Merge branch 'community-scripts:main' into feature/kutt

install/alpine-valkey-install.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: pshankinclarke (lazarillo)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://valkey.io/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Valkey"
+$STD apk add valkey valkey-openrc valkey-cli
+$STD sed -i 's/^bind .*/bind 0.0.0.0/' /etc/valkey/valkey.conf
+$STD rc-update add valkey default
+$STD rc-service valkey start
+msg_ok "Installed Valkey"
+
+motd_ssh
+customize

install/cronmaster-install.sh

@@ -12,6 +12,7 @@ catch_errors
 setting_up_container
 network_check
 update_os
+setup_hwaccel
 
 msg_info "Installing dependencies"
 $STD apt install -y pciutils

install/debian-install.sh

@@ -13,6 +13,8 @@ setting_up_container
 network_check
 update_os
 
+setup_hwaccel
+
 msg_info "Installing Base Dependencies"
 $STD apt-get install -y curl wget ca-certificates
 msg_ok "Installed Base Dependencies"

install/deferred/openwebui-install.sh

@@ -1,107 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2025 tteck
-# Author: tteck
-# Co-Author: havardthom
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://openwebui.com/
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt-get install -y \
-    ffmpeg
-msg_ok "Installed Dependencies"
-
-msg_info "Setup Python3"
-$STD apt-get install -y --no-install-recommends \
-    python3 \
-    python3-pip
-msg_ok "Setup Python3"
-
-setup_nodejs
-
-msg_info "Installing Open WebUI (Patience)"
-fetch_and_deploy_gh_release "open-webui/open-webui"
-cd /opt/openwebui/backend
-$STD pip3 install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cpu
-$STD pip3 install -r requirements.txt -U
-cd /opt/openwebui
-cat <<EOF >/opt/openwebui/.env
-# Ollama URL for the backend to connect
-# The path '/ollama' will be redirected to the specified backend URL
-OLLAMA_BASE_URL=http://0.0.0.0:11434
-OPENAI_API_BASE_URL=''
-OPENAI_API_KEY=''
-# AUTOMATIC1111_BASE_URL="http://localhost:7860"
-# DO NOT TRACK
-SCARF_NO_ANALYTICS=true
-DO_NOT_TRACK=true
-ANONYMIZED_TELEMETRY=false
-ENV=prod
-ENABLE_OLLAMA_API=false
-EOF
-$STD npm install
-export NODE_OPTIONS="--max-old-space-size=3584"
-sed -i "s/git rev-parse HEAD/openssl rand -hex 20/g" /opt/openwebui/svelte.config.js
-$STD npm run build
-msg_ok "Installed Open WebUI"
-
-read -r -p "${TAB3}Would you like to add Ollama? <y/N> " prompt
-if [[ ${prompt,,} =~ ^(y|yes)$ ]]; then
-    msg_info "Installing Ollama"
-    curl -fsSLO https://ollama.com/download/ollama-linux-amd64.tgz
-    tar -C /usr -xzf ollama-linux-amd64.tgz
-    rm -rf ollama-linux-amd64.tgz
-    cat <<EOF >/etc/systemd/system/ollama.service
-[Unit]
-Description=Ollama Service
-After=network-online.target
-
-[Service]
-Type=exec
-ExecStart=/usr/bin/ollama serve
-Environment=HOME=$HOME
-Environment=OLLAMA_HOST=0.0.0.0
-Restart=always
-RestartSec=3
-
-[Install]
-WantedBy=multi-user.target
-EOF
-    systemctl enable -q --now ollama
-    sed -i 's/ENABLE_OLLAMA_API=false/ENABLE_OLLAMA_API=true/g' /opt/openwebui/.env
-    msg_ok "Installed Ollama"
-fi
-
-msg_info "Creating Service"
-cat <<EOF >/etc/systemd/system/open-webui.service
-[Unit]
-Description=Open WebUI Service
-After=network.target
-
-[Service]
-Type=exec
-WorkingDirectory=/opt/openwebui
-EnvironmentFile=/opt/openwebui/.env
-ExecStart=/opt/openwebui/backend/start.sh
-
-[Install]
-WantedBy=multi-user.target
-EOF
-systemctl enable -q --now open-webui
-msg_ok "Created Service"
-
-motd_ssh
-customize
-
-msg_info "Cleaning up"
-$STD apt-get -y autoremove
-$STD apt-get -y autoclean
-msg_ok "Cleaned"

install/heimdall-dashboard-install.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 tteck
+# Author: tteck (tteckster)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://heimdall.site/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y apt-transport-https
+msg_ok "Installed Dependencies"
+
+PHP_VERSION="8.4" PHP_MODULE="bz2,sqlite3" PHP_FPM="YES" setup_php
+setup_composer
+fetch_and_deploy_gh_release "Heimdall" "linuxserver/Heimdall" "tarball"
+
+msg_info "Setting up Heimdall-Dashboard"
+cd /opt/Heimdall
+cp .env.example .env
+$STD php artisan key:generate
+msg_ok "Setup Heimdall-Dashboard"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/heimdall.service
+[Unit]
+Description=Heimdall
+After=network.target
+
+[Service]
+Restart=always
+RestartSec=5
+Type=simple
+User=root
+WorkingDirectory=/opt/Heimdall
+ExecStart=/usr/bin/php artisan serve --port 7990 --host 0.0.0.0
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target"
+EOF
+systemctl enable -q --now heimdall
+cd /opt/Heimdall
+export COMPOSER_ALLOW_SUPERUSER=1
+$STD composer dump-autoload
+systemctl restart heimdall.service
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

install/homarr-install.sh

@@ -18,16 +18,14 @@ $STD apt install -y \
   redis-server \
   nginx \
   gettext \
-  openssl \
-  musl-dev
+  openssl
 msg_ok "Installed Dependencies"
 
