local elapsed=$((current_time - start_time))
        printf "%02d:%02d" $((elapsed / 60)) $((elapsed % 60))
    done
    printf "\r[✓] Done!     \n"
 }
 # Function to print colored output
 print_color() {
    case $1 in
    "green") echo -e "\e[32m$2\e[0m" ;;
    "red") echo -e "\e[31m$2\e[0m" ;;
    "yellow") echo -e "\e[33m$2\e[0m" ;;
    esac
    sleep 0.1
 }
 # Function to center text
 center_text() {
    local text="$1"
    local width
    width=$(tput cols) || return
    local padding=$(( (width - ${#text}) / 2 ))
    printf "%${padding}s%s\n" '' "$text"
 }
 # Function to install necessary packages
 install_dependencies() {
-    echo "Installing necessary packages..."
+    print_color "yellow" "Installing dependencies..."
-    sudo apt update && apt upgrade -y
+    (sudo apt update -q && sudo apt install -y -q wget curl sudo > /dev/null 2>&1) &
-    sudo apt install -y wget curl sudo
+    show_progress $!
    print_color "green" "Dependencies installed successfully."
 }
 # Function to create vaultwarden user if it doesn't exist
 create_vaultwarden_user() {
    if ! command -v useradd &> /dev/null; then
-        echo "useradd command not found. Installing..."
+        print_color "yellow" "useradd command not found. Installing..."
-        sudo apt install -y passwd
+        (sudo apt install -y passwd > /dev/null 2>&1) &
        show_progress $!
    fi
    if ! id "vaultwarden" &>/dev/null; then
-        echo "Creating vaultwarden user..."
+        print_color "yellow" "Creating vaultwarden user..."
-        sudo useradd -r -s /bin/false vaultwarden
+        (sudo useradd -r -s /bin/false vaultwarden > /dev/null 2>&1) &
-        echo "Vaultwarden user created."
+        show_progress $!
        print_color "green" "Vaultwarden user created successfully."
    else
-        echo "Vaultwarden user already exists."
+        print_color "green" "Vaultwarden user already exists."
    fi
 }
 # Function to extract without Docker
 extract_without_docker() {
-    echo "Extracting binaries without Docker..."
+    print_color "yellow" "Extracting Vaultwarden binaries..."
    (
        mkdir -p vw-image
        cd vw-image
-    if ! wget https://raw.githubusercontent.com/jjlin/docker-image-extract/main/docker-image-extract; then
+        wget -q https://raw.githubusercontent.com/jjlin/docker-image-extract/main/docker-image-extract
        echo "Failed to download docker-image-extract script. Exiting."
        exit 1
    fi
        chmod +x docker-image-extract
-    if ! ./docker-image-extract vaultwarden/server:latest-alpine; then
+        ./docker-image-extract vaultwarden/server:latest-alpine
-        echo "Failed to extract Vaultwarden image. Exiting."
+        sudo mv output/vaultwarden /home/vaultwarden/
-        exit 1
+        sudo mv output/web-vault /home/vaultwarden/
    fi
    sudo mv output/vaultwarden /home/vaultwarden/ || { echo "Failed to move vaultwarden binary. Exiting."; exit 1; }
    sudo mv output/web-vault /home/vaultwarden/ || { echo "Failed to move web-vault. Exiting."; exit 1; }
        cd ..
        rm -rf vw-image
        sudo mkdir -p /home/vaultwarden/data
-    echo "Extraction complete."
+    ) &> /dev/null &
-}
+    show_progress $!
    if [ -f "/home/vaultwarden/vaultwarden" ] && [ -d "/home/vaultwarden/web-vault" ]; then
        print_color "green" "Extraction complete."
    else
        print_color "red" "Extraction failed. Please check the logs and try again."
        exit 1
    fi
 }
 # Create systemd service file
 create_systemd_service() {
    print_color "yellow" "Creating systemd service file..."
    sudo tee /etc/systemd/system/vaultwarden.service > /dev/null << EOF
 [Unit]
 Description=Vaultwarden Server
@ -68,13 +102,14 @@ EnvironmentFile=/home/vaultwarden/.env
 [Install]
 WantedBy=multi-user.target
 EOF
    print_color "green" "Systemd service file created successfully."
 }
 # Function to create .env file
 create_env_file() {
-    echo "Setting up Vaultwarden configuration..."
