From a6e78ad11878a7a7f18ac59f15a41dac8fb220e3 Mon Sep 17 00:00:00 2001 From: vhsdream Date: Tue, 3 Feb 2026 10:57:37 -0500 Subject: [PATCH 01/10] update Immich --- ct/immich.sh | 92 +++++++++++++++++++-------------------- install/immich-install.sh | 42 ++++++++---------- 2 files changed, 62 insertions(+), 72 deletions(-) diff --git a/ct/immich.sh b/ct/immich.sh index d96bbd99d..f79cca3b8 100644 --- a/ct/immich.sh +++ b/ct/immich.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func) +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) # Copyright (c) 2021-2026 community-scripts ORG # Author: vhsdream # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE @@ -52,9 +52,7 @@ Package: * Pin:release a=testing Pin-Priority: 450 EOF - if [[ -f /etc/apt/preferences.d/immich ]]; then - rm /etc/apt/preferences.d/immich - fi + [[ -f /etc/apt/preferences.d/immich ]] && rm /etc/apt/preferences.d/immich $STD apt update msg_ok "Added Debian Testing repo" fi @@ -69,8 +67,7 @@ EOF msg_info "Installing Mise" curl -fSs https://mise.jdx.dev/gpg-key.pub | tee /etc/apt/keyrings/mise-archive-keyring.pub 1>/dev/null echo "deb [signed-by=/etc/apt/keyrings/mise-archive-keyring.pub arch=amd64] https://mise.jdx.dev/deb stable main" >/etc/apt/sources.list.d/mise.list - $STD apt update - $STD apt install -y mise + ensure_dependencies mise msg_ok "Installed Mise" fi @@ -91,7 +88,7 @@ EOF curl -fsSLO "$url" done $STD apt-mark unhold libigdgmm12 - $STD apt install -y ./libigdgmm12*.deb + $STD apt install -y --allow-downgrades ./libigdgmm12*.deb rm ./libigdgmm12*.deb $STD apt install -y ./*.deb rm ./*.deb @@ -112,29 +109,31 @@ EOF msg_ok "Image-processing libraries up to date" fi - RELEASE="v2.5.2" - if check_for_gh_tag "immich" "immich-app/immich" "${RELEASE}"; then + RELEASE="2.5.2" + if check_for_gh_release "immich" "immich-app/immich" "${RELEASE}"; then + if [[ $(cat ~/.immich) > "2.5.1" ]]; then + msg_info "Enabling Maintenance Mode" + cd /opt/immich/app/bin + $STD ./immich-admin enable-maintenance-mode + export MAINT_MODE=1 + $STD cd - + msg_ok "Enabled Maintenance Mode" + fi msg_info "Stopping Services" systemctl stop immich-web systemctl stop immich-ml msg_ok "Stopped Services" VCHORD_RELEASE="0.5.3" - if [[ ! -f ~/.vchord_version ]] || [[ "$VCHORD_RELEASE" != "$(cat ~/.vchord_version)" ]]; then - msg_info "Upgrading VectorChord" - curl -fsSL "https://github.com/tensorchord/vectorchord/releases/download/${VCHORD_RELEASE}/postgresql-16-vchord_${VCHORD_RELEASE}-1_amd64.deb" -o vchord.deb - $STD apt install -y ./vchord.deb + [[ -f ~/.vchord_version ]] && mv ~/.vchord_version ~/.vectorchord + if check_for_gh_release "VectorChord" "tensorchord/VectorChord" "${VCHORD_RELEASE}"; then + fetch_and_deploy_gh_release "VectorChord" "tensorchord/VectorChord" "binary" "${VCHORD_RELEASE}" "/tmp" "postgresql-16-vchord_*_amd64.deb" systemctl restart postgresql $STD sudo -u postgres psql -d immich -c "ALTER EXTENSION vector UPDATE;" $STD sudo -u postgres psql -d immich -c "ALTER EXTENSION vchord UPDATE;" $STD sudo -u postgres psql -d immich -c "REINDEX INDEX face_index;" $STD sudo -u postgres psql -d immich -c "REINDEX INDEX clip_index;" - echo "$VCHORD_RELEASE" >~/.vchord_version - rm ./vchord.deb - msg_ok "Upgraded VectorChord to v${VCHORD_RELEASE}" - fi - if ! dpkg -l | grep -q ccache; then - $STD apt install -yqq ccache fi + ensure_dependencies ccache INSTALL_DIR="/opt/${APP}" UPLOAD_DIR="$(sed -n '/^IMMICH_MEDIA_LOCATION/s/[^=]*=//p' /opt/immich/.env)" @@ -144,7 +143,7 @@ EOF ML_DIR="${APP_DIR}/machine-learning" GEO_DIR="${INSTALL_DIR}/geodata" - cp "$ML_DIR"/ml_start.sh "$INSTALL_DIR" + [[ -f "$ML_DIR"/ml_start.sh ]] && cp "$ML_DIR"/ml_start.sh "$INSTALL_DIR" if grep -qs "set -a" "$APP_DIR"/bin/start.sh; then cp "$APP_DIR"/bin/start.sh "$INSTALL_DIR" else @@ -165,7 +164,7 @@ EOF rm -rf "${APP_DIR:?}"/* ) - CLEAN_INSTALL=1 fetch_and_deploy_gh_release "immich" "immich-app/immich" "tag" "${RELEASE}" "$SRC_DIR" + CLEAN_INSTALL=1 fetch_and_deploy_gh_release "immich" "immich-app/immich" "tarball" "v${RELEASE}" "$SRC_DIR" msg_info "Updating Immich web and microservices" cd "$SRC_DIR"/server @@ -180,7 +179,7 @@ EOF export SHARP_FORCE_GLOBAL_LIBVIPS=true $STD pnpm --filter immich --frozen-lockfile --prod --no-optional deploy "$APP_DIR" cp "$APP_DIR"/package.json "$APP_DIR"/bin - sed -i 's|^start|./start|' "$APP_DIR"/bin/immich-admin + sed -i "s|^start|${APP_DIR}/bin/start|" "$APP_DIR"/bin/immich-admin # openapi & web build cd "$SRC_DIR" @@ -196,8 +195,7 @@ EOF $STD pnpm --filter @immich/sdk --filter @immich/cli --frozen-lockfile install $STD pnpm --filter @immich/sdk --filter @immich/cli build $STD pnpm --filter @immich/cli --prod --no-optional deploy "$APP_DIR"/cli - cd "$APP_DIR" - mv "$INSTALL_DIR"/start.sh "$APP_DIR"/bin + [[ -f "$INSTALL_DIR"/start.sh ]] && mv "$INSTALL_DIR"/start.sh "$APP_DIR"/bin # plugins cd "$SRC_DIR" @@ -217,16 +215,9 @@ EOF export VIRTUAL_ENV="${ML_DIR}"/ml-venv if [[ -f ~/.openvino ]]; then msg_info "Updating HW-accelerated machine-learning" - # Remove old venv if Python version changed (3.12 -> 3.13) - if [[ -d "${VIRTUAL_ENV}" ]] && ! "${VIRTUAL_ENV}/bin/python3" --version 2>/dev/null | grep -q "3.13"; then - rm -rf "${VIRTUAL_ENV}" - fi - $STD sudo --preserve-env=VIRTUAL_ENV -nu immich uv sync --extra openvino --no-dev --active --link-mode copy -n -p python3.13 --managed-python - patchelf --clear-execstack "${VIRTUAL_ENV}/lib/python3.13/site-packages/onnxruntime/capi/onnxruntime_pybind11_state.cpython-313-x86_64-linux-gnu.so" - # Add workaround for onnxruntime-openvino 1.23.x crash if not present - if ! grep -q "MACHINE_LEARNING_OPENVINO_NUM_THREADS" "$INSTALL_DIR/.env" 2>/dev/null; then - sed -i '/MACHINE_LEARNING_CACHE_FOLDER/a ## - For OpenVINO only - workaround for onnxruntime-openvino 1.23.x crash\n## - See: https://github.com/immich-app/immich/pull/11240\nMACHINE_LEARNING_OPENVINO_NUM_THREADS=$(nproc)' "$INSTALL_DIR/.env" - fi + $STD uv add --no-sync --optional openvino onnxruntime-openvino==1.20.0 --active -n -p python3.12 --managed-python + $STD sudo --preserve-env=VIRTUAL_ENV -nu immich uv sync --extra openvino --no-dev --active --link-mode copy -n -p python3.12 --managed-python + patchelf --clear-execstack "${VIRTUAL_ENV}/lib/python3.12/site-packages/onnxruntime/capi/onnxruntime_pybind11_state.cpython-312-x86_64-linux-gnu.so" msg_ok "Updated HW-accelerated machine-learning" else msg_info "Updating machine-learning" @@ -235,10 +226,8 @@ EOF fi cd "$SRC_DIR" cp -a machine-learning/{ann,immich_ml} "$ML_DIR" - mv "$INSTALL_DIR"/ml_start.sh "$ML_DIR" - if [[ -f ~/.openvino ]]; then - sed -i "/intra_op/s/int = 0/int = os.cpu_count() or 0/" "$ML_DIR"/immich_ml/config.py - fi + [[ -f "$INSTALL_DIR"/ml_start.sh ]] && mv "$INSTALL_DIR"/ml_start.sh "$ML_DIR" + [[ -f ~/.openvino ]] && sed -i "/intra_op/s/int = 0/int = os.cpu_count() or 0/" "$ML_DIR"/immich_ml/config.py ln -sf "$APP_DIR"/resources "$INSTALL_DIR" cd "$APP_DIR" grep -rl /usr/src | xargs -n1 sed -i "s|\/usr/src|$INSTALL_DIR|g" @@ -247,8 +236,18 @@ EOF ln -s "${UPLOAD_DIR:-/opt/immich/upload}" "$APP_DIR"/upload ln -s "${UPLOAD_DIR:-/opt/immich/upload}" "$ML_DIR"/upload ln -s "$GEO_DIR" "$APP_DIR" + [[ ! -f /usr/bin/immich ]] && ln -sf "$APP_DIR"/cli/bin/immich /usr/bin/immich + [[ ! -f /usr/bin/immich-admin ]] && ln -sf "$APP_DIR"/bin/immich-admin /usr/bin/immich-admin chown -R immich:immich "$INSTALL_DIR" + if [[ "${MAINT_MODE:-0}" == 1 ]]; then + msg_info "Disabling Maintenance Mode" + cd /opt/immich/app/bin + $STD ./immich-admin disable-maintenance-mode + unset MAINT_MODE + $STD cd - + msg_ok "Disabled Maintenance Mode" + fi systemctl restart immich-ml immich-web msg_ok "Updated successfully!" fi @@ -262,7 +261,7 @@ function compile_libjxl() { : "${LIBJXL_REVISION:=$(jq -cr '.revision' "$BASE_DIR"/server/sources/libjxl.json)}" if [[ "$LIBJXL_REVISION" != "$(grep 'libjxl' ~/.immich_library_revisions | awk '{print $2}')" ]]; then msg_info "Recompiling libjxl" - if [[ -d "$SOURCE" ]]; then rm -rf "$SOURCE"; fi + [[ -d "$SOURCE" ]] && rm -rf "$SOURCE" $STD git clone https://github.com/libjxl/libjxl.git "$SOURCE" cd "$SOURCE" $STD git reset --hard "$LIBJXL_REVISION" @@ -302,14 +301,11 @@ function compile_libjxl() { function compile_libheif() { SOURCE=${SOURCE_DIR}/libheif - if ! dpkg -l | grep -q libaom; then - $STD apt install -y libaom-dev - local update="required" - fi + ensure_dependencies libaom-dev : "${LIBHEIF_REVISION:=$(jq -cr '.revision' "$BASE_DIR"/server/sources/libheif.json)}" if [[ "${update:-}" ]] || [[ "$LIBHEIF_REVISION" != "$(grep 'libheif' ~/.immich_library_revisions | awk '{print $2}')" ]]; then msg_info "Recompiling libheif" - if [[ -d "$SOURCE" ]]; then rm -rf "$SOURCE"; fi + [[ -d "$SOURCE" ]] && rm -rf "$SOURCE" $STD git clone https://github.com/strukturag/libheif.git "$SOURCE" cd "$SOURCE" $STD git reset --hard "$LIBHEIF_REVISION" @@ -325,7 +321,7 @@ function compile_libheif() { -DWITH_X265=OFF \ -DWITH_EXAMPLES=OFF \ .. - $STD make install -j "$(nproc)" + $STD make install -j"$(nproc)" ldconfig /usr/local/lib $STD make clean cd "$STAGING_DIR" @@ -340,7 +336,7 @@ function compile_libraw() { : "${LIBRAW_REVISION:=$(jq -cr '.revision' "$BASE_DIR"/server/sources/libraw.json)}" if [[ "$LIBRAW_REVISION" != "$(grep 'libraw' ~/.immich_library_revisions | awk '{print $2}')" ]]; then msg_info "Recompiling libraw" - if [[ -d "$SOURCE" ]]; then rm -rf "$SOURCE"; fi + [[ -d "$SOURCE" ]] && rm -rf "$SOURCE" $STD git clone https://github.com/libraw/libraw.git "$SOURCE" cd "$SOURCE" $STD git reset --hard "$LIBRAW_REVISION" @@ -362,7 +358,7 @@ function compile_imagemagick() { if [[ "$IMAGEMAGICK_REVISION" != "$(grep 'imagemagick' ~/.immich_library_revisions | awk '{print $2}')" ]] || ! grep -q 'DMAGICK_LIBRAW' /usr/local/lib/ImageMagick-7*/config-Q16HDRI/configure.xml; then msg_info "Recompiling ImageMagick" - if [[ -d "$SOURCE" ]]; then rm -rf "$SOURCE"; fi + [[ -d "$SOURCE" ]] && rm -rf "$SOURCE" $STD git clone https://github.com/ImageMagick/ImageMagick.git "$SOURCE" cd "$SOURCE" $STD git reset --hard "$IMAGEMAGICK_REVISION" @@ -382,7 +378,7 @@ function compile_libvips() { : "${LIBVIPS_REVISION:=$(jq -cr '.revision' "$BASE_DIR"/server/sources/libvips.json)}" if [[ "$LIBVIPS_REVISION" != "$(grep 'libvips' ~/.immich_library_revisions | awk '{print $2}')" ]]; then msg_info "Recompiling libvips" - if [[ -d "$SOURCE" ]]; then rm -rf "$SOURCE"; fi + [[ -d "$SOURCE" ]] && rm -rf "$SOURCE" $STD git clone https://github.com/libvips/libvips.git "$SOURCE" cd "$SOURCE" $STD git reset --hard "$LIBVIPS_REVISION" diff --git a/install/immich-install.sh b/install/immich-install.sh index d0625e4cf..b86058c12 100644 --- a/install/immich-install.sh +++ b/install/immich-install.sh @@ -149,12 +149,7 @@ NODE_VERSION="24" NODE_MODULE="pnpm@${PNPM_VERSION}" setup_nodejs PG_VERSION="16" PG_MODULES="pgvector" setup_postgresql VCHORD_RELEASE="0.5.3" -msg_info "Installing Vectorchord v${VCHORD_RELEASE}" -curl -fsSL "https://github.com/tensorchord/VectorChord/releases/download/${VCHORD_RELEASE}/postgresql-16-vchord_${VCHORD_RELEASE}-1_amd64.deb" -o vchord.deb -$STD apt install -y ./vchord.deb -rm vchord.deb -echo "$VCHORD_RELEASE" >~/.vchord_version -msg_ok "Installed Vectorchord v${VCHORD_RELEASE}" +fetch_and_deploy_gh_release "VectorChord" "tensorchord/VectorChord" "binary" "${VCHORD_RELEASE}" "/tmp" "postgresql-16-vchord_*_amd64.deb" sed -i -e "/^#shared_preload/s/^#//;/^shared_preload/s/''/'vchord.so'/" /etc/postgresql/16/main/postgresql.conf systemctl restart postgresql.service @@ -228,7 +223,7 @@ $STD cmake --preset=release-noplugins \ -DWITH_X265=OFF \ -DWITH_EXAMPLES=OFF \ .. -$STD make install -j "$(nproc)" +$STD make install -j"$(nproc)" ldconfig /usr/local/lib $STD make clean cd "$STAGING_DIR" @@ -293,10 +288,9 @@ APP_DIR="${INSTALL_DIR}/app" PLUGIN_DIR="${APP_DIR}/corePlugin" ML_DIR="${APP_DIR}/machine-learning" GEO_DIR="${INSTALL_DIR}/geodata" -mkdir -p "$INSTALL_DIR" mkdir -p {"${APP_DIR}","${UPLOAD_DIR}","${GEO_DIR}","${INSTALL_DIR}"/cache} -fetch_and_deploy_gh_release "immich" "immich-app/immich" "tag" "v2.5.2" "$SRC_DIR" +fetch_and_deploy_gh_release "immich" "immich-app/immich" "tarball" "v2.5.2" "$SRC_DIR" msg_info "Installing Immich (patience)" @@ -312,7 +306,7 @@ unset SHARP_IGNORE_GLOBAL_LIBVIPS export SHARP_FORCE_GLOBAL_LIBVIPS=true $STD pnpm --filter immich --frozen-lockfile --prod --no-optional deploy "$APP_DIR" cp "$APP_DIR"/package.json "$APP_DIR"/bin -sed -i 's|^start|./start|' "$APP_DIR"/bin/immich-admin +sed -i "s|^start|${APP_DIR}/bin/start|" "$APP_DIR"/bin/immich-admin # openapi & web build cd "$SRC_DIR" @@ -347,8 +341,9 @@ mkdir -p "$ML_DIR" && chown -R immich:immich "$INSTALL_DIR" export VIRTUAL_ENV="${ML_DIR}/ml-venv" if [[ -f ~/.openvino ]]; then msg_info "Installing HW-accelerated machine-learning" - $STD sudo --preserve-env=VIRTUAL_ENV -nu immich uv sync --extra openvino --no-dev --active --link-mode copy -n -p python3.13 --managed-python - patchelf --clear-execstack "${VIRTUAL_ENV}/lib/python3.13/site-packages/onnxruntime/capi/onnxruntime_pybind11_state.cpython-313-x86_64-linux-gnu.so" + $STD uv add --no-sync --optional openvino onnxruntime-openvino==1.20.0 --active -n -p python3.12 --managed-python + $STD sudo --preserve-env=VIRTUAL_ENV -nu immich uv sync --extra openvino --no-dev --active --link-mode copy -n -p python3.12 --managed-python + patchelf --clear-execstack "${VIRTUAL_ENV}/lib/python3.12/site-packages/onnxruntime/capi/onnxruntime_pybind11_state.cpython-312-x86_64-linux-gnu.so" msg_ok "Installed HW-accelerated machine-learning" else msg_info "Installing machine-learning" @@ -357,9 +352,7 @@ else fi cd "$SRC_DIR" cp -a machine-learning/{ann,immich_ml} "$ML_DIR" -if [[ -f ~/.openvino ]]; then - sed -i "/intra_op/s/int = 0/int = os.cpu_count() or 0/" "$ML_DIR"/immich_ml/config.py -fi +[[ -f ~/.openvino ]] && sed -i "/intra_op/s/int = 0/int = os.cpu_count() or 0/" "$ML_DIR"/immich_ml/config.py