-NODE_VERSION=$(curl -s https://raw.githubusercontent.com/homarr-labs/homarr/dev/package.json | jq -r '.engines.node | split(">=")[1] | split(".")[0]')
+NODE_VERSION=$(curl -s https://raw.githubusercontent.com/Meierschlumpf/homarr/dev/package.json | jq -r '.engines.node | split(">=")[1] | split(".")[0]')
 setup_nodejs
-fetch_and_deploy_gh_release "homarr" "homarr-labs/homarr" "prebuild" "latest" "/opt/homarr" "build-amd64.tar.gz"
+fetch_and_deploy_gh_release "homarr" "Meierschlumpf/homarr" "prebuild" "latest" "/opt/homarr" "source-debian-amd64.tar.gz"
 
 msg_info "Installing Homarr"
-ln -s /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1
 mkdir -p /opt/homarr_db
 touch /opt/homarr_db/db.sqlite
 SECRET_ENCRYPTION_KEY="$(openssl rand -hex 32)"
@@ -47,7 +45,7 @@ msg_ok "Installed Homarr"
 msg_info "Copying config files"
 mkdir -p /appdata/redis
 chown -R redis:redis /appdata/redis
-chmod 755 /appdata/redis
+chmod 744 /appdata/redis
 cp /opt/homarr/redis.conf /etc/redis/redis.conf
 rm /etc/nginx/nginx.conf
 mkdir -p /etc/nginx/templates
@@ -64,6 +62,8 @@ ReadWritePaths=-/appdata/redis -/var/lib/redis -/var/log/redis -/var/run/redis -
 EOF
 cat <<EOF >/etc/systemd/system/homarr.service
 [Unit]
+Requires=redis-server.service
+After=redis-server.service
 Description=Homarr Service
 After=network.target
 
@@ -80,6 +80,7 @@ chmod +x /opt/homarr/run.sh
 systemctl daemon-reload
 systemctl enable -q --now redis-server && sleep 5
 systemctl enable -q --now homarr
+systemctl disable -q --now nginx
 msg_ok "Created Services"
 
 motd_ssh

install/hoodik-install.sh

@@ -13,46 +13,47 @@ setting_up_container
 network_check
 update_os
 
-msg_info "Installing Dependencies"
-$STD apt-get install -y \
-  pkg-config \
-  libssl-dev \
-  libc6-dev \
-  libpq-dev \
-  clang \
-  llvm \
-  nettle-dev \
-  build-essential \
-  make
-msg_ok "Installed Dependencies"
+#msg_info "Installing Dependencies"
+#$STD apt-get install -y \
+#  pkg-config \
+#  libssl-dev \
+#  libc6-dev \
+#  libpq-dev \
+#  clang \
+#  llvm \
+#  nettle-dev \
+#  build-essential \
+#  make
+#msg_ok "Installed Dependencies"
 
-setup_rust
-NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
-fetch_and_deploy_gh_release "hoodik" "hudikhq/hoodik" "tarball" "latest" "/opt/hoodik"
+#setup_rust
+#NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
+#fetch_and_deploy_gh_release "hoodik" "hudikhq/hoodik" "tarball" "latest" "/opt/hoodik"
+fetch_and_deploy_gh_release "hoodik" "hudikhq/hoodik" "prebuild" "latest" "/opt/hoodik" "*x86_64.tar.gz"
 
-msg_info "Installing wasm-pack"
-$STD cargo install wasm-pack
-msg_ok "Installed wasm-pack"
+#msg_info "Installing wasm-pack"
+#$STD cargo install wasm-pack
+#msg_ok "Installed wasm-pack"
 
-msg_info "Building Hoodik Frontend"
-cd /opt/hoodik
-$STD yarn install --frozen-lockfile
-$STD yarn wasm-pack
-$STD yarn web:build
-msg_ok "Built Hoodik Frontend"
+#msg_info "Building Hoodik Frontend"
+#cd /opt/hoodik
+#$STD yarn install --frozen-lockfile
+#$STD yarn wasm-pack
+#$STD yarn web:build
+#msg_ok "Built Hoodik Frontend"
 
-msg_info "Building Hoodik Backend"
-cd /opt/hoodik
-$STD cargo build --release
-cp /opt/hoodik/target/release/hoodik /usr/local/bin/hoodik
-chmod +x /usr/local/bin/hoodik
-msg_ok "Built Hoodik Backend"
+#msg_info "Building Hoodik Backend"
+#cd /opt/hoodik
+#$STD cargo build --release
+#cp /opt/hoodik/target/release/hoodik /usr/local/bin/hoodik
+#chmod +x /usr/local/bin/hoodik
+#msg_ok "Built Hoodik Backend"
 
