first commit

1 year ago · 6fbecfb58c
commit 6fbecfb58c
9 changed files with 275 additions and 0 deletions
--- a/16
+++ b/16
@ -0,0 +1,16 @@
+
+
+include $(TOPDIR)/rules.mk
+
+
+LUCI_TITLE:=LuCI support for Vaultwarden
+LUCI_PKGARCH:=all
+LUCI_DEPENDS:=+lsblk +docker +luci-lib-taskd
+
+define Package/luci-app-vaultwarden/conffiles
+/etc/config/vaultwarden
+endef
+
+include $(TOPDIR)/feeds/luci/luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
--- a/README.md
+++ b/README.md
--- a/luasrc/controller/vaultwarden.lua
+++ b/luasrc/controller/vaultwarden.lua
@ -0,0 +1,7 @@
+
+module("luci.controller.vaultwarden", package.seeall)
+
+function index()
+  entry({"admin", "apps", "vaultwarden"}, alias("admin", "apps", "vaultwarden", "config"), _("Vaultwarden"), 30).dependent = true
+  entry({"admin", "apps", "vaultwarden", "config"}, cbi("vaultwarden"))
+end
--- a/luasrc/model/cbi/vaultwarden.lua
+++ b/luasrc/model/cbi/vaultwarden.lua
@ -0,0 +1,55 @@
+--[[
+LuCI - Lua Configuration Interface
+]]--
+
+local taskd = require "luci.model.tasks"
+local vaultwarden_model = require "luci.model.vaultwarden"
+local m, s, o
+
+m = taskd.docker_map("vaultwarden", "vaultwarden", "/usr/libexec/apps/vaultwarden.sh",
+	translate("Vaultwarden"),
+	translate("Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients.")
+		.. translate("Official website:") .. ' <a href=\"https://github.com/dani-garcia/vaultwarden\" target=\"_blank\">https://github.com/dani-garcia/vaultwarden</a>')
+
+s = m:section(SimpleSection, translate("Service Status"), translate("Vaultwarden status:"))
+s:append(Template("vaultwarden/status"))
+
+s = m:section(TypedSection, "main", translate("Setup"), translate("The following parameters will only take effect during installation or upgrade:"))
+s.addremove=false
+s.anonymous=true
+
+o = s:option(Value, "http_port", translate("HTTP Port").."<b>*</b>")
+o.default = "8097"
+o.datatype = "port"
+
+o = s:option(Value, "notify_port", translate("Notify Port"))
+o.datatype = "port"
+
+o = s:option(Flag, "signup_allowed", "SIGNUP_ALLOWED")
+o.default = 0
+
+o = s:option(Value, "admin_token", "ADMIN_TOKEN")
+o.default = ""
+o.password = true
+
+o = s:option(Value, "image_name", translate("Image").."<b>*</b>")
+o.rmempty = false
+o.datatype = "string"
+o:value("vaultwarden/server:latest", "vaultwarden/server:latest")
+o:value("vaultwarden/server:1.26.0", "vaultwarden/server:1.26.0")
+o.default = "vaultwarden/server:latest"
+
+local blocks = vaultwarden_model.blocks()
+local home = vaultwarden_model.home()
+
+o = s:option(Value, "config_path", translate("Config path").."<b>*</b>")
+o.rmempty = false
+o.datatype = "string"
+
+local paths, default_path = vaultwarden_model.find_paths(blocks, home, "Configs")
+for _, val in pairs(paths) do
+  o:value(val, val)
+end
+o.default = default_path
+
+return m
--- a/luasrc/model/vaultwarden.lua
+++ b/luasrc/model/vaultwarden.lua
@ -0,0 +1,55 @@
+local util  = require "luci.util"
+local jsonc = require "luci.jsonc"
+
+local vaultwarden = {}
+
+vaultwarden.blocks = function()
+  local f = io.popen("lsblk -s -f -b -o NAME,FSSIZE,MOUNTPOINT --json", "r")
+  local vals = {}
+  if f then
