nixpkgs/pkgs/tools/security/vaultwarden/update.nix
Martin Weinelt 0497d5b99f
vaultwarden: Add update script to keep web vault in sync
- Adds an update script to fetch the compatible web vault version
- Removes `vaultwarden-vault` from top-level to prevent independent
  updates through e.g. r-ryantm. Istead the vault is now accessible
  at `vaultwarden.webvault`.
- The name webvault was chosen because it is the title of the projects
  README and it makes it clearer, that this is the web UI.
2022-12-14 15:00:20 +01:00

23 lines
686 B
Nix

{ writeShellScript
, lib
, nix-update
, curl
, git
, gnugrep
, gnused
, jq
}:
writeShellScript "update-vaultwarden" ''
PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix-update ]}
set -euxo pipefail
VAULTWARDEN_VERSION=$(curl --silent https://api.github.com/repos/dani-garcia/vaultwarden/releases/latest | jq -r '.tag_name')
nix-update "vaultwarden" --version "$VAULTWARDEN_VERSION"
URL="https://raw.githubusercontent.com/dani-garcia/vaultwarden/''${VAULTWARDEN_VERSION}/docker/Dockerfile.j2"
WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"([^\"]+)\".*/\\1/")
nix-update "vaultwarden.webvault" --version "$WEBVAULT_VERSION"
''