-msg_info "Cleaning up build artifacts"
-rm -rf /opt/hoodik/target
-rm -rf /root/.cargo/registry
-rm -rf /opt/hoodik/node_modules
-msg_ok "Cleaned up build artifacts"
+#msg_info "Cleaning up build artifacts"
+#rm -rf /opt/hoodik/target
+#rm -rf /root/.cargo/registry
+#rm -rf /opt/hoodik/node_modules
+#msg_ok "Cleaned up build artifacts"
 
 msg_info "Configuring Hoodik"
 mkdir -p /opt/hoodik_data
@@ -80,7 +81,8 @@ Type=simple
 User=root
 WorkingDirectory=/opt/hoodik_data
 EnvironmentFile=/opt/hoodik/.env
-ExecStart=/usr/local/bin/hoodik
+#ExecStart=/usr/local/bin/hoodik
+ExecStart=/opt/hoodik
 Restart=always
 RestartSec=5
 

install/koel-install.sh

@@ -1,189 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2025 community-scripts ORG
-# Author: MickLesk (CanbiZ)
-# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
-# Source: https://koel.dev/
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt install -y \
-  nginx \
-  ffmpeg \
-  cron \
-  locales
-msg_ok "Installed Dependencies"
-
-import_local_ip
-PG_VERSION="16" setup_postgresql
-PG_DB_NAME="koel" PG_DB_USER="koel" setup_postgresql_db
-PHP_VERSION="8.4" PHP_FPM="YES" PHP_MODULE="bz2,exif,imagick,pgsql,sqlite3" setup_php
-NODE_VERSION="22" NODE_MODULE="pnpm" setup_nodejs
-setup_composer
-
-fetch_and_deploy_gh_release "koel" "koel/koel" "prebuild" "latest" "/opt/koel" "koel-*.tar.gz"
-
-msg_info "Configuring Koel"
-mkdir -p /opt/koel_media /opt/koel_sync
-cd /opt/koel
-cat <<EOF >/opt/koel/.env
-APP_NAME=Koel
-APP_ENV=production
-APP_DEBUG=false
-APP_URL=http://${LOCAL_IP}
-APP_KEY=
-
-TRUSTED_HOSTS=
-
-DB_CONNECTION=pgsql
-DB_HOST=127.0.0.1
-DB_PORT=5432
-DB_DATABASE=${PG_DB_NAME}
-DB_USERNAME=${PG_DB_USER}
-DB_PASSWORD=${PG_DB_PASS}
-
-STORAGE_DRIVER=local
-MEDIA_PATH=/opt/koel_media
-ARTIFACTS_PATH=
-
-IGNORE_DOT_FILES=true
-APP_MAX_SCAN_TIME=600
-MEMORY_LIMIT=
-
-STREAMING_METHOD=php
-SCOUT_DRIVER=tntsearch
-
-USE_MUSICBRAINZ=true
-MUSICBRAINZ_USER_AGENT=
-
-LASTFM_API_KEY=
-LASTFM_API_SECRET=
-
-SPOTIFY_CLIENT_ID=
-SPOTIFY_CLIENT_SECRET=
-
-YOUTUBE_API_KEY=
-
-CDN_URL=
-
-TRANSCODE_FLAC=false
-FFMPEG_PATH=/usr/bin/ffmpeg
-TRANSCODE_BIT_RATE=128
-
-ALLOW_DOWNLOAD=true
-BACKUP_ON_DELETE=true
-
-MEDIA_BROWSER_ENABLED=false
-
-PROXY_AUTH_ENABLED=false
-
-SYNC_LOG_LEVEL=error
-FORCE_HTTPS=
-
-MAIL_FROM_ADDRESS="noreply@localhost"
-MAIL_FROM_NAME="Koel"
-MAIL_MAILER=log
-MAIL_HOST=null
-MAIL_PORT=null
-MAIL_USERNAME=null
-MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
-
-BROADCAST_CONNECTION=log
-CACHE_DRIVER=file
-FILESYSTEM_DISK=local
-QUEUE_CONNECTION=sync
-SESSION_DRIVER=file
-SESSION_LIFETIME=120
-EOF
-
-mkdir -p /opt/koel/storage/{app/public,framework/{cache/data,sessions,views},logs}
-chown -R www-data:www-data /opt/koel /opt/koel_media /opt/koel_sync
-chmod -R 775 /opt/koel/storage /opt/koel/bootstrap/cache
-msg_ok "Configured Koel"
-
-msg_info "Installing Koel (Patience)"
-export COMPOSER_ALLOW_SUPERUSER=1
-cd /opt/koel
-$STD composer install --no-interaction --no-dev --optimize-autoloader
-$STD php artisan key:generate --force
-$STD php artisan config:clear
-$STD php artisan cache:clear
-$STD php artisan koel:init --no-assets --no-interaction
-chown -R www-data:www-data /opt/koel
-msg_ok "Installed Koel"
-
-msg_info "Tuning PHP-FPM"
-PHP_FPM_CONF="/etc/php/8.4/fpm/pool.d/www.conf"
-sed -i 's/^pm.max_children = .*/pm.max_children = 15/' "$PHP_FPM_CONF"
-sed -i 's/^pm.start_servers = .*/pm.start_servers = 4/' "$PHP_FPM_CONF"
-sed -i 's/^pm.min_spare_servers = .*/pm.min_spare_servers = 2/' "$PHP_FPM_CONF"
-sed -i 's/^pm.max_spare_servers = .*/pm.max_spare_servers = 8/' "$PHP_FPM_CONF"
-$STD systemctl restart php8.4-fpm
-msg_ok "Tuned PHP-FPM"
-
-msg_info "Configuring Nginx"
-cat <<'EOF' >/etc/nginx/sites-available/koel
-server {
-    listen 80;
-    server_name _;
-    root /opt/koel/public;
-    index index.php;
-
-    client_max_body_size 50M;
-    charset utf-8;
-
-    gzip on;
-    gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json;
-    gzip_comp_level 9;
-
-    send_timeout 3600;
-
-    location / {
-        try_files $uri $uri/ /index.php?$args;
-    }
-
-    location /media/ {
-        internal;
-        alias $upstream_http_x_media_root;
-    }
-
-    location ~ \.php$ {
-        try_files $uri $uri/ /index.php?$args;
-        fastcgi_pass unix:/run/php/php8.4-fpm.sock;
-        fastcgi_index index.php;
-        fastcgi_split_path_info ^(.+\.php)(/.+)$;
-        fastcgi_intercept_errors on;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-        fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        include fastcgi_params;
-    }
-
-    location ~ /\.(?!well-known).* {
-        deny all;
-    }
-}
-EOF
-rm -f /etc/nginx/sites-enabled/default
-ln -sf /etc/nginx/sites-available/koel /etc/nginx/sites-enabled/koel
-$STD systemctl reload nginx
-msg_ok "Configured Nginx"
-
-msg_info "Setting up Cron Job"
-cat <<'EOF' >/etc/cron.d/koel
-0 * * * * www-data cd /opt/koel && /usr/bin/php artisan koel:scan >/dev/null 2>&1
-EOF
-chmod 644 /etc/cron.d/koel
-msg_ok "Set up Cron Job"
-
-motd_ssh
-customize
-cleanup_lxc