+    print_color "yellow" "Setting up Vaultwarden configuration..."
    read -p "Enter domain name for Vaultwarden (e.g., vault.example.com): " DOMAIN
    print_color "yellow" "Creating .env file..."
    sudo tee /home/vaultwarden/.env > /dev/null << EOF
 DOMAIN=https://$DOMAIN
 ROCKET_PORT=8000
@ -82,28 +117,20 @@ DATA_FOLDER=/home/vaultwarden/data
 WEB_VAULT_FOLDER=/home/vaultwarden/web-vault
 EOF
-    sudo chown vaultwarden:vaultwarden /home/vaultwarden/.env
+    (sudo chown vaultwarden:vaultwarden /home/vaultwarden/.env && 
-    sudo chmod 600 /home/vaultwarden/.env
+     sudo chmod 600 /home/vaultwarden/.env) &
    show_progress $!
    print_color "green" "Vaultwarden configuration file created successfully."
 }
 # Function to install Certbot
 install_certbot() {
    echo "Installing Certbot..."
    sudo apt update
    sudo apt install -y snapd
    sudo snap install core
    sudo snap refresh core
    sudo snap install --classic certbot
    sudo ln -s /snap/bin/certbot /usr/bin/certbot
 }
 # Function to set up Nginx
 setup_nginx() {
    if ! command -v nginx &> /dev/null; then
-        echo "Nginx not found. Installing..."
+        print_color "yellow" "Nginx not found. Installing..."
-        sudo apt update && sudo apt install -y nginx
+        (sudo apt update && sudo apt install -y nginx > /dev/null 2>&1) &
        show_progress $!
    fi
    print_color "yellow" "Configuring Nginx for Vaultwarden..."
    sudo tee /etc/nginx/sites-available/vaultwarden > /dev/null << EOF
 server {
    listen 80;
@ -121,82 +148,95 @@ EOF
    sudo ln -sf /etc/nginx/sites-available/vaultwarden /etc/nginx/sites-enabled/
-    # Install Certbot before testing Nginx configuration
+    print_color "yellow" "Testing Nginx configuration..."
-    install_certbot
+    if sudo nginx -t; then
-    
+        (sudo systemctl reload nginx > /dev/null 2>&1) &
-    # Now test and reload Nginx
+        show_progress $!
-    sudo nginx -t && sudo systemctl reload nginx
+        print_color "green" "Nginx configured and reloaded successfully."
    echo "Nginx configured."
 }install_certbot() {
    if ! command -v certbot &> /dev/null; then
        echo "Installing Certbot..."
        sudo apt update
        sudo apt install -y certbot python3-certbot-nginx
    else
-        echo "Certbot is already installed."
+        print_color "red" "Nginx configuration test failed. Please check your configuration."
    fi
 }
-
+# Function to install Certbot
 install_certbot() {
    print_color "yellow" "Installing Certbot..."
    (sudo apt update && 
     sudo apt install -y snapd && 
     sudo snap install core && 
     sudo snap refresh core && 
     sudo snap install --classic certbot && 
     sudo ln -s /snap/bin/certbot /usr/bin/certbot) &
    show_progress $!
    print_color "green" "Certbot installed successfully."
 }
 # Function to set up admin panel
 setup_admin_panel() {
-    echo "Setting up admin panel..."
+    print_color "yellow" "Setting up admin panel..."
    # Install argon2 if not already installed
    if ! command -v argon2 &> /dev/null; then
-        echo "Installing argon2..."
+        print_color "yellow" "Installing argon2..."
-        sudo apt update
+        (sudo apt update && sudo apt install -y argon2 > /dev/null 2>&1) &
-        sudo apt install -y argon2
+        show_progress $!
    fi
    # Prompt for admin password
    read -sp "Enter the admin password: " admin_password
    echo
    print_color "yellow" "Generating admin token..."
    # Generate argon2 hash
    admin_token=$(echo -n "$admin_password" | argon2 $(openssl rand -base64 32) -e -id -k 65540 -t 3 -p 4)
    # Append admin token to .env file
-    echo "ENABLE_ADMIN=true" | sudo tee -a /home/vaultwarden/.env > /dev/null
+    print_color "yellow" "Updating .env file with admin token..."
-    echo "ADMIN_TOKEN='$admin_token'" | sudo tee -a /home/vaultwarden/.env > /dev/null
+    (echo "ENABLE_ADMIN=true" | sudo tee -a /home/vaultwarden/.env > /dev/null
    echo "ADMIN_TOKEN='$admin_token'" | sudo tee -a /home/vaultwarden/.env > /dev/null) &
    show_progress $!
-    echo "Admin panel has been enabled."
+    print_color "green" "Admin panel has been enabled successfully."
 }
-# Main script starts here
+#-------------
-
+# Main script 
 #-------------
 # Check if script is run as root
 if [ "$EUID" -ne 0 ]; then
    echo "This script must be run as root. Please use sudo or run as root."
    exit 1
 fi
 # Welcome Message
 cat <<"EOF"
-!   
