community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Revamp Termix install script and Nginx config

Browse Source 
Refactors the Termix installation script to separate frontend and backend build steps, improve dependency handling, and enhance directory setup. Replaces the Nginx site config with a more comprehensive standalone configuration, updates service port to 8080, and ensures Nginx is enabled alongside Termix. Also adds font cleanup and more robust asset copying for production.
This commit is contained in:
CanbiZ 2026-01-16 10:52:33 +01:00
parent 5c030a948c
commit 957e3b06a4
1 changed files with 191 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

253
install/termix-install.sh
View File

@ -27,83 +27,212 @@ msg_ok "Installed Dependencies"
NODE_VERSION="22" setup_nodejs NODE_VERSION="22" setup_nodejs
fetch_and_deploy_gh_release "termix" "Termix-SSH/Termix" fetch_and_deploy_gh_release "termix" "Termix-SSH/Termix"
msg_info "Building ${APPLICATION} (Patience)" msg_info "Building ${APPLICATION} Frontend (Patience)"
cd /opt/termix cd /opt/termix
export COREPACK_ENABLE_DOWNLOAD_PROMPT=0 export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
find public/fonts -name "*.ttf" ! -name "*Regular.ttf" ! -name "*Bold.ttf" ! -name "*Italic.ttf" -delete 2>/dev/null || true
$STD npm install --ignore-scripts --force $STD npm install --ignore-scripts --force
$STD npm rebuild better-sqlite3 --force $STD npm cache clean --force
$STD npm run build $STD npm run build
msg_ok "Built ${APPLICATION} Frontend"
msg_info "Building ${APPLICATION} Backend"
$STD npm rebuild better-sqlite3 --force
$STD npm run build:backend $STD npm run build:backend
mkdir -p /opt/termix/data /opt/termix/uploads msg_ok "Built ${APPLICATION} Backend"
msg_ok "Built ${APPLICATION}"
msg_info "Setting up Production Dependencies"
cd /opt/termix
$STD npm ci --only=production --ignore-scripts --force
$STD npm rebuild better-sqlite3 bcryptjs --force
$STD npm cache clean --force
msg_ok "Set up Production Dependencies"
msg_info "Setting up Directories"
mkdir -p /opt/termix/data \
/opt/termix/uploads \
/opt/termix/html \
/opt/termix/nginx \
/opt/termix/nginx/logs \
/opt/termix/nginx/cache \
/opt/termix/nginx/client_body
cp -r /opt/termix/dist/* /opt/termix/html/ 2>/dev/null || true
cp -r /opt/termix/src/locales /opt/termix/html/locales 2>/dev/null || true
cp -r /opt/termix/public/fonts /opt/termix/html/fonts 2>/dev/null || true
msg_ok "Set up Directories"
msg_info "Configuring Nginx" msg_info "Configuring Nginx"
cat <<'EOF' >/etc/nginx/sites-available/termix.conf cat <<'NGINXEOF' >/etc/nginx/sites-available/termix.conf
server { pid /opt/termix/nginx/nginx.pid;
listen 8080; error_log /opt/termix/nginx/logs/error.log warn;
server_name _;
add_header X-Content-Type-Options nosniff always; events {
add_header X-XSS-Protection "1; mode=block" always; worker_connections 1024;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { http {
root /opt/termix/dist; include /etc/nginx/mime.types;
expires 1y; default_type application/octet-stream;
add_header Cache-Control "public, immutable"; access_log /opt/termix/nginx/logs/access.log;
try_files $uri =404;
}
location / { client_body_temp_path /opt/termix/nginx/client_body;
root /opt/termix/dist; proxy_temp_path /opt/termix/nginx/proxy_temp;
index index.html;
try_files $uri $uri/ /index.html;
}
location ~ ^/(users|version|releases|alerts|rbac|credentials|snippets|terminal|database|db|encryption|ssh|health)(/.*)?$ { sendfile on;
proxy_pass http://127.0.0.1:30001; keepalive_timeout 65;
proxy_http_version 1.1; client_header_timeout 300s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
location /ssh/websocket/ { server {
proxy_pass http://127.0.0.1:30002/; listen 8080;
proxy_http_version 1.1; server_name _;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
proxy_buffering off;
}
location ~ ^/status(/.*)?$ { add_header X-Content-Type-Options nosniff always;
proxy_pass http://127.0.0.1:30005; add_header X-XSS-Protection "1; mode=block" always;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/docker(/.*)?$ { location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
proxy_pass http://127.0.0.1:30007; root /opt/termix/html;
proxy_http_version 1.1; expires 1y;
proxy_set_header Host $host; add_header Cache-Control "public, immutable";
proxy_set_header X-Real-IP $remote_addr; try_files $uri =404;
proxy_connect_timeout 60s; }
proxy_send_timeout 300s;
proxy_read_timeout 300s; location / {
root /opt/termix/html;
index index.html;
try_files $uri $uri/ /index.html;
}
location ~ ^/users(/.*)?$ {
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ ^/(version|releases|alerts|rbac|credentials|snippets|terminal|encryption)(/.*)?$ {
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ ^/(database|db)(/.*)?$ {
client_max_body_size 5G;
client_body_timeout 300s;
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
proxy_request_buffering off;
proxy_buffering off;
}
location /ssh/ {
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /ssh/websocket/ {
proxy_pass http://127.0.0.1:30002/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
proxy_buffering off;
proxy_request_buffering off;
}
location /ssh/tunnel/ {
proxy_pass http://127.0.0.1:30003;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /ssh/file_manager/ssh/ {
client_max_body_size 5G;
client_body_timeout 300s;
proxy_pass http://127.0.0.1:30004;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
proxy_request_buffering off;
proxy_buffering off;
}
location ~ ^/ssh/file_manager/(recent|pinned|shortcuts)$ {
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /health {
proxy_pass http://127.0.0.1:30001;
proxy_http_version 1.1;
proxy_set_header Host $host;
}
location ~ ^/(status|metrics)(/.*)?$ {
proxy_pass http://127.0.0.1:30005;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/(uptime|activity)(/.*)?$ {
proxy_pass http://127.0.0.1:30006;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location ^~ /docker/console/ {
proxy_pass http://127.0.0.1:30008/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
proxy_buffering off;
proxy_request_buffering off;
}
location ~ ^/docker(/.*)?$ {
proxy_pass http://127.0.0.1:30007;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
} }
} }
EOF NGINXEOF
ln -sf /etc/nginx/sites-available/termix.conf /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default rm -f /etc/nginx/sites-enabled/default
$STD systemctl reload nginx rm -f /etc/nginx/nginx.conf
ln -sf /etc/nginx/sites-available/termix.conf /etc/nginx/nginx.conf
msg_ok "Configured Nginx" msg_ok "Configured Nginx"
msg_info "Creating Service" msg_info "Creating Service"
@ -118,7 +247,7 @@ User=root
WorkingDirectory=/opt/termix WorkingDirectory=/opt/termix
Environment=NODE_ENV=production Environment=NODE_ENV=production
Environment=DATA_DIR=/opt/termix/data Environment=DATA_DIR=/opt/termix/data
Environment=PORT=30001 Environment=PORT=8080
ExecStart=/usr/bin/node /opt/termix/dist/backend/index.js ExecStart=/usr/bin/node /opt/termix/dist/backend/index.js
Restart=on-failure Restart=on-failure
RestartSec=5 RestartSec=5
@ -126,7 +255,7 @@ RestartSec=5
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
systemctl enable -q --now termix systemctl enable -q --now termix nginx
msg_ok "Created Service" msg_ok "Created Service"
motd_ssh motd_ssh