install/linkwarden-install.sh

@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (Canbiz)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://linkwarden.app/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y build-essential
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="22" setup_nodejs
+PG_VERSION="16" setup_postgresql
+PG_DB_NAME="linkwardendb" PG_DB_USER="linkwarden" setup_postgresql_db
+RUST_CRATES="monolith" setup_rust
+fetch_and_deploy_gh_release "linkwarden" "linkwarden/linkwarden"
+import_local_ip
+
+read -r -p "${TAB3}Would you like to add Adminer? <y/N> " prompt
+if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
+  setup_adminer
+fi
+
+msg_info "Installing Linkwarden (Patience)"
+export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
+export PRISMA_HIDE_UPDATE_MESSAGE=1
+export DEBIAN_FRONTEND=noninteractive
+corepack enable
+SECRET_KEY="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)"
+cd /opt/linkwarden
+$STD yarn workspaces focus linkwarden @linkwarden/web @linkwarden/worker
+# $STD npx playwright install-deps
+# $STD yarn playwright install
+
+cat <<EOF >/opt/linkwarden/.env
+NEXTAUTH_SECRET=${SECRET_KEY}
+NEXTAUTH_URL=http://${LOCAL_IP}:3000
+DATABASE_URL=postgresql://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}
+EOF
+$STD yarn prisma:generate
+$STD yarn web:build
+$STD yarn prisma:deploy
+rm -rf ~/.cargo/registry ~/.cargo/git ~/.cargo/.package-cache
+rm -rf /root/.cache/yarn
+rm -rf /opt/linkwarden/.next/cache
+msg_ok "Installed Linkwarden"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/linkwarden.service
+[Unit]
+Description=Linkwarden Service
+After=network.target
+
+[Service]
+Type=exec
+Environment=PATH=$PATH
+WorkingDirectory=/opt/linkwarden
+ExecStart=/usr/bin/yarn concurrently:start
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now linkwarden
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

install/nextexplorer-install.sh

@@ -79,6 +79,7 @@ SESSION_SECRET="${SECRET}"
 # OIDC_CLIENT_SECRET=
 # OIDC_CALLBACK_URL=
 # OIDC_SCOPES=
+# OIDC_AUTO_CREATE_USERS=true
 
 # SEARCH_DEEP=
 # SEARCH_RIPGREP=

install/opencloud-install.sh

@@ -57,7 +57,7 @@ echo "$COOLPASS" >~/.coolpass
 msg_ok "Installed Collabora Online"
 
