commit 6fbecfb58cd3b73359c3b0eb89ffa6a2bcf0a850 Author: Ben Date: Mon Sep 4 22:44:04 2023 -0400 first commit diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..cb94ac2 --- /dev/null +++ b/Makefile @@ -0,0 +1,16 @@ + + +include $(TOPDIR)/rules.mk + + +LUCI_TITLE:=LuCI support for Vaultwarden +LUCI_PKGARCH:=all +LUCI_DEPENDS:=+lsblk +docker +luci-lib-taskd + +define Package/luci-app-vaultwarden/conffiles +/etc/config/vaultwarden +endef + +include $(TOPDIR)/feeds/luci/luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/luasrc/controller/vaultwarden.lua b/luasrc/controller/vaultwarden.lua new file mode 100755 index 0000000..4ffdc4e --- /dev/null +++ b/luasrc/controller/vaultwarden.lua @@ -0,0 +1,7 @@ + +module("luci.controller.vaultwarden", package.seeall) + +function index() + entry({"admin", "apps", "vaultwarden"}, alias("admin", "apps", "vaultwarden", "config"), _("Vaultwarden"), 30).dependent = true + entry({"admin", "apps", "vaultwarden", "config"}, cbi("vaultwarden")) +end diff --git a/luasrc/model/cbi/vaultwarden.lua b/luasrc/model/cbi/vaultwarden.lua new file mode 100644 index 0000000..efe3051 --- /dev/null +++ b/luasrc/model/cbi/vaultwarden.lua @@ -0,0 +1,55 @@ +--[[ +LuCI - Lua Configuration Interface +]]-- + +local taskd = require "luci.model.tasks" +local vaultwarden_model = require "luci.model.vaultwarden" +local m, s, o + +m = taskd.docker_map("vaultwarden", "vaultwarden", "/usr/libexec/apps/vaultwarden.sh", + translate("Vaultwarden"), + translate("Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients.") + .. translate("Official website:") .. ' https://github.com/dani-garcia/vaultwarden') + +s = m:section(SimpleSection, translate("Service Status"), translate("Vaultwarden status:")) +s:append(Template("vaultwarden/status")) + +s = m:section(TypedSection, "main", translate("Setup"), translate("The following parameters will only take effect during installation or upgrade:")) +s.addremove=false +s.anonymous=true + +o = s:option(Value, "http_port", translate("HTTP Port").."*") +o.default = "8097" +o.datatype = "port" + +o = s:option(Value, "notify_port", translate("Notify Port")) +o.datatype = "port" + +o = s:option(Flag, "signup_allowed", "SIGNUP_ALLOWED") +o.default = 0 + +o = s:option(Value, "admin_token", "ADMIN_TOKEN") +o.default = "" +o.password = true + +o = s:option(Value, "image_name", translate("Image").."*") +o.rmempty = false +o.datatype = "string" +o:value("vaultwarden/server:latest", "vaultwarden/server:latest") +o:value("vaultwarden/server:1.26.0", "vaultwarden/server:1.26.0") +o.default = "vaultwarden/server:latest" + +local blocks = vaultwarden_model.blocks() +local home = vaultwarden_model.home() + +o = s:option(Value, "config_path", translate("Config path").."*") +o.rmempty = false +o.datatype = "string" + +local paths, default_path = vaultwarden_model.find_paths(blocks, home, "Configs") +for _, val in pairs(paths) do + o:value(val, val) +end +o.default = default_path + +return m diff --git a/luasrc/model/vaultwarden.lua b/luasrc/model/vaultwarden.lua new file mode 100644 index 0000000..707b58e --- /dev/null +++ b/luasrc/model/vaultwarden.lua @@ -0,0 +1,55 @@ +local util = require "luci.util" +local jsonc = require "luci.jsonc" + +local vaultwarden = {} + +vaultwarden.blocks = function() + local f = io.popen("lsblk -s -f -b -o NAME,FSSIZE,MOUNTPOINT --json", "r") + local vals = {} + if f then + local ret = f:read("*all") + f:close() + local obj = jsonc.parse(ret) + for _, val in pairs(obj["blockdevices"]) do + local fsize = val["fssize"] + if fsize ~= nil and string.len(fsize) > 10 and val["mountpoint"] then + -- fsize > 1G + vals[#vals+1] = val["mountpoint"] + end + end + end + return vals +end + +vaultwarden.home = function() + local uci = require "luci.model.uci".cursor() + local home_dirs = {} + home_dirs["main_dir"] = uci:get_first("quickstart", "main", "main_dir", "/root") + home_dirs["Configs"] = uci:get_first("quickstart", "main", "conf_dir", home_dirs["main_dir"].."/Configs") + home_dirs["Public"] = uci:get_first("quickstart", "main", "pub_dir", home_dirs["main_dir"].."/Public") + home_dirs["Downloads"] = uci:get_first("quickstart", "main", "dl_dir", home_dirs["Public"].."/Downloads") + home_dirs["Caches"] = uci:get_first("quickstart", "main", "tmp_dir", home_dirs["main_dir"].."