ln -sf "$APP_DIR"/resources "$INSTALL_DIR" cd "$APP_DIR" @@ -404,10 +397,9 @@ DB_VECTOR_EXTENSION=vectorchord REDIS_HOSTNAME=127.0.0.1 IMMICH_MACHINE_LEARNING_URL=http://127.0.0.1:3003 MACHINE_LEARNING_CACHE_FOLDER=${INSTALL_DIR}/cache -## - For OpenVINO only - workaround for onnxruntime-openvino 1.23.x crash -## - See: https://github.com/immich-app/immich/pull/11240 -MACHINE_LEARNING_OPENVINO_NUM_THREADS=$(nproc) -## - Uncomment below to increase inference speed while reducing accuracy +## - For OpenVINO only - uncomment below to increase +## - inference speed while reducing accuracy +## - Default is FP32 # MACHINE_LEARNING_OPENVINO_PRECISION=FP16 IMMICH_MEDIA_LOCATION=${UPLOAD_DIR} @@ -434,9 +426,11 @@ set +a /usr/bin/node ${APP_DIR}/dist/main.js "\$@" EOF chmod +x "$ML_DIR"/ml_start.sh "$APP_DIR"/bin/start.sh -cat </etc/systemd/system/"${APPLICATION}"-web.service +ln -sf "$APP_DIR"/cli/bin/immich /usr/bin/immich +ln -sf "$APP_DIR"/bin/immich-admin /usr/bin/immich-admin +cat </etc/systemd/system/immich-web.service [Unit] -Description=${APPLICATION} Web Service +Description=Immich Web Service After=network.target Requires=redis-server.service Requires=postgresql.service @@ -458,9 +452,9 @@ StandardError=append:/var/log/immich/web.log [Install] WantedBy=multi-user.target EOF -cat </etc/systemd/system/"${APPLICATION}"-ml.service +cat </etc/systemd/system/immich-ml.service [Unit] -Description=${APPLICATION} Machine-Learning +Description=Immich Machine-Learning After=network.target [Service] @@ -480,7 +474,7 @@ StandardError=append:/var/log/immich/ml.log WantedBy=multi-user.target EOF chown -R immich:immich "$INSTALL_DIR" /var/log/immich -systemctl enable -q --now "$APPLICATION"-ml.service "$APPLICATION"-web.service +systemctl enable -q --now immich-ml.service immich-web.service msg_ok "Modified user, created env file, scripts and services" motd_ssh From a8b29baca51636d4718a40e1e735f7b97458376a Mon Sep 17 00:00:00 2001 From: vhsdream Date: Tue, 3 Feb 2026 11:36:46 -0500 Subject: [PATCH 02/10] Immich: add IPP --- ct/immich.sh | 19 ++++++++++++++++++- install/immich-install.sh | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/ct/immich.sh b/ct/immich.sh index f79cca3b8..2b5370be6 100644 --- a/ct/immich.sh +++ b/ct/immich.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func) # Copyright (c) 2021-2026 community-scripts ORG # Author: vhsdream # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE @@ -249,6 +249,23 @@ EOF msg_ok "Disabled Maintenance Mode" fi systemctl restart immich-ml immich-web + if [[ -f /opt/immich-proxy ]]; then + if check_for_gh_release "immich-public-proxy" "alangrainger/immich-public-proxy"; then + systemctl stop immich-proxy + msg_info "Backing up Immich Public Proxy configs" + cp -a /opt/immich-proxy/app/{.env,config.json} ~/ + msg_ok "Backed up Immich Public Proxy configs" + CLEAN_INSTALL=1 fetch_and_deploy_gh_release "immich-public_proxy" "alangrainger/immich-public-proxy" "tarball" "latest" "/opt/immich-proxy" + msg_info "Building Immich Public Proxy" + cd /opt/immich-proxy + $STD npm ci + $STD npm run build + mv ~/{config.json,.env} /opt/immich-proxy/app + chown -R immich:immich /opt/immich-proxy + systemctl start immich-proxy + msg_ok "Built Immich Public Proxy" + fi + fi msg_ok "Updated successfully!" fi exit diff --git a/install/immich-install.sh b/install/immich-install.sh index b86058c12..a89bd2b8f 100644 --- a/install/immich-install.sh +++ b/install/immich-install.sh @@ -477,6 +477,44 @@ chown -R immich:immich "$INSTALL_DIR" /var/log/immich systemctl enable -q --now immich-ml.service immich-web.service msg_ok "Modified user, created env file, scripts and services" +read -r -p "${TAB3}Install Immich Public Proxy? y/N " proxy +if [[ "${proxy,,}" =~ (y|yes)$ ]]; then + fetch_and_deploy_gh_release "immich-public-proxy" "alangrainger/immich-public-proxy" "tarball" "latest" "/opt/immich-proxy" + msg_info "Configuring Immich Public Proxy" + cd /opt/immich-proxy/app + $STD npm install + $STD npm run build + cat </opt/immich-proxy/app/.env +NODE_ENV=production +IMMICH_URL=http://localhost:2283 +EOF + chown -R immich:immich /opt/immich-proxy + + cat </etc/systemd/system/immich-proxy.service +[Unit] +Description=Immich Public Proxy +After=network.target +Requires=immich-web.service + +[Service] +Type=simple +User=immich +Group=immich +UMask=0077 +WorkingDirectory=/opt/immich-proxy/app +EnvironmentFile=/opt/immich-proxy/app/.env +ExecStart=/usr/bin/node /opt/immich-proxy/app/dist/index.js +Restart=on-failure +SyslogIdentifier=immich-proxy + +[Install] +WantedBy=multi-user.target +EOF + systemctl enable -q --now immich-proxy.service + msg_ok "Configured Immich Public Proxy" + msg_warn "Additional config available in '/opt/immich-proxy/app/config.json'" +fi + motd_ssh customize cleanup_lxc From 124c81de635af3bc164ca6fb5feadd4eccfda664 Mon Sep 17 00:00:00 2001 From: vhsdream Date: Tue, 3 Feb 2026 11:55:39 -0500 Subject: [PATCH 03/10] Immich: add IPP --- ct/immich.sh | 17 +++++++++++++++++ install/immich-install.sh | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/ct/immich.sh b/ct/immich.sh index d96bbd99d..009366b92 100644 --- a/ct/immich.sh +++ b/ct/immich.sh @@ -250,6 +250,23 @@ EOF chown -R immich:immich "$INSTALL_DIR" systemctl restart immich-ml immich-web + if [[ -f /opt/immich-proxy ]]; then + if check_for_gh_release "immich-public-proxy" "alangrainger/immich-public-proxy"; then + systemctl stop immich-proxy + msg_info "Backing up Immich Public Proxy configs" + cp -a /opt/immich-proxy/app/{.env,config.json} ~/ + msg_ok "Backed up Immich Public Proxy configs" + CLEAN_INSTALL=1 fetch_and_deploy_gh_release "immich-public_proxy" "alangrainger/immich-public-proxy" "tarball" "latest" "/opt/immich-proxy" + msg_info "Building Immich Public Proxy" + cd /opt/immich-proxy + $STD npm ci + $STD npm run build + mv ~/{config.json,.env} /opt/immich-proxy/app + chown -R immich:immich /opt/immich-proxy + systemctl start immich-proxy + msg_ok "Built Immich Public Proxy" + fi + fi msg_ok "Updated successfully!" fi exit diff --git a/install/immich-install.sh b/install/immich-install.sh index d0625e4cf..b71abcd58 100644 --- a/install/immich-install.sh +++ b/install/immich-install.sh @@ -483,6 +483,44 @@ chown -R immich:immich "$INSTALL_DIR" /var/log/immich systemctl enable -q --now "$APPLICATION"-ml.service "$APPLICATION"-web.service msg_ok "Modified user, created env file, scripts and services" +read -r -p "${TAB3}Install Immich Public Proxy? y/N " proxy +if [[ "${proxy,,}" =~ (y|yes)$ ]]; then + fetch_and_deploy_gh_release "immich-public-proxy" "alangrainger/immich-public-proxy" "tarball" "latest" "/opt/immich-proxy" + msg_info "Configuring Immich Public Proxy" + cd /opt/immich-proxy/app + $STD npm install + $STD npm run build + cat </opt/immich-proxy/app/.env +NODE_ENV=production +IMMICH_URL=http://localhost:2283 +EOF + chown -R immich:immich /opt/immich-proxy + + cat </etc/systemd/system/immich-proxy.service +[Unit] +Description=Immich Public Proxy +After=network.target +Requires=immich-web.service + +[Service] +Type=simple +User=immich +Group=immich +UMask=0077 +WorkingDirectory=/opt/immich-proxy/app +EnvironmentFile=/opt/immich-proxy/app/.env +ExecStart=/usr/bin/node /opt/immich-proxy/app/dist/index.js +Restart=on-failure +SyslogIdentifier=immich-proxy + +[Install] +WantedBy=multi-user.target +EOF + systemctl enable -q --now immich-proxy.service + msg_ok "Configured Immich Public Proxy" + msg_warn "Additional config available in '/opt/immich-proxy/app/config.json'" +fi + motd_ssh customize cleanup_lxc From 797fed06fd0ce6d82e9c152409d2284a9cc1490b Mon Sep 17 00:00:00 2001 From: tremor021 Date: Tue, 3 Feb 2026 19:06:49 +0100 Subject: [PATCH 04/10] Lots of mumbojumbo wizardry here --- install/powerdns-install.sh | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/install/powerdns-install.sh b/install/powerdns-install.sh index 973be32f3..8a03244e3 100644 --- a/install/powerdns-install.sh +++ b/install/powerdns-install.sh @@ -39,7 +39,22 @@ msg_ok "Setup PowerDNS" fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball" msg_info "Setting up Poweradmin" -sqlite3 /opt/poweradmin/powerdns.db < /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql +sqlite3 /opt/poweradmin/powerdns.db < /opt/poweradmin/sql/poweradmin-sqlite-db-structure.sql +PA_ADMIN_USERNAME="admin" +PA_ADMIN_EMAIL="admin@example.com" +PA_ADMIN_FULLNAME="Administrator" +PA_ADMIN_PASSWORD=$(openssl rand -base64 16 | tr -d "=+/" | cut -c1-16) +PA_SESSION_KEY=$(openssl rand -base64 75 | tr -dc 'A-Za-z0-9^@#!(){}[]%_\-+=~' | head -c 50) +PASSWORD_HASH=$(php -r "echo password_hash(\$argv[1], PASSWORD_DEFAULT);" -- "${PA_ADMIN_PASSWORD}" 2>/dev/null) +sqlite3 /opt/poweradmin/powerdns.db "INSERT INTO users (username, password, fullname, email, description, perm_templ, active, use_ldap) \ + VALUES ('$(escape_sql "${PA_ADMIN_USERNAME}")', '$(escape_sql "${PASSWORD_HASH}")', '$(escape_sql "${PA_ADMIN_FULLNAME}")', \ + '$(escape_sql "${PA_ADMIN_EMAIL}")', 'System Administrator', 1, 1, 0);" + +cat <~/poweradmin.creds +Admin Username: ${PA_ADMIN_USERNAME} +Admin Password: ${PA_ADMIN_PASSWORD} +EOF + cat </opt/poweradmin/config/settings.php [ - 'session_key' => '5c\$^vK#l!*@mj4Id(WWzsosruN\$fkhaqLQo@i-s6ZBV)8C', + 'session_key' => '${PA_SESSION_KEY}', ], /** @@ -82,13 +97,14 @@ return [ ] ]; EOF +rm -rf /opt/poweradmin/install msg_ok "Setup Poweradmin" msg_info "Creating Service" rm /etc/apache2/sites-enabled/000-default.conf cat </etc/apache2/sites-enabled/poweradmin.conf - ServerName $HOSTNAME + ServerName localhost DocumentRoot /opt/poweradmin From 2e64b8a5c7cce334e69b9f3385df0b8542e94ccb Mon Sep 17 00:00:00 2001 From: tremor021 Date: Tue, 3 Feb 2026 19:13:31 +0100 Subject: [PATCH 05/10] escape_sql --- install/powerdns-install.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/install/powerdns-install.sh b/install/powerdns-install.sh index 8a03244e3..a6456776d 100644 --- a/install/powerdns-install.sh +++ b/install/powerdns-install.sh @@ -31,6 +31,10 @@ Pin: origin repo.powerdns.com Pin-Priority: 600 EOF +escape_sql() { + printf '%s' "$1" | sed "s/'/''/g" +} + msg_info "Setting up PowerDNS" $STD apt install -y pdns-server \ pdns-backend-sqlite3 From 182f8ecd72fe7d18e35e742eeb80054396ed1843 Mon Sep 17 00:00:00 2001 From: tremor021 Date: Tue, 3 Feb 2026 19:25:40 +0100 Subject: [PATCH 06/10] even more mumbojumbo wizardry here --- install/powerdns-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/powerdns-install.sh b/install/powerdns-install.sh index a6456776d..bb67d44b1 100644 --- a/install/powerdns-install.sh +++ b/install/powerdns-install.sh @@ -43,7 +43,7 @@ msg_ok "Setup PowerDNS" fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball" msg_info "Setting up Poweradmin" -sqlite3 /opt/poweradmin/powerdns.db < /opt/poweradmin/sql/poweradmin-sqlite-db-structure.sql +sqlite3 /opt/poweradmin/powerdns.db < /opt/poweradmin/sql/pdns/49/schema.sqlite3.sql PA_ADMIN_USERNAME="admin" PA_ADMIN_EMAIL="admin@example.com" PA_ADMIN_FULLNAME="Administrator" From 58aecd9ffa34713ca4f650187c63e94dc278ab23 Mon Sep 17 00:00:00 2001 From: tremor021 Date: Tue, 3 Feb 2026 19:36:39 +0100 Subject: [PATCH 07/10] i dont even know why this doesnt work --- install/powerdns-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/install/powerdns-install.sh b/install/powerdns-install.sh index bb67d44b1..a9caa7345 100644 --- a/install/powerdns-install.sh +++ b/install/powerdns-install.sh @@ -43,6 +43,7 @@ msg_ok "Setup PowerDNS" fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball" msg_info "Setting up Poweradmin" +sqlite3 /opt/poweradmin/powerdns.db < /opt/poweradmin/sql/poweradmin-sqlite-db-structure.sql sqlite3 /opt/poweradmin/powerdns.db < /opt/poweradmin/sql/pdns/49/schema.sqlite3.sql PA_ADMIN_USERNAME="admin" PA_ADMIN_EMAIL="admin@example.com" From f043dfc79a9492c3df67938e2d34617f923bd246 Mon Sep 17 00:00:00 2001 From: "GitHub Actions[bot]" Date: Tue, 3 Feb 2026 19:05:52 +0000 Subject: [PATCH 08/10] chore: update github-versions.json Total versions: 22 Pinned versions: 1 Generated: 2026-02-03T19:05:52Z --- frontend/public/json/github-versions.json | 70 ++++++++++++++--------- 1 file changed, 42 insertions(+), 28 deletions(-) diff --git a/frontend/public/json/github-versions.json b/frontend/public/json/github-versions.json index a2c97554c..3f386d945 100644 --- a/frontend/public/json/github-versions.json +++ b/frontend/public/json/github-versions.json @@ -1,5 +1,5 @@ { - "generated": "2026-01-31T18:42:49Z", + "generated": "2026-02-03T19:05:52Z", "versions": [ { "slug": "affine", @@ -11,23 +11,30 @@ { "slug": "anytype", "repo": "grishy/any-sync-bundle", - "version": "v1.2.1-2025-12-10", + "version": "v1.3.0-2026-01-31", "pinned": false, - "date": "2025-12-24T20:40:15Z" + "date": "2026-02-01T17:27:12Z" + }, + { + "slug": "checkmate", + "repo": "bluewave-labs/Checkmate", + "version": "v3.3", + "pinned": false, + "date": "2026-01-28T14:25:25Z" }, { "slug": "databasus", "repo": "databasus/databasus", - "version": "v3.7.0", + "version": "v3.8.3", "pinned": false, - "date": "2026-01-28T14:46:28Z" + "date": "2026-02-02T18:14:53Z" }, { "slug": "ente", "repo": "ente-io/ente", - "version": "photos-v1.3.7", + "version": "photos-v1.3.10", "pinned": false, - "date": "2026-01-29T17:20:41Z" + "date": "2026-02-03T11:06:10Z" }, { "slug": "frigate", @@ -36,6 +43,13 @@ "pinned": false, "date": "2026-01-29T00:42:14Z" }, + { + "slug": "garmin-grafana", + "repo": "arpanghosh8453/garmin-grafana", + "version": "v0.3.0", + "pinned": false, + "date": "2025-05-15T21:39:19Z" + }, { "slug": "hoodik", "repo": "hudikhq/hoodik", @@ -50,13 +64,6 @@ "pinned": false, "date": "2025-10-19T17:43:10Z" }, - { - "slug": "kitchenowl", - "repo": "TomBursch/kitchenowl", - "version": "v0.7.6", - "pinned": false, - "date": "2026-01-24T01:21:14Z" - }, { "slug": "minthcm", "repo": "minthcm/minthcm", @@ -71,6 +78,13 @@ "pinned": false, "date": "2026-01-31T00:09:18Z" }, + { + "slug": "nginx-ui", + "repo": "0xJacky/nginx-ui", + "version": "v2.3.2", + "pinned": false, + "date": "2025-12-09T09:47:15Z" + }, { "slug": "nightscout", "repo": "nightscout/cgm-remote-monitor", @@ -106,13 +120,6 @@ "pinned": false, "date": "2026-01-23T17:03:31Z" }, - { - "slug": "rustypaste", - "repo": "orhun/rustypaste", - "version": "v0.16.1", - "pinned": false, - "date": "2025-03-21T20:44:47Z" - }, { "slug": "seer", "repo": "seerr-team/seerr", @@ -120,13 +127,6 @@ "pinned": false, "date": "2025-08-14T20:43:46Z" }, - { - "slug": "shelfmark", - "repo": "FlareSolverr/FlareSolverr", - "version": "v3.4.6", - "pinned": false, - "date": "2025-11-29T02:43:00Z" - }, { "slug": "sonobarr", "repo": "Dodelidoo-Labs/sonobarr", @@ -134,12 +134,26 @@ "pinned": false, "date": "2026-01-21T19:07:21Z" }, + { + "slug": "wealthfolio", + "repo": "afadil/wealthfolio", + "version": "v2.1.0", + "pinned": false, + "date": "2025-12-01T21:57:36Z" + }, { "slug": "wishlist", "repo": "cmintey/wishlist", "version": "v0.59.0", "pinned": false, "date": "2026-01-19T16:42:14Z" + }, + { + "slug": "writefreely", + "repo": "writefreely/writefreely", + "version": "v0.16.0", + "pinned": false, + "date": "2025-08-29T19:30:02Z" } ] } From c8bcfccd64968f881e8b3b9ccafc6ec75aa8c2f4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 3 Feb 2026 19:37:04 +0000 Subject: [PATCH 09/10] Delete wealthfolio (ct) after migration to ProxmoxVE (#1410) Co-authored-by: github-actions[bot] --- ct/wealthfolio.sh | 86 -------------------------- frontend/public/json/wealthfolio.json | 40 ------------ install/wealthfolio-install.sh | 89 --------------------------- 3 files changed, 215 deletions(-) delete mode 100644 ct/wealthfolio.sh delete mode 100644 frontend/public/json/wealthfolio.json delete mode 100644 install/wealthfolio-install.sh diff --git a/ct/wealthfolio.sh b/ct/wealthfolio.sh deleted file mode 100644 index e52639587..000000000 --- a/ct/wealthfolio.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/env bash -source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func) -# Copyright (c) 2021-2026 community-scripts ORG -# Author: CrazyWolf13 -# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE -# Source: https://wealthfolio.app/ - -APP="Wealthfolio" -var_tags="${var_tags:-finance;portfolio}" -var_cpu="${var_cpu:-4}" -var_ram="${var_ram:-4096}" -var_disk="${var_disk:-10}" -var_os="${var_os:-debian}" -var_version="${var_version:-13}" -var_unprivileged="${var_unprivileged:-1}" - -header_info "$APP" -variables -color -catch_errors - -function update_script() { - header_info - check_container_storage - check_container_resources - - if [[ ! -d /opt/wealthfolio ]]; then - msg_error "No ${APP} Installation Found!" - exit - fi - - if check_for_gh_release "wealthfolio" "afadil/wealthfolio"; then - msg_info "Stopping Service" - systemctl stop wealthfolio - msg_ok "Stopped Service" - - msg_info "Backing up Data" - cp -r /opt/wealthfolio_data /opt/wealthfolio_data_backup - cp /opt/wealthfolio/.env /opt/wealthfolio_env_backup - msg_ok "Backed up Data" - - CLEAN_INSTALL=1 fetch_and_deploy_gh_release "wealthfolio" "afadil/wealthfolio" "tarball" - - msg_info "Building Frontend (patience)" - cd /opt/wealthfolio - $STD pnpm install --frozen-lockfile - $STD pnpm tsc - $STD pnpm vite build - msg_ok "Built Frontend" - - msg_info "Building Backend (patience)" - cd /opt/wealthfolio/src-server - source ~/.cargo/env - $STD cargo build --release --manifest-path Cargo.toml - cp /opt/wealthfolio/src-server/target/release/wealthfolio-server /usr/local/bin/wealthfolio-server - chmod +x /usr/local/bin/wealthfolio-server - msg_ok "Built Backend" - - msg_info "Restoring Data" - cp -r /opt/wealthfolio_data_backup/. /opt/wealthfolio_data - cp /opt/wealthfolio_env_backup /opt/wealthfolio/.env - rm -rf /opt/wealthfolio_data_backup /opt/wealthfolio_env_backup - msg_ok "Restored Data" - - msg_info "Cleaning Up" - rm -rf /opt/wealthfolio/src-server/target - rm -rf /root/.cargo/registry - rm -rf /opt/wealthfolio/node_modules - msg_ok "Cleaned Up" - - msg_info "Starting Service" - systemctl start wealthfolio - msg_ok "Started Service" - msg_ok "Updated successfully!" - fi - exit -} - -start -build_container -description - -msg_ok "Completed successfully!\n" -echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" -echo -e "${INFO}${YW} Access it using the following URL:${CL}" -echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080${CL}" diff --git a/frontend/public/json/wealthfolio.json b/frontend/public/json/wealthfolio.json deleted file mode 100644 index 8c5508b54..000000000 --- a/frontend/public/json/wealthfolio.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "name": "Wealthfolio", - "slug": "wealthfolio", - "categories": [ - 23 - ], - "date_created": "2026-02-03", - "type": "ct", - "updateable": true, - "privileged": false, - "interface_port": 8080, - "documentation": "https://wealthfolio.app/docs/introduction/", - "config_path": "/opt/wealthfolio/.env", - "website": "https://wealthfolio.app/", - "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/wealthfolio.webp", - "description": "Wealthfolio is a beautiful, privacy-focused investment tracker with local data storage. Track your portfolio across multiple accounts and asset types with detailed performance analytics, goal planning, and multi-currency support.", - "install_methods": [ - { - "type": "default", - "script": "ct/wealthfolio.sh", - "resources": { - "cpu": 4, - "ram": 4096, - "hdd": 10, - "os": "Debian", - "version": "13" - } - } - ], - "default_credentials": { - "username": null, - "password": "See ~/wealthfolio.creds" - }, - "notes": [ - { - "text": "Login password is stored in ~/wealthfolio.creds", - "type": "info" - } - ] -} diff --git a/install/wealthfolio-install.sh b/install/wealthfolio-install.sh deleted file mode 100644 index 8ee9c6e36..000000000 --- a/install/wealthfolio-install.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2021-2026 community-scripts ORG -# Author: CrazyWolf13 -# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE -# Source: https://wealthfolio.app/ - -source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" -color -verb_ip6 -catch_errors -setting_up_container -network_check -update_os - -msg_info "Installing Dependencies" -$STD apt install -y \ - pkg-config \ - libssl-dev \ - build-essential \ - libsqlite3-dev \ - argon2 -msg_ok "Installed Dependencies" - -setup_rust -NODE_MODULE="pnpm" setup_nodejs -fetch_and_deploy_gh_release "wealthfolio" "afadil/wealthfolio" "tarball" - -msg_info "Building Frontend (patience)" -cd /opt/wealthfolio -$STD pnpm install --frozen-lockfile -$STD pnpm tsc -$STD pnpm vite build -msg_ok "Built Frontend" - -msg_info "Building Backend (patience)" -cd /opt/wealthfolio/src-server -$STD cargo build --release --manifest-path Cargo.toml -cp /opt/wealthfolio/src-server/target/release/wealthfolio-server /usr/local/bin/wealthfolio-server -chmod +x /usr/local/bin/wealthfolio-server -msg_ok "Built Backend" - -msg_info "Configuring Wealthfolio" -mkdir -p /opt/wealthfolio_data -SECRET_KEY=$(openssl rand -base64 32) -WF_PASSWORD=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-16) -WF_PASSWORD_HASH=$(echo -n "$WF_PASSWORD" | argon2 "$(openssl rand -base64 16)" -id -e) -cat </opt/wealthfolio/.env -WF_LISTEN_ADDR=0.0.0.0:8080 -WF_DB_PATH=/opt/wealthfolio_data/wealthfolio.db -WF_SECRET_KEY=${SECRET_KEY} -WF_AUTH_PASSWORD_HASH=${WF_PASSWORD_HASH} -WF_STATIC_DIR=/opt/wealthfolio/dist -WF_CORS_ALLOW_ORIGINS=* -WF_REQUEST_TIMEOUT_MS=30000 -EOF -echo "WF_PASSWORD=${WF_PASSWORD}" >~/wealthfolio.creds -msg_ok "Configured Wealthfolio" - -msg_info "Cleaning Up" -rm -rf /opt/wealthfolio/src-server/target -rm -rf /root/.cargo/registry -rm -rf /opt/wealthfolio/node_modules -msg_ok "Cleaned Up" - -msg_info "Creating Service" -cat </etc/systemd/system/wealthfolio.service -[Unit] -Description=Wealthfolio Investment Tracker -After=network.target - -[Service] -Type=simple -User=root -WorkingDirectory=/opt/wealthfolio -EnvironmentFile=/opt/wealthfolio/.env -ExecStart=/usr/local/bin/wealthfolio-server -Restart=on-failure -RestartSec=5 - -[Install] -WantedBy=multi-user.target -EOF -systemctl enable -q --now wealthfolio -msg_ok "Created Service" - -motd_ssh -customize -cleanup_lxc From 3107ce4c3f420a635db5e926bc095e71c1df7d01 Mon Sep 17 00:00:00 2001 From: "GitHub Actions[bot]" Date: Wed, 4 Feb 2026 07:03:38 +0000 Subject: [PATCH 10/10] chore: update github-versions.json Total versions: 21 Pinned versions: 1 Generated: 2026-02-04T07:03:37Z --- frontend/public/json/github-versions.json | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/frontend/public/json/github-versions.json b/frontend/public/json/github-versions.json index 3f386d945..85c22ee41 100644 --- a/frontend/public/json/github-versions.json +++ b/frontend/public/json/github-versions.json @@ -1,5 +1,5 @@ { - "generated": "2026-02-03T19:05:52Z", + "generated": "2026-02-04T07:03:37Z", "versions": [ { "slug": "affine", @@ -134,13 +134,6 @@ "pinned": false, "date": "2026-01-21T19:07:21Z" }, - { - "slug": "wealthfolio", - "repo": "afadil/wealthfolio", - "version": "v2.1.0", - "pinned": false, - "date": "2025-12-01T21:57:36Z" - }, { "slug": "wishlist", "repo": "cmintey/wishlist",