+██╗   ██╗ █████╗ ██╗   ██╗██╗  ████████╗██╗    ██╗ █████╗ ██████╗ ██████╗ ███████╗███╗   ██╗
-!   ███████╗ ██████╗ ██╗   ██╗██████╗  █████╗ ███╗   ██╗    ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗     ██████╗  █████╗  ██████╗██╗  ██╗
+██║   ██║██╔══██╗██║   ██║██║  ╚══██╔══╝██║    ██║██╔══██╗██╔══██╗██╔══██╗██╔════╝████╗  ██║
-!   ██╔════╝██╔═══██╗██║   ██║██╔══██╗██╔══██╗████╗  ██║    ██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗    ██╔══██╗██╔══██╗██╔════╝██║ ██╔╝
+██║   ██║███████║██║   ██║██║     ██║   ██║ █╗ ██║███████║██████╔╝██║  ██║█████╗  ██╔██╗ ██║
-!   ███████╗██║   ██║██║   ██║██████╔╝███████║██╔██╗ ██║    ███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝    ██████╔╝███████║██║     █████╔╝ 
+╚██╗ ██╔╝██╔══██║██║   ██║██║     ██║   ██║███╗██║██╔══██║██╔══██╗██║  ██║██╔══╝  ██║╚██╗██║
-!   ╚════██║██║   ██║╚██╗ ██╔╝██╔══██╗██╔══██║██║╚██╗██║    ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗    ██╔═══╝ ██╔══██║██║     ██╔═██╗ 
+ ╚████╔╝ ██║  ██║╚██████╔╝███████╗██║   ╚███╔███╔╝██║  ██║██║  ██║██████╔╝███████╗██║ ╚████║
-!   ███████║╚██████╔╝ ╚████╔╝ ██║  ██║██║  ██║██║ ╚████║    ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║    ██║     ██║  ██║╚██████╗██║  ██╗
+  ╚═══╝  ╚═╝  ╚═╝ ╚═════╝ ╚══════╝╚═╝    ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚═════╝ ╚══════╝╚═╝  ╚═══╝
-!   ╚══════╝ ╚═════╝   ╚═══╝  ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝    ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝    ╚═╝     ╚═╝  ╚═╝ ╚═════╝╚═╝  ╚═╝
+                                ███████╗███████╗████████╗██╗   ██╗██████╗ 
-!                                                                                                                                              
+                                ██╔════╝██╔════╝╚══██╔══╝██║   ██║██╔══██╗
                                ███████╗█████╗     ██║   ██║   ██║██████╔╝
                                ╚════██║██╔══╝     ██║   ██║   ██║██╔═══╝ 
                                ███████║███████╗   ██║   ╚██████╔╝██║     
                                ╚══════╝╚══════╝   ╚═╝    ╚═════╝ ╚═╝     
 EOF
-
+echo
-echo "Thanks for using Enki's Vault Warden script"
+center_text "Created by Enki"
-echo "This script will install Vault Warden and add it to the system files so it can start at boot."
+center_text "Thanks for using this Vaultwarden installation script"
-echo "This also sets up Nginx for your domain as an option."
+center_text "This script will install Vaultwarden server and configure it to start at boot."
 center_text "It can also set up the Vaultwarden web server on your domain."
 echo
 print_color "yellow" "Make sure you have pointed your domain to this server's IP address before proceeding if you are not installing localy."
 if [ -t 0 ]; then
-    echo "To continue, hit any key."
+    print_color "green" "Press any key to continue..."
    read -n 1 -s -r -p ""
 fi
 echo
-echo "Starting Vaultwarden installation..."
+print_color "green" "Starting Vaultwarden installation..."
 # Install dependencies
 install_dependencies
 # Create vaultwarden user
 create_vaultwarden_user
 # Create vaultwarden directory
 sudo mkdir -p /home/vaultwarden
 # Extract Vaultwarden
 extract_without_docker
 # Create .env file
@ -206,46 +246,44 @@ create_env_file
 create_systemd_service
 # Set correct permissions
-sudo chown -R vaultwarden:vaultwarden /home/vaultwarden
+print_color "yellow" "Setting correct permissions..."
 (sudo chown -R vaultwarden:vaultwarden /home/vaultwarden) &
 show_progress $!
 print_color "green" "Permissions set successfully."
 # Offer to set up Nginx
 read -p "Would you like to set up Nginx as a reverse proxy? (y/n) " setup_nginx_answer
 if [[ $setup_nginx_answer =~ ^[Yy]$ ]]; then
    setup_nginx
    install_certbot
    print_color "yellow" "You can set up SSL later by running: sudo certbot --nginx -d $DOMAIN"
 fi
 # Enable and start Vaultwarden service
-sudo systemctl enable vaultwarden
+print_color "yellow" "Enabling and starting Vaultwarden service..."
-sudo systemctl start vaultwarden
+(sudo systemctl enable vaultwarden && sudo systemctl start vaultwarden) &
 show_progress $!
 print_color "green" "Vaultwarden service enabled and started."