+    local ret = f:read("*all")
+    f:close()
+    local obj = jsonc.parse(ret)
+    for _, val in pairs(obj["blockdevices"]) do
+      local fsize = val["fssize"]
+      if fsize ~= nil and string.len(fsize) > 10 and val["mountpoint"] then
+        -- fsize > 1G
+        vals[#vals+1] = val["mountpoint"]
+      end
+    end
+  end
+  return vals
+end
+
+vaultwarden.home = function()
+  local uci = require "luci.model.uci".cursor()
+  local home_dirs = {}
+  home_dirs["main_dir"] = uci:get_first("quickstart", "main", "main_dir", "/root")
+  home_dirs["Configs"] = uci:get_first("quickstart", "main", "conf_dir", home_dirs["main_dir"].."/Configs")
+  home_dirs["Public"] = uci:get_first("quickstart", "main", "pub_dir", home_dirs["main_dir"].."/Public")
+  home_dirs["Downloads"] = uci:get_first("quickstart", "main", "dl_dir", home_dirs["Public"].."/Downloads")
+  home_dirs["Caches"] = uci:get_first("quickstart", "main", "tmp_dir", home_dirs["main_dir"].."/Caches")
+  return home_dirs
+end
+
+vaultwarden.find_paths = function(blocks, home_dirs, path_name)
+  local default_path = ''
+  local configs = {}
+
+  default_path = home_dirs[path_name] .. "/Vaultwarden"
+  if #blocks == 0 then
+    table.insert(configs, default_path)
+  else
+    for _, val in pairs(blocks) do 
+      table.insert(configs, val .. "/" .. path_name .. "/Vaultwarden")
+    end
+    local without_conf_dir = "/root/" .. path_name .. "/Vaultwarden"
+    if default_path == without_conf_dir then
+      default_path = configs[1]
+    end
+  end
+
+  return configs, default_path
+end
+
+return vaultwarden
--- a/luasrc/view/vaultwarden/status.htm
+++ b/luasrc/view/vaultwarden/status.htm
@ -0,0 +1,38 @@
+<%
+local util  = require "luci.util"
+local container_status = util.trim(util.exec("/usr/libexec/apps/vaultwarden.sh status"))
+local container_install = (string.len(container_status) > 0)
+local container_running = container_status == "running"
+-%>
+<div class="cbi-value">
+    <label class="cbi-value-title"><%:Status%></label>
+    <div class="cbi-value-field">
+        <% if container_running then %>
+        <button class="cbi-button cbi-button-success" disabled="true"><%:Vaultwarden is running%></button>
+        <% else %>
+        <button class="cbi-button cbi-button-negative" disabled="true"><%:Vaultwarden is not running%></button>
+        <% end %>
+    </div>
+</div>
+<%
+if container_running then
+    local port=util.trim(util.exec("/usr/libexec/apps/vaultwarden.sh port"))
+    if port == "" then
+        port="8002"
+    end
+-%>
+<div class="cbi-value cbi-value-last">
+    <label class="cbi-value-title">&nbsp;</label>
+    <div class="cbi-value-field">
+
+    <input type="button" class="btn cbi-button cbi-button-apply" name="start" value="<%:Open Vaultwarden%>" onclick="window.open('http://'+location.hostname+':<%=port%>', '_blank')">
+    </div>
+</div>
+<div class="cbi-value cbi-value-last">
+    <label class="cbi-value-title">&nbsp;</label>
+    <div class="cbi-value-field">
+
+    <input type="button" class="btn cbi-button cbi-button-apply" name="start" value="<%:Open Vaultwarden Admin%>" onclick="window.open('http://'+location.hostname+':<%=port%>/admin', '_blank')">
