Compare commits
No commits in common. "e26b6c45a0a27146b80a65701893c1b383013747" and "2704f37c41f832e2eb4234b025e55d62b57b5d12" have entirely different histories.
e26b6c45a0
...
2704f37c41
@ -1,251 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Check if script is run as root
|
|
||||||
if [ "$EUID" -ne 0 ]; then
|
|
||||||
echo "This script must be run as root. Please use sudo or run as root."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Function to install necessary packages
|
|
||||||
install_dependencies() {
|
|
||||||
echo "Installing necessary packages..."
|
|
||||||
sudo apt update && apt upgrade -y
|
|
||||||
sudo apt install -y wget curl sudo
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to create vaultwarden user if it doesn't exist
|
|
||||||
create_vaultwarden_user() {
|
|
||||||
if ! command -v useradd &> /dev/null; then
|
|
||||||
echo "useradd command not found. Installing..."
|
|
||||||
sudo apt install -y passwd
|
|
||||||
fi
|
|
||||||
|
|
||||||
if ! id "vaultwarden" &>/dev/null; then
|
|
||||||
echo "Creating vaultwarden user..."
|
|
||||||
sudo useradd -r -s /bin/false vaultwarden
|
|
||||||
echo "Vaultwarden user created."
|
|
||||||
else
|
|
||||||
echo "Vaultwarden user already exists."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to extract without Docker
|
|
||||||
extract_without_docker() {
|
|
||||||
echo "Extracting binaries without Docker..."
|
|
||||||
mkdir -p vw-image
|
|
||||||
cd vw-image
|
|
||||||
if ! wget https://raw.githubusercontent.com/jjlin/docker-image-extract/main/docker-image-extract; then
|
|
||||||
echo "Failed to download docker-image-extract script. Exiting."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
chmod +x docker-image-extract
|
|
||||||
if ! ./docker-image-extract vaultwarden/server:latest-alpine; then
|
|
||||||
echo "Failed to extract Vaultwarden image. Exiting."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
sudo mv output/vaultwarden /home/vaultwarden/ || { echo "Failed to move vaultwarden binary. Exiting."; exit 1; }
|
|
||||||
sudo mv output/web-vault /home/vaultwarden/ || { echo "Failed to move web-vault. Exiting."; exit 1; }
|
|
||||||
cd ..
|
|
||||||
rm -rf vw-image
|
|
||||||
sudo mkdir -p /home/vaultwarden/data
|
|
||||||
echo "Extraction complete."
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create systemd service file
|
|
||||||
create_systemd_service() {
|
|
||||||
sudo tee /etc/systemd/system/vaultwarden.service > /dev/null << EOF
|
|
||||||
[Unit]
|
|
||||||
Description=Vaultwarden Server
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
User=vaultwarden
|
|
||||||
Group=vaultwarden
|
|
||||||
ExecStart=/home/vaultwarden/vaultwarden
|
|
||||||
WorkingDirectory=/home/vaultwarden
|
|
||||||
EnvironmentFile=/home/vaultwarden/.env
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
EOF
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to create .env file
|
|
||||||
create_env_file() {
|
|
||||||
echo "Setting up Vaultwarden configuration..."
|
|
||||||
read -p "Enter domain name for Vaultwarden (e.g., vault.example.com): " DOMAIN
|
|
||||||
|
|
||||||
sudo tee /home/vaultwarden/.env > /dev/null << EOF
|
|
||||||
DOMAIN=https://$DOMAIN
|
|
||||||
ROCKET_PORT=8000
|
|
||||||
DATA_FOLDER=/home/vaultwarden/data
|
|
||||||
WEB_VAULT_FOLDER=/home/vaultwarden/web-vault
|
|
||||||
EOF
|
|
||||||
|
|
||||||
sudo chown vaultwarden:vaultwarden /home/vaultwarden/.env
|
|
||||||
sudo chmod 600 /home/vaultwarden/.env
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to install Certbot
|
|
||||||
install_certbot() {
|
|
||||||
echo "Installing Certbot..."
|
|
||||||
sudo apt update
|
|
||||||
sudo apt install -y snapd
|
|
||||||
sudo snap install core
|
|
||||||
sudo snap refresh core
|
|
||||||
sudo snap install --classic certbot
|
|
||||||
sudo ln -s /snap/bin/certbot /usr/bin/certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to set up Nginx
|
|
||||||
setup_nginx() {
|
|
||||||
if ! command -v nginx &> /dev/null; then
|
|
||||||
echo "Nginx not found. Installing..."
|
|
||||||
sudo apt update && sudo apt install -y nginx
|
|
||||||
fi
|
|
||||||
|
|
||||||
sudo tee /etc/nginx/sites-available/vaultwarden > /dev/null << EOF
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name $DOMAIN;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://127.0.0.1:8000;
|
|
||||||
proxy_set_header Host \$host;
|
|
||||||
proxy_set_header X-Real-IP \$remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
EOF
|
|
||||||
|
|
||||||
sudo ln -sf /etc/nginx/sites-available/vaultwarden /etc/nginx/sites-enabled/
|
|
||||||
|
|
||||||
# Install Certbot before testing Nginx configuration
|
|
||||||
install_certbot
|
|
||||||
|
|
||||||
# Now test and reload Nginx
|
|
||||||
sudo nginx -t && sudo systemctl reload nginx
|
|
||||||
|
|
||||||
echo "Nginx configured."
|
|
||||||
}install_certbot() {
|
|
||||||
if ! command -v certbot &> /dev/null; then
|
|
||||||
echo "Installing Certbot..."
|
|
||||||
sudo apt update
|
|
||||||
sudo apt install -y certbot python3-certbot-nginx
|
|
||||||
else
|
|
||||||
echo "Certbot is already installed."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to set up admin panel
|
|
||||||
setup_admin_panel() {
|
|
||||||
echo "Setting up admin panel..."
|
|
||||||
|
|
||||||
# Install argon2 if not already installed
|
|
||||||
if ! command -v argon2 &> /dev/null; then
|
|
||||||
echo "Installing argon2..."
|
|
||||||
sudo apt update
|
|
||||||
sudo apt install -y argon2
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Prompt for admin password
|
|
||||||
read -sp "Enter the admin password: " admin_password
|
|
||||||
echo
|
|
||||||
|
|
||||||
# Generate argon2 hash
|
|
||||||
admin_token=$(echo -n "$admin_password" | argon2 $(openssl rand -base64 32) -e -id -k 65540 -t 3 -p 4)
|
|
||||||
|
|
||||||
# Append admin token to .env file
|
|
||||||
echo "ENABLE_ADMIN=true" | sudo tee -a /home/vaultwarden/.env > /dev/null
|
|
||||||
echo "ADMIN_TOKEN='$admin_token'" | sudo tee -a /home/vaultwarden/.env > /dev/null
|
|
||||||
|
|
||||||
echo "Admin panel has been enabled."
|
|
||||||
}
|
|
||||||
|
|
||||||
# Main script starts here
|
|
||||||
|
|
||||||
# Welcome Message
|
|
||||||
cat <<"EOF"
|
|
||||||
!
|
|
||||||
! ███████╗ ██████╗ ██╗ ██╗██████╗ █████╗ ███╗ ██╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗ ██████╗ █████╗ ██████╗██╗ ██╗
|
|
||||||
! ██╔════╝██╔═══██╗██║ ██║██╔══██╗██╔══██╗████╗ ██║ ██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗ ██╔══██╗██╔══██╗██╔════╝██║ ██╔╝
|
|
||||||
! ███████╗██║ ██║██║ ██║██████╔╝███████║██╔██╗ ██║ ███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝ ██████╔╝███████║██║ █████╔╝
|
|
||||||
! ╚════██║██║ ██║╚██╗ ██╔╝██╔══██╗██╔══██║██║╚██╗██║ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗ ██╔═══╝ ██╔══██║██║ ██╔═██╗
|
|
||||||
! ███████║╚██████╔╝ ╚████╔╝ ██║ ██║██║ ██║██║ ╚████║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║ ██║ ██║ ██║╚██████╗██║ ██╗
|
|
||||||
! ╚══════╝ ╚═════╝ ╚═══╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═══╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝
|
|
||||||
!
|
|
||||||
EOF
|
|
||||||
|
|
||||||
echo "Thanks for using Enki's Vault Warden script"
|
|
||||||
echo "This script will install Vault Warden and add it to the system files so it can start at boot."
|
|
||||||
echo "This also sets up Nginx for your domain as an option."
|
|
||||||
if [ -t 0 ]; then
|
|
||||||
echo "To continue, hit any key."
|
|
||||||
read -n 1 -s -r -p ""
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "Starting Vaultwarden installation..."