 # OpenCloud
-fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v4.0.0" "/usr/bin" "opencloud-*-linux-amd64"
+fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v4.1.0" "/usr/bin" "opencloud-*-linux-amd64"
 
 msg_info "Configuring OpenCloud"
 DATA_DIR="/var/lib/opencloud/"

install/papra-install.sh

@@ -0,0 +1,104 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://github.com/CorentinTh/papra
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  git \
+  build-essential \
+  tesseract-ocr \
+  tesseract-ocr-all
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="24" setup_nodejs
+
+msg_info "Cloning Papra Repository"
+cd /opt
+RELEASE=$(curl -s https://api.github.com/repos/papra-hq/papra/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3)}')
+$STD git clone --depth=1 --branch ${RELEASE} https://github.com/papra-hq/papra.git
+cd papra
+msg_ok "Cloned Papra Repository"
+
+msg_info "Setup Papra"
+export COREPACK_ENABLE_NETWORK=1
+$STD corepack enable
+$STD corepack prepare pnpm@10.19.0 --activate
+$STD pnpm install --frozen-lockfile --ignore-scripts
+$STD pnpm --filter "@papra/app-client..." run build
+$STD pnpm --filter "@papra/app-server..." run build
+msg_ok "Set up Papra"
+
+msg_info "Configuring Papra"
+CONTAINER_IP=$(hostname -I | awk '{print $1}')
+BETTER_AUTH_SECRET=$(openssl rand -hex 32)
+
+mkdir -p /opt/papra/app-data/db
+mkdir -p /opt/papra/app-data/documents
+
+cat >/opt/papra/.env <<EOF
+NODE_ENV=production
+SERVER_SERVE_PUBLIC_DIR=true
+PORT=1221
+
+# Database Configuration
+DATABASE_URL=file:./app-data/db/db.sqlite
+
+# Storage Configuration
+DOCUMENT_STORAGE_FILESYSTEM_ROOT=./app-data/documents
+PAPRA_CONFIG_DIR=./app-data
+
+# Authentication
+BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
+BETTER_AUTH_TELEMETRY=0
+
+# Application Configuration
+CLIENT_BASE_URL=http://${CONTAINER_IP}:1221
+
+# Email Configuration (dry-run mode)
+EMAILS_DRY_RUN=true
+
+# Ingestion Folder
+INGESTION_FOLDER_ROOT=./ingestion
+EOF
+
+mkdir -p /opt/papra/ingestion
+chown -R root:root /opt/papra
+msg_ok "Configured Papra"
+
+msg_info "Creating Papra Service"
+cat >/etc/systemd/system/papra.service <<EOF
+[Unit]
+Description=Papra Document Management
+After=network.target
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=/opt/papra/apps/papra-server
+EnvironmentFile=/opt/papra/.env
+ExecStartPre=/usr/bin/pnpm --silent run migration:apply
+ExecStart=/usr/bin/pnpm --silent run start
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl enable -q --now papra
+msg_ok "Created and Started Papra Service"
+
+motd_ssh
+customize
+cleanup_lxc