+    </div>
+</div>
+<% end %>
--- a/root/etc/config/vaultwarden
+++ b/root/etc/config/vaultwarden
@ -0,0 +1,8 @@
+config main
+	option 'http_port' '8002'
+	option 'notify_port' ''
+  option 'admin_token' ''
+  option 'signup_allowed' '0'
+	option 'image_name' 'vaultwarden/server:latest'
+	option 'config_path' ''
+
--- a/root/usr/libexec/apps/vaultwarden.sh
+++ b/root/usr/libexec/apps/vaultwarden.sh
@ -0,0 +1,85 @@
+#!/bin/sh
+# Author Xiaobao(xiaobao@linkease.com)
+
+ACTION=${1}
+shift 1
+
+do_install() {
+  local http_port=`uci get vaultwarden.@main[0].http_port 2>/dev/null`
+  local notify_port=`uci get vaultwarden.@main[0].notify_port 2>/dev/null`
+  local image_name=`uci get vaultwarden.@main[0].image_name 2>/dev/null`
+  local config=`uci get vaultwarden.@main[0].config_path 2>/dev/null`
+  local admin_token=`uci get vaultwarden.@main[0].admin_token 2>/dev/null`
+  local signup_allowed=`uci get vaultwarden.@main[0].signup_allowed 2>/dev/null`
+
+  [ -z "$image_name" ] && image_name="vaultwarden/server:latest"
+  echo "docker pull ${image_name}"
+  docker pull ${image_name}
+  docker rm -f vaultwarden
+
+  if [ -z "$config" ]; then
+      echo "config path is empty!"
+      exit 1
+  fi
+
+  [ -z "$http_port" ] && http_port=8002
+
+  local cmd="docker run --restart=unless-stopped -d \
+    --dns=172.17.0.1 \
+    -p $http_port:80 \
+    -v \"$config:/data\""
+
+  [ -z "$notify_port" ] || cmd="$cmd -e \"-e WEBSOCKET_ENABLED=true\" -p $notify_port:3012"
+  [ -z "$admin_token" ] || cmd="$cmd -e \"ADMIN_TOKEN=$admin_token\""
+  if [ "$signup_allowed" = "1" ]; then 
+    cmd="$cmd -e \"SIGNUPS_ALLOWED=true\""
+  else
+    cmd="$cmd -e \"SIGNUPS_ALLOWED=false\""
+  fi
+
+  local tz="`uci get system.@system[0].zonename`"
+  [ -z "$tz" ] || cmd="$cmd -e TZ=$tz"
+
+  cmd="$cmd -v /mnt:/mnt"
+  mountpoint -q /mnt && cmd="$cmd:rslave"
+  cmd="$cmd --name vaultwarden \"$image_name\""
+
+  echo "$cmd"
+  eval "$cmd"
+}
+
+usage() {
+  echo "usage: $0 sub-command"
+  echo "where sub-command is one of:"
+  echo "      install                Install the vaultwarden"
+  echo "      upgrade                Upgrade the vaultwarden"
+  echo "      rm/start/stop/restart  Remove/Start/Stop/Restart the vaultwarden"
+  echo "      status                 Vaultwarden status"
+  echo "      port                   Vaultwarden port"
+}
+
+case ${ACTION} in
+  "install")
+    do_install
+  ;;
+  "upgrade")
+    do_install
+  ;;
+  "rm")
+    docker rm -f vaultwarden
+  ;;
+  "start" | "stop" | "restart")
+    docker ${ACTION} vaultwarden
+  ;;
+  "status")
+    docker ps --all -f 'name=vaultwarden' --format '{{.State}}'
+  ;;
+  "port")
+    http_port=`uci get vaultwarden.@main[0].http_port 2>/dev/null`
+    echo $http_port
+  ;;
+  *)
+    usage
+    exit 1
+  ;;
+esac
--- a/root/usr/share/rpcd/acl.d/luci-app-vaultwarden.json
+++ b/root/usr/share/rpcd/acl.d/luci-app-vaultwarden.json
@ -0,0 +1,11 @@
+{
+	"luci-app-vaultwarden": {
+		"description": "Grant UCI access for luci-app-vaultwarden",
+		"read": {
+			"uci": [ "vaultwarden" ]
+		},
+		"write": {
+			"uci": [ "vaultwarden" ]
+		}
+	}
+}