nick
/
Proxmox_Scripts
mirror of https://github.com/tteck/Proxmox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use secure hashed admin token in environment file instead of plain text

This commit is contained in:
Rémi Bédard-Couture 2024-03-09 15:31:21 -05:00
parent 694da83360
commit 1a6107df85
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
install/vaultwarden-install.sh
View File

@ -86,6 +86,7 @@ msg_ok "Downloaded Web-Vault ${WEBVAULT}"
#admintoken=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 70 | head -n 1) #admintoken=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 70 | head -n 1)
admintoken=$(generate_token) admintoken=$(generate_token)
admintoken_hash=$(echo -n ${admintoken} | argon2 "$(openssl rand -base64 32)" -t 2 -m 16 -p 4 -l 64 -e)
#Local server IP #Local server IP
vw_ip4=$(hostname -I | awk '{print $1}') vw_ip4=$(hostname -I | awk '{print $1}')
@ -94,7 +95,7 @@ vw_ip4=$(hostname -I | awk '{print $1}')
#echo "Local IP:$ip4" #echo "Local IP:$ip4"
cat <<EOF >/opt/vaultwarden/.env cat <<EOF >/opt/vaultwarden/.env
ADMIN_TOKEN=${admintoken} ADMIN_TOKEN=${admintoken_hash}
ROCKET_ADDRESS=${vw_ip4} ROCKET_ADDRESS=${vw_ip4}
DATA_FOLDER=/opt/vaultwarden/data DATA_FOLDER=/opt/vaultwarden/data
DATABASE_MAX_CONNS=10 DATABASE_MAX_CONNS=10