install/piler-install.sh

@@ -0,0 +1,298 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://www.mailpiler.org/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  nginx \
+  openssl \
+  libtre5 \
+  catdoc \
+  poppler-utils \
+  unrtf \
+  tnef \
+  clamav \
+  clamav-daemon \
+  memcached \
+  sysstat \
+  python3 \
+  python3-mysqldb
+msg_ok "Installed Dependencies"
+
+import_local_ip
+setup_mariadb
+MARIADB_DB_NAME="piler" MARIADB_DB_USER="piler" setup_mysql_db
+PHP_VERSION="8.4" PHP_FPM="YES" PHP_MODULE="ldap,gd,memcached,pdo,mysql,curl,zip" setup_php
+
+msg_info "Installing Manticore Search"
+curl -fsSL https://repo.manticoresearch.com/manticore-repo.noarch.deb -o /tmp/manticore-repo.deb
+$STD dpkg -i /tmp/manticore-repo.deb
+$STD apt update
+$STD apt install -y manticore manticore-extra
+rm -f /tmp/manticore-repo.deb
+msg_ok "Installed Manticore Search"
+
+msg_info "Installing Piler"
+VERSION="1.4.8"
+cd /tmp
+curl -fsSL "https://github.com/jsuto/piler/releases/download/piler-${VERSION}/piler_${VERSION}-bookworm_amd64.deb" -o piler.deb
+curl -fsSL "https://github.com/jsuto/piler/releases/download/piler-${VERSION}/piler-webui_${VERSION}-bookworm_amd64.deb" -o piler-webui.deb
+
+$STD dpkg -i piler.deb
+$STD apt-get -f install -y
+$STD dpkg -i piler-webui.deb
+$STD apt-get -f install -y
+
+rm -f piler.deb piler-webui.deb
+msg_ok "Installed Piler v${VERSION}"
+
+msg_info "Configuring Piler Database"
+cd /usr/local/share/piler
+mysql -u root "${MARIADB_DB_NAME}" <db-mysql.sql
+msg_ok "Configured Piler Database"
+
+msg_info "Configuring Piler"
+PILER_KEY=$(openssl rand -hex 16)
+
+cat <<EOF >/etc/piler/piler.conf
+hostid=piler.${LOCAL_IP}.nip.io
+update_counters_to_memcached=1
+
+mysql_hostname=localhost
+mysql_database=${MARIADB_DB_NAME}
+mysql_username=${MARIADB_DB_USER}
+mysql_password=${MARIADB_DB_PASS}
+mysql_socket=/var/run/mysqld/mysqld.sock
+
+archive_dir=/var/piler/store
+data_dir=/var/piler
+tmp_dir=/var/piler/tmp
+
+listen_addr=0.0.0.0
+listen_port=25
+
+encrypt_messages=1
+key=${PILER_KEY}
+iv=0123456789ABCDEF
+
+memcached_servers=127.0.0.1
+
+enable_clamav=1
+clamd_socket=/var/run/clamav/clamd.ctl
+
+spam_header_line=X-Spam-Status: Yes
+
+verbosity=1
+EOF
+
+chown piler:piler /etc/piler/piler.conf
+chmod 640 /etc/piler/piler.conf
+chown -R piler:piler /var/piler
+chmod 750 /var/piler
+msg_ok "Configured Piler"
+
+msg_info "Configuring Manticore Search"
+cat <<EOF >/etc/manticoresearch/manticore.conf
+searchd {
+  listen = 9306:mysql
+  listen = 9312
+  listen = 9308:http
+  log = /var/log/manticore/searchd.log
+  query_log = /var/log/manticore/query.log
+  pid_file = /var/run/manticore/searchd.pid
+  binlog_path = /var/lib/manticore/data
+}
+
+source piler1 {
+  type = mysql
+  sql_host = localhost
+  sql_user = ${MARIADB_DB_USER}
+  sql_pass = ${MARIADB_DB_PASS}
+  sql_db = ${MARIADB_DB_NAME}
+  sql_port = 3306
+
+  sql_query = SELECT id, from_addr, to_addr, subject, body, sent FROM metadata
+  sql_attr_timestamp = sent
+}
+
+index piler1 {
+  source = piler1
+  path = /var/piler/manticore/piler1
+  min_word_len = 1
+  charset_table = 0..9, A..Z->a..z, a..z, U+00E1, U+00E9
+}
+
+index tag1 {
+  type = rt
+  path = /var/piler/manticore/tag1
+  rt_field = tag
+  rt_attr_uint = uid
+}
+
+index note1 {
+  type = rt
+  path = /var/piler/manticore/note1
+  rt_field = note
+  rt_attr_uint = uid
+}
+EOF
+
+mkdir -p /var/log/manticore
+chown -R manticore:manticore /var/log/manticore
+chown -R piler:piler /var/piler/manticore
+msg_ok "Configured Manticore Search"
+
+msg_info "Creating Piler Service"
+cat <<EOF >/etc/systemd/system/piler.service
+[Unit]
+Description=Piler Email Archiving
+After=network.target mysql.service manticore.service
+Requires=mysql.service manticore.service
+
+[Service]
+Type=forking
+User=piler
+Group=piler
+ExecStart=/usr/local/sbin/pilerd -c /etc/piler/piler.conf
+PIDFile=/var/piler/pilerd.pid
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+$STD systemctl daemon-reload
+$STD systemctl enable --now manticore
+$STD systemctl enable --now memcached
+$STD systemctl enable --now clamav-daemon
+$STD systemctl enable --now piler
+msg_ok "Created Piler Service"
+
+msg_info "Configuring PHP-FPM Pool"
+cp /etc/php/8.4/fpm/pool.d/www.conf /etc/php/8.4/fpm/pool.d/piler.conf
+sed -i 's/\[www\]/[piler]/' /etc/php/8.4/fpm/pool.d/piler.conf
+sed -i 's/^user = www-data/user = piler/' /etc/php/8.4/fpm/pool.d/piler.conf
+sed -i 's/^group = www-data/group = piler/' /etc/php/8.4/fpm/pool.d/piler.conf
+sed -i 's|^listen = .*|listen = /run/php/php8.4-fpm-piler.sock|' /etc/php/8.4/fpm/pool.d/piler.conf
+$STD systemctl restart php8.4-fpm
+msg_ok "Configured PHP-FPM Pool"
+
+msg_info "Configuring Piler Web GUI"
+cd /var/www/piler
+
+cat <<EOF >/var/www/piler/config-site.php
+<?php
+\$config['SITE_NAME'] = 'Piler Email Archive';
+\$config['SITE_URL'] = 'http://${LOCAL_IP}';
+
+\$config['DB_DRIVER'] = 'mysql';
+\$config['DB_HOSTNAME'] = 'localhost';
+\$config['DB_DATABASE'] = '${MARIADB_DB_NAME}';
+\$config['DB_USERNAME'] = '${MARIADB_DB_USER}';
+\$config['DB_PASSWORD'] = '${MARIADB_DB_PASS}';
+
+\$config['SPHINX_DATABASE'] = 'mysql:host=127.0.0.1;port=9306;charset=utf8mb4';
+
+\$config['ENABLE_SAAS'] = 0;
+\$config['SESSION_NAME'] = 'piler_session';
+\$config['SITE_KEYWORDS'] = 'piler, email archive';
+\$config['SITE_DESCRIPTION'] = 'Piler email archiving';
+
+\$config['SMTP_DOMAIN'] = '${LOCAL_IP}';
+\$config['SMTP_FROMADDR'] = 'no-reply@${LOCAL_IP}';
+
+\$config['ADMIN_EMAIL'] = 'admin@local';
+\$config['ADMIN_PASSWORD'] = '\$1\$PXDhp7Bo\$KlEEURhLLphAEa4w.lj1N0';
+
+\$config['MEMCACHED_ENABLED'] = 1;
+\$config['MEMCACHED_PREFIX'] = 'piler';
+\$config['MEMCACHED_TTL'] = 3600;
+
+\$config['DIR_BASE'] = '/var/www/piler';
+\$config['DIR_ATTACHMENT'] = '/var/piler/store';
+
+\$config['ENCRYPTION_KEY'] = '${PILER_KEY}';
+\$config['ENCRYPTION_IV'] = '0123456789ABCDEF';
+
+\$config['DEFAULT_RETENTION_DAYS'] = 2557;
+\$config['RESTRICTED_AUDITOR'] = 0;
+
+\$config['ENABLE_LDAP_AUTH'] = 0;
+\$config['ENABLE_IMAP_AUTH'] = 0;
+\$config['ENABLE_POP3_AUTH'] = 0;
+\$config['ENABLE_SSO_AUTH'] = 0;
+
+\$config['HEADER_LINE_TO_HIDE'] = 'X-Envelope-To:';
+?>
+EOF
+
+chown -R piler:piler /var/www/piler
+chmod 755 /var/www/piler
+msg_ok "Installed Piler Web GUI"
+
+msg_info "Configuring Nginx"
+cat <<EOF >/etc/nginx/sites-available/piler
+server {
+    listen 80;
+    server_name _;
+    root /var/www/piler;
+    index index.php;
+
+    access_log /var/log/nginx/piler-access.log;
+    error_log /var/log/nginx/piler-error.log;
+
+    charset utf-8;
+
+    location / {
+        try_files \$uri \$uri/ /index.php?\$args;
+    }
+
+    location ~ \.php$ {
+        fastcgi_pass unix:/run/php/php8.4-fpm-piler.sock;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
+        include fastcgi_params;
+    }
+
+    location ~* \.(jpg|jpeg|gif|css|png|js|ico|html|woff|woff2)$ {
+        access_log off;
+        expires max;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}
+EOF
+
+ln -sf /etc/nginx/sites-available/piler /etc/nginx/sites-enabled/piler
+rm -f /etc/nginx/sites-enabled/default
+$STD nginx -t
+$STD systemctl enable --now nginx
+msg_ok "Configured Nginx"
+
+msg_info "Setting Up Cron Jobs"
+cat <<EOF >/etc/cron.d/piler
+30 6 * * * piler /usr/local/libexec/piler/indexer.delta.sh
+30 7 * * * piler /usr/local/libexec/piler/indexer.main.sh
+*/15 * * * * piler /usr/local/bin/pilerstat
+30 2 * * * piler /usr/local/bin/pilerpurge
+3 * * * * piler /usr/local/bin/pilerconf
+EOF
+msg_ok "Set Up Cron Jobs"
+
+motd_ssh
+customize
+cleanup_lxc