|
|
||||||
|
|
||||||
# Install dependencies
|
|
||||||
install_dependencies
|
|
||||||
|
|
||||||
# Create vaultwarden user
|
|
||||||
create_vaultwarden_user
|
|
||||||
|
|
||||||
# Create vaultwarden directory
|
|
||||||
sudo mkdir -p /home/vaultwarden
|
|
||||||
|
|
||||||
# Extract Vaultwarden
|
|
||||||
extract_without_docker
|
|
||||||
|
|
||||||
# Create .env file
|
|
||||||
create_env_file
|
|
||||||
|
|
||||||
# Create systemd service
|
|
||||||
create_systemd_service
|
|
||||||
|
|
||||||
# Set correct permissions
|
|
||||||
sudo chown -R vaultwarden:vaultwarden /home/vaultwarden
|
|
||||||
|
|
||||||
# Offer to set up Nginx
|
|
||||||
read -p "Would you like to set up Nginx as a reverse proxy? (y/n) " setup_nginx_answer
|
|
||||||
if [[ $setup_nginx_answer =~ ^[Yy]$ ]]; then
|
|
||||||
setup_nginx
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Enable and start Vaultwarden service
|
|
||||||
sudo systemctl enable vaultwarden
|
|
||||||
sudo systemctl start vaultwarden
|
|
||||||
|
|
||||||
echo "Vaultwarden has been installed, configured, and started."
|
|
||||||
echo "Please ensure your firewall allows traffic on ports 80 and 443 (if using HTTPS)."
|
|
||||||
echo "If you didn't set up Nginx, make sure to allow traffic on port 8000 as well."
|
|
||||||
|
|
||||||
# Offer to set up admin panel
|
|
||||||
read -p "Would you like to enable the admin panel? (y/n) " setup_admin_answer
|
|
||||||
if [[ $setup_admin_answer =~ ^[Yy]$ ]]; then
|
|
||||||
setup_admin_panel
|
|
||||||
# Restart Vaultwarden to apply changes
|
|
||||||
sudo systemctl restart vaultwarden
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
if [[ $setup_nginx_answer =~ ^[Yy]$ ]]; then
|
|
||||||
echo ""
|
|
||||||
echo "IMPORTANT: SSL/HTTPS Setup Instructions"
|
|
||||||
echo "----------------------------------------"
|
|
||||||
echo "1. Ensure you have pointed your domain's A record to this server's IP address."
|
|
||||||
echo "2. Once DNS propagation is complete (this can take up to 48 hours but in most cases it only takes a few minutes), run the following command:"
|
|
||||||
echo " sudo certbot --nginx -d $DOMAIN"
|
|
||||||
echo "3. Follow the prompts to complete the SSL certificate installation."
|
|
||||||
echo "4. Certbot will automatically modify your Nginx configuration to use HTTPS."
|
|
||||||
echo ""
|
|
||||||
echo "For more information on using Certbot, visit: https://certbot.eff.org/"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ $setup_admin_answer =~ ^[Yy]$ ]]; then
|
|
||||||
echo ""
|
|
||||||
echo "Admin panel has been enabled. You can access it at https://$DOMAIN/admin"
|
|
||||||
echo "Use the password you provided to log in."
|
|
||||||
fi
|
|
14
README.md
14
README.md
@ -39,19 +39,11 @@ If Git is installed use :
|
|||||||
`cd folder_name`\
|
`cd folder_name`\
|
||||||
`sudo ./script_name.sh`
|
`sudo ./script_name.sh`
|
||||||
|
|
||||||
--------------------------------------
|
|
||||||
## Scripts |
|
|
||||||
### List of scripts and what they do |
|
|
||||||
--------------------------------------
|
|
||||||
|
|
||||||
------------
|
## Scripts
|
||||||
## Bitcoin |
|
### List of scripts and what they do.
|
||||||
------------
|
------------
|
||||||
### coreinstall.sh
|
### coreinstall.sh
|
||||||
- This script walks the user through the process of installing TOR, I2P, and Bitcoin Core plus configures Core to use whatever network is installed.
|
- This script walks the user through the process of installing TOR, I2P, and Bitcoin Core plus configures Core to use whatever network is installed.
|
||||||
|
|
||||||
----------------------
|
|
||||||
### Personal Server |
|
|
||||||
----------------------
|
|
||||||
### Vault Warden
|
|
||||||
- Installes and configures Vault Warden. Will also install nginx, certbot and add Vault Warden to systemd for easy managment.
|
|
||||||
|
Loading…
Reference in New Issue
Block a user