Vaultwarden/install.sh

#!/usr/bin/env bash
set -euo pipefail

#############################
# CONFIG
#############################

# Use the CURRENT directory
BASE_DIR="$(pwd)"
DOMAIN_DEFAULT="https://vaultwarden.rozic-dev.com"
TZ_DEFAULT="Europe/Ljubljana"

#############################
# FUNCTIONS
#############################

choose_docker_compose_cmd() {
  if command -v docker &>/dev/null && docker compose version &>/dev/null; then
    echo "docker compose"
  elif command -v docker-compose &>/dev/null; then
    echo "docker-compose"
  else
    echo "Error: docker compose or docker-compose not found in PATH." >&2
    exit 1
  }
}

generate_admin_token() {
  if command -v openssl &>/dev/null; then
    openssl rand -hex 32
  else
    tr -dc 'A-Za-z0-9' </dev/urandom | head -c 64
  fi
}

#############################
# MAIN START
#############################

echo ">>> Running install inside: ${BASE_DIR}"

#############################
# .env FILE
#############################

if [[ -f .env ]]; then
  echo ">>> .env already exists → loading values."
  # shellcheck disable=SC1091
  source .env
  : "${ADMIN_TOKEN:?ADMIN_TOKEN missing in .env}"
  : "${DOMAIN:?DOMAIN missing in .env}"
  : "${TZ:?TZ missing in .env}"

else
  echo ">>> Creating .env file..."

  ADMIN_TOKEN=$(generate_admin_token)
  DOMAIN="${DOMAIN_DEFAULT}"
  TZ="${TZ_DEFAULT}"

  cat > .env <<EOF
ADMIN_TOKEN=${ADMIN_TOKEN}
DOMAIN=${DOMAIN}
TZ=${TZ}
EOF

  echo ">>> .env created."
  echo "    ADMIN_TOKEN: ${ADMIN_TOKEN}"
  echo "    DOMAIN: ${DOMAIN}"
  echo "    TZ: ${TZ}"
fi

#############################
# docker-compose.yml
#############################

echo ">>> Writing docker-compose.yml..."

cat > docker-compose.yml <<'EOF'
version: "3.9"

services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: unless-stopped
    environment:
      - DOMAIN=${DOMAIN}
      - TZ=${TZ}
      - WEBSOCKET_ENABLED=true
      - SIGNUPS_ALLOWED=false
      - ADMIN_TOKEN=${ADMIN_TOKEN}

      # Optional logging
      - LOG_FILE=/data/vaultwarden.log
      - LOG_LEVEL=info

    volumes:
      - ./vw-data:/data

    networks:
      - traefik_default

    labels:
      - "traefik.enable=true"

      # MAIN HTTPS ROUTER
      - "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.rozic-dev.com`)"
      - "traefik.http.routers.vaultwarden.entrypoints=web,websecure"
      - "traefik.http.routers.vaultwarden.middlewares=redirect-to-https"
      - "traefik.http.routers.vaultwarden.tls=true"
      - "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
      - "traefik.http.services.vaultwarden.loadbalancer.server.port=80"

      # WEBSOCKET ROUTER
      - "traefik.http.routers.vaultwarden-ws.rule=Host(`vaultwarden.rozic-dev.com`) && Path(`/notifications/hub`)"
      - "traefik.http.routers.vaultwarden-ws.entrypoints=web,websecure"
      - "traefik.http.routers.vaultwarden-ws.middlewares=redirect-to-https"
      - "traefik.http.routers.vaultwarden-ws.tls=true"
      - "traefik.http.routers.vaultwarden-ws.tls.certresolver=letsencrypt"
      - "traefik.http.services.vaultwarden-ws.loadbalancer.server.port=3012"

networks:
  traefik_default:
    external: true
EOF

echo ">>> docker-compose.yml created."

#############################
# START CONTAINER
#############################

DC_CMD=$(choose_docker_compose_cmd)
echo ">>> Using: ${DC_CMD}"

echo ">>> Pulling images..."
${DC_CMD} pull

echo ">>> Starting Vaultwarden..."
${DC_CMD} up -d

echo ">>> Installation completed!"
echo "URL: ${DOMAIN}"
echo "Admin: ${DOMAIN}/admin"
echo "Admin token (also saved in .env): ${ADMIN_TOKEN}"
echo "Data directory: ${BASE_DIR}/vw-data"
fix. install.sh script 2025-12-11 11:04:05 +00:00			`#!/usr/bin/env bash`
			`set -euo pipefail`

			`#############################`
			`# CONFIG`
			`#############################`

added configuration script 2025-12-11 11:12:19 +00:00			`# Use the CURRENT directory`
			`BASE_DIR="$(pwd)"`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`DOMAIN_DEFAULT="https://vaultwarden.rozic-dev.com"`
			`TZ_DEFAULT="Europe/Ljubljana"`

			`#############################`
			`# FUNCTIONS`
			`#############################`

			`choose_docker_compose_cmd() {`
			`if command -v docker &>/dev/null && docker compose version &>/dev/null; then`
			`echo "docker compose"`
			`elif command -v docker-compose &>/dev/null; then`
			`echo "docker-compose"`
			`else`
			`echo "Error: docker compose or docker-compose not found in PATH." >&2`
			`exit 1`
added configuration script 2025-12-11 11:12:19 +00:00			`}`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`}`