install/pixelfed-install.sh

@@ -43,13 +43,12 @@ systemctl restart redis-server
 msg_ok "Redis configured"
 
 msg_info "Configuring PHP-FPM Pool"
-mkdir -p /run/php-fpm
 cp /etc/php/8.4/fpm/pool.d/www.conf /etc/php/8.4/fpm/pool.d/pixelfed.conf
 sed -i 's/\[www\]/[pixelfed]/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
 sed -i 's/^user = www-data/user = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
 sed -i 's/^group = www-data/group = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
-sed -i 's|^listen = .*|listen = /run/php-fpm/pixelfed.sock|' /etc/php/8.4/fpm/pool.d/pixelfed.conf
-sed -i 's/^listen.owner = .*/listen.owner = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
+sed -i 's|^listen = .*|listen = /run/php/php8.4-fpm-pixelfed.sock|' /etc/php/8.4/fpm/pool.d/pixelfed.conf
+sed -i 's/^listen.owner = .*/listen.owner = www-data/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
 sed -i 's/^listen.group = .*/listen.group = www-data/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
 systemctl restart php8.4-fpm
 msg_ok "PHP-FPM Pool configured"
@@ -75,6 +74,7 @@ sed -i "s|REDIS_PORT=.*|REDIS_PORT=6379|" .env
 sed -i "s|ACTIVITY_PUB=.*|ACTIVITY_PUB=true|" .env
 sed -i "s|AP_REMOTE_FOLLOW=.*|AP_REMOTE_FOLLOW=true|" .env
 sed -i "s|OAUTH_ENABLED=.*|OAUTH_ENABLED=true|" .env
+echo "SESSION_SECURE_COOKIE=false" >>.env
 
 chown -R pixelfed:pixelfed /opt/pixelfed
 chmod -R 755 /opt/pixelfed
@@ -122,7 +122,7 @@ server {
 
     location ~ \.php$ {
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
-        fastcgi_pass unix:/run/php-fpm/pixelfed.sock;
+        fastcgi_pass unix:/run/php/php8.4-fpm-pixelfed.sock;
         fastcgi_index index.php;
         include fastcgi_params;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

install/postgresus-install.sh

@@ -26,25 +26,39 @@ NODE_VERSION="24" setup_nodejs
 fetch_and_deploy_gh_release "postgresus" "RostislavDugin/postgresus" "tarball" "latest" "/opt/postgresus"
 
