From 3f97b3c1d565f119ef788717312d84a0761a1691 Mon Sep 17 00:00:00 2001 From: Gitouche Date: Mon, 10 Jun 2024 19:55:46 +0200 Subject: [PATCH] vaultwarden : switch to sqlite --- podman-vaultwarden/.gitlab-ci.yml | 4 +--- podman-vaultwarden/05_freshinstall.sh | 14 -------------- podman-vaultwarden/10_install.sh | 19 +------------------ podman-vaultwarden/ci_build-images.sh | 2 +- podman-vaultwarden/container-compose.yml | 15 --------------- podman-vaultwarden/vars.sh | 18 +++--------------- 6 files changed, 6 insertions(+), 66 deletions(-) diff --git a/podman-vaultwarden/.gitlab-ci.yml b/podman-vaultwarden/.gitlab-ci.yml index 144735c..4b32b8a 100644 --- a/podman-vaultwarden/.gitlab-ci.yml +++ b/podman-vaultwarden/.gitlab-ci.yml @@ -4,21 +4,19 @@ before_script: - podman pod rm --force pod_podman-vaultwarden - rm -f ~/.config/systemd/user/pod-podman-vaultwarden.service && systemctl --user daemon-reload - podman volume rm --force podman-vaultwarden_data - - podman volume rm --force podman-vaultwarden_database vaultwarden: stage: test script: - cd podman-vaultwarden - ./ci_build-images.sh - - GARBAYE_VAULTWARDEN_ENV_LISTENPORT=18090 GARBAYE_VAULTWARDEN_DATABASE_PASSWORD=z1NnqbjdpBOreGdzHzmcDldL GARBAYE_VAULTWARDEN_ADMIN_PASSWORD='$argon2id$v=19$m=65540,t=3,p=4$TW5OdGJKY1JRbUZlYVVLZU9JSUNlM0U3UWUvY1J1ZUNrdVhkTDRmYjlPVT0$aFGMAuj4UwaXVF3QRGIDbo/g/Fh/BQOnsRI0FTooij4' ./05_freshinstall.sh + - GARBAYE_VAULTWARDEN_ENV_LISTENPORT=18090 GARBAYE_VAULTWARDEN_ADMIN_PASSWORD='$argon2id$v=19$m=65540,t=3,p=4$TW5OdGJKY1JRbUZlYVVLZU9JSUNlM0U3UWUvY1J1ZUNrdVhkTDRmYjlPVT0$aFGMAuj4UwaXVF3QRGIDbo/g/Fh/BQOnsRI0FTooij4' ./05_freshinstall.sh - ./20_enable.sh - ./30_start.sh && sleep 10 - ./40_stop.sh - ./70_disable.sh - ./80_destroy.sh - podman volume rm podman-vaultwarden_data - - podman volume rm podman-vaultwarden_database tags: - garbaye - compute diff --git a/podman-vaultwarden/05_freshinstall.sh b/podman-vaultwarden/05_freshinstall.sh index 96954b4..f72a0d6 100755 --- a/podman-vaultwarden/05_freshinstall.sh +++ b/podman-vaultwarden/05_freshinstall.sh @@ -9,26 +9,12 @@ ensure_not_root ensure_variables_are_defined "$envvars" -if podman volume exists ${dbvolume} ; then - echo "Error : DB volume ${dbvolume} already exists." - echo "Please remove it before a freshinstall, or continue with a standard installation." - exit 1 -fi - if podman volume exists ${datavolume} ; then echo "Error : DATA volume ${datavolume} already exists." echo "Please remove it before a freshinstall, or continue with a standard installation." exit 1 fi -#if podman volume exists ${uploadsvolume} ; then -# echo "Error : UPLOADS volume ${uploadsvolume} already exists." -# echo "Please remove it before a freshinstall, or continue with a standard installation." -# exit 1 -#fi - -podman volume create ${dbvolume} podman volume create ${datavolume} #&& podman unshare chmod 0777 `get_podman_volume_path ${datavolume}` -#podman volume create ${uploadsvolume} && podman unshare chmod 0777 `get_podman_volume_path ${uploadsvolume}` ${ABSDIR}/10_install.sh diff --git a/podman-vaultwarden/10_install.sh b/podman-vaultwarden/10_install.sh index c47a18d..232a1a9 100755 --- a/podman-vaultwarden/10_install.sh +++ b/podman-vaultwarden/10_install.sh @@ -10,11 +10,6 @@ ensure_not_root ensure_pod_not_exists ${pod_name} ensure_variables_are_defined "$envvars" -if ! podman volume exists ${dbvolume} ; then - echo "Error : DB volume ${dbvolume} does not exists. Consider running 05_freshinstall.sh if this is the first install." - exit 1 -fi - if ! podman volume exists ${datavolume} ; then echo "Error : DATA volume ${datavolume} does not exists. Consider running 05_freshinstall.sh if this is the first install." exit 1 @@ -22,19 +17,14 @@ fi cat < .env # vaultwarden -DATABASE_URL=postgresql://vaultwarden:${GARBAYE_VAULTWARDEN_DATABASE_PASSWORD}@database:${database_port}/vaultwarden ADMIN_TOKEN=${GARBAYE_VAULTWARDEN_ADMIN_PASSWORD} DOMAIN=${GARBAYE_VAULTWARDEN_DOMAIN} SENDS_ALLOWED=false -# PostgreSQL -POSTGRES_DB=vaultwarden -POSTGRES_PASSWORD=${GARBAYE_VAULTWARDEN_DATABASE_PASSWORD} -POSTGRES_USER=vaultwarden # Signups SIGNUPS_ALLOWED=true SIGNUPS_VERIFY=true # SMTP -SMTP_HOST=${GARBAYE_SEAFILE_SMTP_SERVER} +SMTP_HOST=${GARBAYE_SMTP_SERVER} SMTP_FROM=vaultwarden@garbaye.fr SMTP_FROM_NAME=Vaultwarden SMTP_SECURITY=off @@ -43,20 +33,13 @@ EOT export service_image export service_version -export database_image -export database_version -export database_path export container_name -export db_container_name export listen_if export listen_port if ! podman image exists ${service_image}:${service_version}; then podman image pull ${service_image}:${service_version} || exit 1 fi -if ! podman image exists ${database_image}:${database_version}; then - podman image pull ${database_image}:${database_version} || exit 1 -fi podman-compose --pod-args="--infra=true --infra-name=${project_name}_infra --share=" --podman-run-args "--requires=${project_name}_infra --env-file .env" up -d && echo -n "Waiting for vaultwarden to finish starting " && ( podman container logs -f ${container_name} 2>&1 & ) | grep -q 'Rocket has launched from ' && diff --git a/podman-vaultwarden/ci_build-images.sh b/podman-vaultwarden/ci_build-images.sh index 39841c1..294c0d4 100755 --- a/podman-vaultwarden/ci_build-images.sh +++ b/podman-vaultwarden/ci_build-images.sh @@ -17,7 +17,7 @@ if ! podman image exists ${service_image}:${service_version}; then install -v ${vaultwardenlangfrfolder}/email/* ${buildfolder}/src/static/templates/email/ fi rm -rf ${vaultwardenlangfrfolder} - TMPDIR=${HOME} DB='postgresql,enable_mimalloc' CONTAINER_REGISTRIES='git.garbaye.fr/garbaye/vaultwarden' BASE_TAGS=${service_version%%-*} ${buildfolder}/docker/podman-bake.sh || retval=false + TMPDIR=${HOME} DB='sqlite' CONTAINER_REGISTRIES='git.garbaye.fr/garbaye/vaultwarden' BASE_TAGS=${service_version%%-*} ${buildfolder}/docker/podman-bake.sh || retval=false podman image prune -a -f --filter dangling=true podman image prune -a -f --filter intermediate=true podman image rm -f $(podman image list -a -q -- docker.io/vaultwarden/web-vault) diff --git a/podman-vaultwarden/container-compose.yml b/podman-vaultwarden/container-compose.yml index 8c7f4b0..a7c1369 100644 --- a/podman-vaultwarden/container-compose.yml +++ b/podman-vaultwarden/container-compose.yml @@ -1,17 +1,5 @@ version: '3' services: - database: - container_name: ${db_container_name} - image: ${database_image}:${database_version} - volumes: - - database:${database_path}:Z - healthcheck: - test: ["CMD-SHELL", "pg_isready -U vaultwarden"] - interval: 60s - timeout: 10s - retries: 3 - start_period: 5s - app: container_name: ${container_name} image: ${service_image}:${service_version} @@ -25,9 +13,6 @@ services: timeout: 10s retries: 3 start_period: 5s - depends_on: - - ${db_container_name} volumes: - database: data: diff --git a/podman-vaultwarden/vars.sh b/podman-vaultwarden/vars.sh index 88b5d48..1fe29e0 100644 --- a/podman-vaultwarden/vars.sh +++ b/podman-vaultwarden/vars.sh @@ -2,29 +2,17 @@ ## vars service_image="git.garbaye.fr/garbaye/vaultwarden" service_version='1.30.5-amd64' -database_image="docker.io/library/postgres" -database_version='14-alpine' -database_path="/var/lib/postgresql/data" -database_dialect=postgres -database_port=5432 -#database_image="docker.io/library/mariadb" -#database_version='10' -#database_path="/var/lib/mysql" -#database_dialect=mysql -#database_port=3306 ## default vars : override with ENV var GARBAYE_VAULTWARDEN_DOMAIN="${GARBAYE_VAULTWARDEN_ENV_DOMAIN:-http://localhost}" listen_if="${GARBAYE_VAULTWARDEN_ENV_LISTENIF:-127.0.0.1}" listen_port="${GARBAYE_VAULTWARDEN_ENV_LISTENPORT:-8090}" ## mandatory ENV vars -envvars='GARBAYE_VAULTWARDEN_ADMIN_PASSWORD GARBAYE_VAULTWARDEN_DATABASE_PASSWORD' +envvars='GARBAYE_VAULTWARDEN_ADMIN_PASSWORD' ## internal vars : do not touch project_name=${PWD##*/} pod_name="pod_${project_name}" service_name="pod-${pod_name}.service" -upstream_images="${service_image} ${database_image}" +upstream_images="${service_image}" datavolume="${project_name}_data" -dbvolume="${project_name}_database" container_name="${project_name}_app" -db_container_name="${project_name}_database" -get_default_iface_ipv4 GARBAYE_SEAFILE_SMTP_SERVER +get_default_iface_ipv4 GARBAYE_SMTP_SERVER