diff --git a/ct/headers/ots b/ct/headers/ots new file mode 100644 index 000000000..64a5fc431 --- /dev/null +++ b/ct/headers/ots @@ -0,0 +1,6 @@ + ____ ___________ + / __ \/_ __/ ___/ + / / / / / / \__ \ +/ /_/ / / / ___/ / +\____/ /_/ /____/ + diff --git a/ct/ots.sh b/ct/ots.sh new file mode 100644 index 000000000..00e9199fe --- /dev/null +++ b/ct/ots.sh @@ -0,0 +1,58 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: bvdberg01 +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/Luzifer/ots + +APP="OTS" +var_tags="${var_tags:-secrets-sharer}" +var_cpu="${var_cpu:-1}" +var_ram="${var_ram:-512}" +var_disk="${var_disk:-3}" +var_os="${var_os:-debian}" +var_version="${var_version:-12}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + if [[ ! -d /opt/ots ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + RELEASE=$(curl -fsSL https://api.github.com/repos/Luzifer/ots/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') + if [[ "${RELEASE}" != "$(cat ~/.ots 2>/dev/null)" ]] || [[ ! -f ~/.ots ]]; then + msg_info "Stopping ${APP} Service" + systemctl stop ots + systemctl stop nginx + msg_ok "Stopped ${APP} Service" + + fetch_and_deploy_gh_release "ots" "Luzifer/ots" "prebuild" "latest" "/opt/ots" "ots_linux_amd64.tgz" + + msg_info "Stopping ${APP} Service" + systemctl start ots + systemctl start nginx + msg_ok "Stopped ${APP} Service" + msg_ok "Updated Successfully" + else + msg_ok "No update required. ${APP} is already at ${RELEASE}" + fi + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}https://${IP}${CL}" diff --git a/frontend/public/json/ots.json b/frontend/public/json/ots.json new file mode 100644 index 000000000..2bec84e8c --- /dev/null +++ b/frontend/public/json/ots.json @@ -0,0 +1,40 @@ +{ + "name": "OTS", + "slug": "ots", + "categories": [ + 6 + ], + "date_created": "2025-07-28", + "type": "ct", + "updateable": true, + "privileged": false, + "interface_port": 443, + "documentation": "https://github.com/Luzifer/ots/wiki", + "config_path": "/opt/ots/.env", + "website": "https://github.com/Luzifer/ots", + "logo": null, + "description": "One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser.", + "install_methods": [ + { + "type": "default", + "script": "ct/ots.sh", + "resources": { + "cpu": 1, + "ram": 512, + "hdd": 3, + "os": "Debian", + "version": "12" + } + } + ], + "default_credentials": { + "username": null, + "password": null + }, + "notes": [ + { + "text": "When it is in used external please use it behind reverse proxy or create your own certificates", + "type": "info" + } + ] +} diff --git a/install/ots-install.sh b/install/ots-install.sh new file mode 100644 index 000000000..50cd4a34a --- /dev/null +++ b/install/ots-install.sh @@ -0,0 +1,103 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: bvberg01 +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/Luzifer/ots + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing Dependencies" +$STD apt-get install -y \ + redis-server \ + nginx \ + openssl +msg_ok "Installed Dependencies" + +fetch_and_deploy_gh_release "ots" "Luzifer/ots" "prebuild" "latest" "/opt/ots" "ots_linux_amd64.tgz" + +msg_info "Setup OTS" +cat </opt/ots/.env +LISTEN=127.0.0.1:3000 +REDIS_URL=redis://127.0.0.1:6379 +SECRET_EXPIRY=604800 +STORAGE_TYPE=redis +EOF +msg_ok "Setup OTS" + +msg_info "Generating Universal SSL Certificate" +mkdir -p /etc/ssl/ots +$STD openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout /etc/ssl/ots/key.pem \ + -out /etc/ssl/ots/cert.pem \ + -subj "/CN=ots" +msg_ok "Certificate Generated" + +msg_info "Setting up nginx" +cat </etc/nginx/sites-available/ots.conf +server { + listen 80; + listen [::]:80; + server_name ots; + return 301 https://\$host\$request_uri; +} +server { + listen 443 ssl; + listen [::]:443 ssl; + server_name ots; + + ssl_certificate /etc/ssl/ots/cert.pem; + ssl_certificate_key /etc/ssl/ots/key.pem; + + location / { + add_header X-Robots-Tag noindex; + + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host \$host; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto \$scheme; + client_max_body_size 64M; + proxy_pass http://127.0.0.1:3000/; + } +} +EOF + +ln -s /etc/nginx/sites-available/ots.conf /etc/nginx/sites-enabled/ +rm -f /etc/nginx/sites-enabled/default +$STD systemctl reload nginx +msg_ok "Configured nginx" + +msg_info "Creating Services" +cat </etc/systemd/system/ots.service +[Unit] +Description=One-Time-Secret Service +After=network-online.target +Requires=network-online.target + +[Service] +EnvironmentFile=/opt/ots/.env +ExecStart=/opt/ots/ots +Restart=Always +RestartSecs=5 + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable -q --now ots +msg_ok "Created Services" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned"