wallabag fixes

2026-02-25 05:57:26 +00:00 · 2025-12-09 10:31:48 +01:00
parent 6271306e0b
commit 93cd574b5f
3 changed files with 207 additions and 141 deletions
--- a/install/wallabag-install.sh
+++ b/install/wallabag-install.sh
@@ -1,8 +1,9 @@
 #!/usr/bin/env bash

 # Copyright (c) 2021-2025 community-scripts ORG
-# Author: MickLesk (Canbiz)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://wallabag.org/

 source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
 color
@@ -12,116 +13,145 @@ setting_up_container
 network_check
 update_os

-msg_info "Installing Dependencies (Patience)"
+msg_info "Installing Dependencies"
 $STD apt-get install -y \
-  make \
-  apache2 \
-  libapache2-mod-php \
-  redis
+  nginx \
+  redis-server \
+  imagemagick
 msg_ok "Installed Dependencies"

 setup_mariadb
-PHP_VERSION="8.3" PHP_APACHE="YES" PHP_FPM="YES" PHP_MODULE="bcmath,bz2,cli,exif,common,curl,tidy,fpm,gd,intl,mbstring,xml,mysql,zip" setup_php
-setup_composer
+MARIADB_DB_NAME="wallabag" MARIADB_DB_USER="wallabag" setup_mariadb_db

-msg_info "Setting up Database"
-DB_NAME=wallabag_db
-DB_USER=wallabag
-DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
-SECRET_KEY="$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)"
-$STD mariadb -u root -e "CREATE DATABASE $DB_NAME;"
-$STD mariadb -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';"
-$STD mariadb -u root -e "GRANT ALL PRIVILEGES ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
-{
-  echo "Wallabag Credentials"
-  echo "Database User: $DB_USER"
-  echo "Database Password: $DB_PASS"
-  echo "Database Name: $DB_NAME"
-} >>~/wallabag.creds
-msg_ok "Set up Database"
+PHP_VERSION="8.3" PHP_FPM="YES" PHP_MODULE="bcmath,bz2,curl,gd,imagick,intl,mbstring,mysql,redis,tidy,xml,zip" setup_php
+setup_composer
+NODE_VERSION="22" setup_nodejs

 fetch_and_deploy_gh_release "wallabag" "wallabag/wallabag" "prebuild" "latest" "/opt/wallabag" "wallabag-*.tar.gz"

-msg_info "Installing Wallabag (Patience)"
+msg_info "Configuring Wallabag"
 cd /opt/wallabag
-useradd -d /opt/wallabag -s /bin/bash -M wallabag
+
+useradd -d /opt/wallabag -s /usr/sbin/nologin -M wallabag 2>/dev/null || true
+
+SECRET_KEY="$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)"
+CONTAINER_IP=$(hostname -I | awk '{print $1}')
+
+cat <<EOF >/opt/wallabag/app/config/parameters.yml
+parameters:
+    database_driver: pdo_mysql
+    database_host: 127.0.0.1
+    database_port: 3306
+    database_name: ${MARIADB_DB_NAME}
+    database_user: ${MARIADB_DB_USER}
+    database_password: ${MARIADB_DB_PASS}
+    database_path: null
+    database_table_prefix: wallabag_
+    database_socket: null
+    database_charset: utf8mb4
+
+    domain_name: http://${CONTAINER_IP}:8000
+    server_name: Wallabag
+
+    mailer_dsn: null
+
+    locale: en
+
+    secret: ${SECRET_KEY}
+
+    twofactor_auth: true
+    twofactor_sender: no-reply@wallabag.org
+
+    fosuser_registration: true
+    fosuser_confirmation: true
+
+    fos_oauth_server_access_token_lifetime: 3600
+    fos_oauth_server_refresh_token_lifetime: 1209600
+
+    from_email: no-reply@wallabag.org
+
+    rss_limit: 50
+
+    rabbitmq_host: localhost
+    rabbitmq_port: 5672
+    rabbitmq_user: guest
+    rabbitmq_password: guest
+    rabbitmq_prefetch_count: 10
+
+    redis_scheme: tcp
+    redis_host: localhost
+    redis_port: 6379
+    redis_path: null
+    redis_password: null
+
+    sentry_dsn: null
+EOF
+
 chown -R wallabag:wallabag /opt/wallabag
-mv /opt/wallabag/app/config/parameters.yml.dist /opt/wallabag/app/config/parameters.yml
-sed -i \
-  -e 's|database_name: wallabag|database_name: wallabag_db|' \
-  -e 's|database_port: ~|database_port: 3306|' \
-  -e 's|database_user: root|database_user: wallabag|' \
-  -e 's|database_password: ~|database_password: '"$DB_PASS"'|' \
-  -e 's|secret: .*|secret: '"$SECRET_KEY"'|' \
-  /opt/wallabag/app/config/parameters.yml
+msg_ok "Configured Wallabag"

+msg_info "Installing Wallabag (Patience)"
 export COMPOSER_ALLOW_SUPERUSER=1
-sudo -u wallabag make install --no-interaction

-export COMPOSER_ALLOW_SUPERUSER=1
-composer install --no-dev --prefer-dist --optimize-autoloader --no-interaction
+$STD sudo -u wallabag composer install --no-dev --prefer-dist --optimize-autoloader --no-interaction
+
+$STD sudo -u wallabag php bin/console wallabag:install --env=prod --no-interaction
+
+chown -R wallabag:wallabag /opt/wallabag
+chmod -R 755 /opt/wallabag/var
+chmod -R 755 /opt/wallabag/web/assets
 msg_ok "Installed Wallabag"

-msg_info "Setting up Virtual Host"
-cat <<EOF >/etc/nginx/conf.d/wallabag.conf
+msg_info "Configuring Nginx"
+cat <<'EOF' >/etc/nginx/sites-available/wallabag
 server {
+    listen 8000;
+    server_name _;
    root /opt/wallabag/web;
-    server_name $IPADDRESS;
+
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-Content-Type-Options "nosniff";
+
+    index app.php;
+    charset utf-8;

    location / {
-        # try to serve file directly, fallback to app.php
        try_files $uri /app.php$is_args$args;
    }
+
    location ~ ^/app\.php(/|$) {
-        # if, for some reason, you are still using PHP 5,
-        # then replace /run/php/php7.0 by /var/run/php5
-        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
+        fastcgi_pass unix:/run/php/php8.3-fpm.sock;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
-        # When you are using symlinks to link the document root to the
-        # current version of your application, you should pass the real
-        # application path instead of the path to the symlink to PHP
-        # FPM.
-        # Otherwise, PHP's OPcache may not properly detect changes to
-        # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
-        # for more information).
-        fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
-        # Prevents URIs that include the front controller. This will 404:
-        # http://domain.tld/app.php/some-path
-        # Remove the internal directive to allow URIs like this
        internal;
    }

-    # return 404 for all other php files not matching the front controller
-    # this prevents access to other php files you don't want to be accessible.
    location ~ \.php$ {
        return 404;
    }

+    location ~ /\.(?!well-known).* {
+        deny all;
+    }
+
    error_log /var/log/nginx/wallabag_error.log;
    access_log /var/log/nginx/wallabag_access.log;
 }
 EOF

-$STD a2enmod rewrite
-$STD a2ensite wallabag.conf
-$STD a2dissite 000-default.conf
-systemctl reload apache2
-msg_ok "Configured Virtual Host"
+ln -sf /etc/nginx/sites-available/wallabag /etc/nginx/sites-enabled/
+rm -f /etc/nginx/sites-enabled/default
+$STD systemctl reload nginx
+msg_ok "Configured Nginx"

-msg_info "Setting Permissions"
-chown -R www-data:www-data /opt/wallabag/{bin,app/config,vendor,data,var,web}
-msg_ok "Set Permissions"
-
-msg_info "Running Wallabag Installation"
-php bin/console wallabag:install --env=prod
-msg_ok "Wallabag Installed"
+msg_info "Enabling Services"
+systemctl enable -q --now redis-server
+systemctl enable -q --now php8.3-fpm
+systemctl enable -q --now nginx
+msg_ok "Enabled Services"

 motd_ssh
 customize
-
-msg_info "Cleaning up"
-$STD apt-get autoremove
-$STD apt-get autoclean
-msg_ok "Cleaned"
+cleanup_lxc