-echo "Vaultwarden has been installed, configured, and started."
+print_color "green" "Vaultwarden has been installed and configured."
-echo "Please ensure your firewall allows traffic on ports 80 and 443 (if using HTTPS)."
+print_color "yellow" "Please ensure your firewall allows traffic on ports 80 and 443 (if using HTTPS)."
-echo "If you didn't set up Nginx, make sure to allow traffic on port 8000 as well."
+print_color "yellow" "If you didn't set up Nginx, make sure to allow traffic on port 8000 as well."
 # Offer to set up admin panel
 read -p "Would you like to enable the admin panel? (y/n) " setup_admin_answer
 if [[ $setup_admin_answer =~ ^[Yy]$ ]]; then
    setup_admin_panel
    # Restart Vaultwarden to apply changes
-    sudo systemctl restart vaultwarden
+    print_color "yellow" "Restarting Vaultwarden to apply changes..."
-fi
+    (sudo systemctl restart vaultwarden) &
-
+    show_progress $!
-
+    print_color "green" "Vaultwarden restarted successfully."
 if [[ $setup_nginx_answer =~ ^[Yy]$ ]]; then
    echo ""
    echo "IMPORTANT: SSL/HTTPS Setup Instructions"
    echo "----------------------------------------"
    echo "1. Ensure you have pointed your domain's A record to this server's IP address."
    echo "2. Once DNS propagation is complete (this can take up to 48 hours but in most cases it only takes a few minutes), run the following command:"
    echo "   sudo certbot --nginx -d $DOMAIN"
    echo "3. Follow the prompts to complete the SSL certificate installation."
    echo "4. Certbot will automatically modify your Nginx configuration to use HTTPS."
    echo ""
    echo "For more information on using Certbot, visit: https://certbot.eff.org/"
 fi
 print_color "green" "Vaultwarden installation complete!"
 if [[ $DOMAIN ]]; then
    print_color "yellow" "You can access your Vaultwarden instance at: https://$DOMAIN"
    if [[ $setup_admin_answer =~ ^[Yy]$ ]]; then
-    echo ""
+        print_color "yellow" "Admin panel is available at: https://$DOMAIN/admin"
-    echo "Admin panel has been enabled. You can access it at https://$DOMAIN/admin"
+    fi
    echo "Use the password you provided to log in."
 fi
--- a/README.md
+++ b/README.md
@ -12,18 +12,17 @@
 # How to use these scripts
 ----------------------------
-These should work on most Debian based distros that use apt.
+These should work on most Debian based distros.
 If you're using a GUI, then you can download the zip file.
 Unzip and open the folder.
-Find the script (or set of scripts.) that you want to use right click, look for the permissions section and tick the "run as program" permission. 
+Find the script (or set of scripts.) that you want to use right click, look for the permissions section and tick the "run as program" permission. Right click on a folder select "Open in terminal" then type `ls` this will show whats in the folder 
 Right click on a folder select "Open in terminal" then type `ls` this will show whats in the folder 
 then `sudo ./full_script_name.sh`. You might need to provide an admin password. 
 If you are running 'headless' and dont have Git installed yet you can run : 
-`wget https://github.com/Enkimin/Sovran-Scripts/archive/main.tar.gz`\
+`wget https://git.sovbit.dev/Enki/sovran-scripts/archive/main.tar.gz`\
 `tar -xzf main.tar.gz`\
 `cd main`\
 `ls`\
@ -33,7 +32,7 @@ If you are running 'headless' and dont have Git installed yet you can run :
 If Git is installed use : 
-`git clone https://github.com/Enkimin/Sovran-Scripts.git`\
+`git clone https://git.sovbit.dev/Enki/sovran-scripts.git`\
 `cd Sovran-Scripts`\
 `ls`\
 `cd folder_name`\
@ -43,11 +42,8 @@ All the scripts need to be given permission to execute, you can do this with:
 `chmod +x scriptname.sh`
--------------------------------------
+------------
 ## Scripts                           
 ### List of scripts and what they do
 --------------------------------------
 ------------
 ## Bitcoin 
 ------------
@ -57,5 +53,8 @@ All the scripts need to be given permission to execute, you can do this with:
 ----------------------
 ### Personal Server  
 ----------------------
 ### Server Setup
 - This script does some basic server setup. It will harden SSH, setup a non-root user, install some basic tools, configure log rotation, install docker and nginx, and install UFW and Fail2Ban with some basic configuration. All optional wth user input for most configuration settings. 
 ### Vault Warden 
- Installes and configures Vault Warden. Will also install nginx, certbot and add Vault Warden to systemd for easy managment.
+- Installs and configures Vault Warden. Will also install nginx, certbot and add Vault Warden to systemd for easy management.