			`generate_admin_token() {`
			`if command -v openssl &>/dev/null; then`
			`openssl rand -hex 32`
			`else`
			`tr -dc 'A-Za-z0-9' </dev/urandom \| head -c 64`
			`fi`
			`}`

			`#############################`
added configuration script 2025-12-11 11:12:19 +00:00			`# MAIN START`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`#############################`

added configuration script 2025-12-11 11:12:19 +00:00			`echo ">>> Running install inside: ${BASE_DIR}"`
fix. install.sh script 2025-12-11 11:04:05 +00:00
			`#############################`
			`# .env FILE`
			`#############################`

			`if [[ -f .env ]]; then`
added configuration script 2025-12-11 11:12:19 +00:00			`echo ">>> .env already exists → loading values."`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`# shellcheck disable=SC1091`
			`source .env`
added configuration script 2025-12-11 11:12:19 +00:00			`: "${ADMIN_TOKEN:?ADMIN_TOKEN missing in .env}"`
			`: "${DOMAIN:?DOMAIN missing in .env}"`
			`: "${TZ:?TZ missing in .env}"`

fix. install.sh script 2025-12-11 11:04:05 +00:00			`else`
			`echo ">>> Creating .env file..."`

			`ADMIN_TOKEN=$(generate_admin_token)`
			`DOMAIN="${DOMAIN_DEFAULT}"`
			`TZ="${TZ_DEFAULT}"`

			`cat > .env <<EOF`
			`ADMIN_TOKEN=${ADMIN_TOKEN}`
			`DOMAIN=${DOMAIN}`
			`TZ=${TZ}`
			`EOF`

			`echo ">>> .env created."`
added configuration script 2025-12-11 11:12:19 +00:00			`echo " ADMIN_TOKEN: ${ADMIN_TOKEN}"`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`echo " DOMAIN: ${DOMAIN}"`
			`echo " TZ: ${TZ}"`
			`fi`

			`#############################`
			`# docker-compose.yml`
			`#############################`

			`echo ">>> Writing docker-compose.yml..."`

			`cat > docker-compose.yml <<'EOF'`
added install.sh script 2025-12-11 11:03:34 +00:00			`version: "3.9"`

			`services:`
			`vaultwarden:`
			`image: vaultwarden/server:latest`
			`container_name: vaultwarden`
			`restart: unless-stopped`
			`environment:`
			`- DOMAIN=${DOMAIN}`
			`- TZ=${TZ}`
			`- WEBSOCKET_ENABLED=true`
			`- SIGNUPS_ALLOWED=false`
			`- ADMIN_TOKEN=${ADMIN_TOKEN}`

added configuration script 2025-12-11 11:12:19 +00:00			`# Optional logging`
added install.sh script 2025-12-11 11:03:34 +00:00			`- LOG_FILE=/data/vaultwarden.log`
			`- LOG_LEVEL=info`

			`volumes:`
			`- ./vw-data:/data`

			`networks:`
			`- traefik_default`

			`labels:`
			`- "traefik.enable=true"`

added configuration script 2025-12-11 11:12:19 +00:00			`# MAIN HTTPS ROUTER`
added install.sh script 2025-12-11 11:03:34 +00:00			- "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.rozic-dev.com`)"
			`- "traefik.http.routers.vaultwarden.entrypoints=web,websecure"`
			`- "traefik.http.routers.vaultwarden.middlewares=redirect-to-https"`
			`- "traefik.http.routers.vaultwarden.tls=true"`
			`- "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"`
			`- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"`

added configuration script 2025-12-11 11:12:19 +00:00			`# WEBSOCKET ROUTER`
added install.sh script 2025-12-11 11:03:34 +00:00			- "traefik.http.routers.vaultwarden-ws.rule=Host(`vaultwarden.rozic-dev.com`) && Path(`/notifications/hub`)"
			`- "traefik.http.routers.vaultwarden-ws.entrypoints=web,websecure"`
			`- "traefik.http.routers.vaultwarden-ws.middlewares=redirect-to-https"`
			`- "traefik.http.routers.vaultwarden-ws.tls=true"`
			`- "traefik.http.routers.vaultwarden-ws.tls.certresolver=letsencrypt"`
			`- "traefik.http.services.vaultwarden-ws.loadbalancer.server.port=3012"`

			`networks:`
			`traefik_default:`
			`external: true`
fix. install.sh script 2025-12-11 11:04:05 +00:00			`EOF`

			`echo ">>> docker-compose.yml created."`

			`#############################`
			`# START CONTAINER`
			`#############################`

			`DC_CMD=$(choose_docker_compose_cmd)`
added configuration script 2025-12-11 11:12:19 +00:00			`echo ">>> Using: ${DC_CMD}"`
fix. install.sh script 2025-12-11 11:04:05 +00:00
			`echo ">>> Pulling images..."`
			`${DC_CMD} pull`

			`echo ">>> Starting Vaultwarden..."`
			`${DC_CMD} up -d`

added configuration script 2025-12-11 11:12:19 +00:00			`echo ">>> Installation completed!"`
			`echo "URL: ${DOMAIN}"`
			`echo "Admin: ${DOMAIN}/admin"`
			`echo "Admin token (also saved in .env): ${ADMIN_TOKEN}"`
			`echo "Data directory: ${BASE_DIR}/vw-data"`