/Caches") + return home_dirs +end + +vaultwarden.find_paths = function(blocks, home_dirs, path_name) + local default_path = '' + local configs = {} + + default_path = home_dirs[path_name] .. "/Vaultwarden" + if #blocks == 0 then + table.insert(configs, default_path) + else + for _, val in pairs(blocks) do + table.insert(configs, val .. "/" .. path_name .. "/Vaultwarden") + end + local without_conf_dir = "/root/" .. path_name .. "/Vaultwarden" + if default_path == without_conf_dir then + default_path = configs[1] + end + end + + return configs, default_path +end + +return vaultwarden diff --git a/luasrc/view/vaultwarden/status.htm b/luasrc/view/vaultwarden/status.htm new file mode 100644 index 0000000..fad3d56 --- /dev/null +++ b/luasrc/view/vaultwarden/status.htm @@ -0,0 +1,38 @@ +<% +local util = require "luci.util" +local container_status = util.trim(util.exec("/usr/libexec/apps/vaultwarden.sh status")) +local container_install = (string.len(container_status) > 0) +local container_running = container_status == "running" +-%> +
+ +
+ <% if container_running then %> + + <% else %> + + <% end %> +
+
+<% +if container_running then + local port=util.trim(util.exec("/usr/libexec/apps/vaultwarden.sh port")) + if port == "" then + port="8002" + end +-%> +
+ +
+ + +
+
+
+ +
+ + +
+
+<% end %> diff --git a/root/etc/config/vaultwarden b/root/etc/config/vaultwarden new file mode 100644 index 0000000..4354aaa --- /dev/null +++ b/root/etc/config/vaultwarden @@ -0,0 +1,8 @@ +config main + option 'http_port' '8002' + option 'notify_port' '' + option 'admin_token' '' + option 'signup_allowed' '0' + option 'image_name' 'vaultwarden/server:latest' + option 'config_path' '' + diff --git a/root/usr/libexec/apps/vaultwarden.sh b/root/usr/libexec/apps/vaultwarden.sh new file mode 100755 index 0000000..ea3fc8a --- /dev/null +++ b/root/usr/libexec/apps/vaultwarden.sh @@ -0,0 +1,85 @@ +#!/bin/sh +# Author Xiaobao(xiaobao@linkease.com) + +ACTION=${1} +shift 1 + +do_install() { + local http_port=`uci get vaultwarden.@main[0].http_port 2>/dev/null` + local notify_port=`uci get vaultwarden.@main[0].notify_port 2>/dev/null` + local image_name=`uci get vaultwarden.@main[0].image_name 2>/dev/null` + local config=`uci get vaultwarden.@main[0].config_path 2>/dev/null` + local admin_token=`uci get vaultwarden.@main[0].admin_token 2>/dev/null` + local signup_allowed=`uci get vaultwarden.@main[0].signup_allowed 2>/dev/null` + + [ -z "$image_name" ] && image_name="vaultwarden/server:latest" + echo "docker pull ${image_name}" + docker pull ${image_name} + docker rm -f vaultwarden + + if [ -z "$config" ]; then + echo "config path is empty!" + exit 1 + fi + + [ -z "$http_port" ] && http_port=8002 + + local cmd="docker run --restart=unless-stopped -d \ + --dns=172.17.0.1 \ + -p $http_port:80 \ + -v \"$config:/data\"" + + [ -z "$notify_port" ] || cmd="$cmd -e \"-e WEBSOCKET_ENABLED=true\" -p $notify_port:3012" + [ -z "$admin_token" ] || cmd="$cmd -e \"ADMIN_TOKEN=$admin_token\"" + if [ "$signup_allowed" = "1" ]; then + cmd="$cmd -e \"SIGNUPS_ALLOWED=true\"" + else + cmd="$cmd -e \"SIGNUPS_ALLOWED=false\"" + fi + + local tz="`uci get system.@system[0].zonename`" + [ -z "$tz" ] || cmd="$cmd -e TZ=$tz" + + cmd="$cmd -v /mnt:/mnt" + mountpoint -q /mnt && cmd="$cmd:rslave" + cmd="$cmd --name vaultwarden \"$image_name\"" + + echo "$cmd" + eval "$cmd" +} + +usage() { + echo "usage: $0 sub-command" + echo "where sub-command is one of:" + echo " install Install the vaultwarden" + echo " upgrade Upgrade the vaultwarden" + echo " rm/start/stop/restart Remove/Start/Stop/Restart the vaultwarden" + echo " status Vaultwarden status" + echo " port Vaultwarden port" +} + +case ${ACTION} in + "install") + do_install + ;; + "upgrade") + do_install + ;; + "rm") + docker rm -f vaultwarden + ;; + "start" | "stop" | "restart") + docker ${ACTION} vaultwarden + ;; + "status") + docker ps --all -f 'name=vaultwarden' --format '{{.State}}' + ;; + "port") + http_port=`uci get vaultwarden.@main[0].http_port 2>/dev/null` + echo $http_port + ;; + *) + usage + exit 1 + ;; +esac diff --git a/root/usr/share/rpcd/acl.d/luci-app-vaultwarden.json b/root/usr/share/rpcd/acl.d/luci-app-vaultwarden.json new file mode 100644 index 0000000..2f8a6cd --- /dev/null +++ b/root/usr/share/rpcd/acl.d/luci-app-vaultwarden.json @@ -0,0 +1,11 @@ +{ + "luci-app-vaultwarden": { + "description": "Grant UCI access for luci-app-vaultwarden", + "read": { + "uci": [ "vaultwarden" ] + }, + "write": { + "uci": [ "vaultwarden" ] + } + } +}