 msg_info "Building Postgresus (Patience)"
-# Build frontend
 cd /opt/postgresus/frontend
 $STD npm ci
 $STD npm run build
-
-# Build backend
 cd /opt/postgresus/backend
 $STD go mod tidy
 $STD go mod download
-$STD CGO_ENABLED=0 go build -o /opt/postgresus/postgresus ./cmd/main.go
-mkdir -p /opt/postgresus/{data,backups,logs}
-cp -r /opt/postgresus/frontend/dist /opt/postgresus/ui
+$STD go install github.com/swaggo/swag/cmd/swag@latest
+$STD /root/go/bin/swag init -g cmd/main.go -o swagger
+$STD env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o postgresus ./cmd/main.go
+mv /opt/postgresus/backend/postgresus /opt/postgresus/postgresus
+mkdir -p /opt/postgresus_data/{data,backups,logs}
+mkdir -p /postgresus-data/temp
+mkdir -p /opt/postgresus/ui/build
+cp -r /opt/postgresus/frontend/dist/* /opt/postgresus/ui/build/
 cp -r /opt/postgresus/backend/migrations /opt/postgresus/
 chown -R postgres:postgres /opt/postgresus
+chown -R postgres:postgres /opt/postgresus_data
+chown -R postgres:postgres /postgresus-data
 msg_ok "Built Postgresus"
 
 msg_info "Configuring Postgresus"
 ADMIN_PASS=$(openssl rand -base64 12)
 JWT_SECRET=$(openssl rand -hex 32)
+
+# Create PostgreSQL version symlinks for compatibility
+for v in 12 13 14 15 16 18; do
+  ln -sf /usr/lib/postgresql/17 /usr/lib/postgresql/$v
+done
+
+# Install goose for migrations
+$STD go install github.com/pressly/goose/v3/cmd/goose@latest
+ln -sf /root/go/bin/goose /usr/local/bin/goose
+
 cat <<EOF >/opt/postgresus/.env
 # Environment
 ENV_MODE=production
@@ -54,8 +68,14 @@ SERVER_PORT=4005
 SERVER_HOST=0.0.0.0
 
 # Database (Internal PostgreSQL for app data)
+DATABASE_DSN=host=localhost user=${PG_DB_USER} password=${PG_DB_PASS} dbname=${PG_DB_NAME} port=5432 sslmode=disable
 DATABASE_URL=postgres://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}?sslmode=disable
 
+# Migrations
+GOOSE_DRIVER=postgres
+GOOSE_DBSTRING=postgres://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}?sslmode=disable
+GOOSE_MIGRATION_DIR=/opt/postgresus/migrations
+
 # Security
 JWT_SECRET=${JWT_SECRET}
 ENCRYPTION_KEY=$(openssl rand -hex 32)
@@ -65,15 +85,16 @@ ADMIN_EMAIL=admin@localhost
 ADMIN_PASSWORD=${ADMIN_PASS}
 
 # Paths
-DATA_DIR=/opt/postgresus/data
-BACKUP_DIR=/opt/postgresus/backups
-LOG_DIR=/opt/postgresus/logs
+DATA_DIR=/opt/postgresus_data/data
+BACKUP_DIR=/opt/postgresus_data/backups
+LOG_DIR=/opt/postgresus_data/logs
 
 # PostgreSQL Tools (for creating backups)
-PG_DUMP_PATH=/usr/bin/pg_dump
-PG_RESTORE_PATH=/usr/bin/pg_restore
-PSQL_PATH=/usr/bin/psql
+PG_DUMP_PATH=/usr/lib/postgresql/17/bin/pg_dump
+PG_RESTORE_PATH=/usr/lib/postgresql/17/bin/pg_restore
+PSQL_PATH=/usr/lib/postgresql/17/bin/psql
 EOF
+chown postgres:postgres /opt/postgresus/.env
 chmod 600 /opt/postgresus/.env
 msg_ok "Configured Postgresus"
 
@@ -89,6 +110,7 @@ Type=simple
 User=postgres
 Group=postgres
 WorkingDirectory=/opt/postgresus
+Environment="PATH=/usr/local/bin:/usr/bin:/bin"
 EnvironmentFile=/opt/postgresus/.env
 ExecStart=/opt/postgresus/postgresus
 Restart=always
@@ -99,6 +121,7 @@ StandardError=journal
 [Install]
 WantedBy=multi-user.target
 EOF
+$STD systemctl daemon-reload
 $STD systemctl enable -q --now postgresus
 msg_ok "Created Postgresus Service"
 

install/romm-install.sh

@@ -2,9 +2,10 @@
 
 # Copyright (c) 2021-2025 community-scripts ORG
 # Author: DevelopmentCats
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Co-author: AlphaLawless
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
 # Source: https://romm.app
-# Updated: 03/10/2025
+# Updated: 25/12/2025
 
 source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
 color
@@ -18,65 +19,126 @@ msg_info "Installing dependencies"
 $STD apt-get install -y \
     acl \
     build-essential \
+    gcc \
+    g++ \
+    make \
+    git \
+    curl \
     libssl-dev \
     libffi-dev \
+    libmagic-dev \
     python3-dev \
     python3-pip \
     python3-venv \
     libmariadb3 \
     libmariadb-dev \
     libpq-dev \
+    libbz2-dev \
+    libreadline-dev \
+    libsqlite3-dev \
+    zlib1g-dev \
+    liblzma-dev \
+    libncurses5-dev \
+    libncursesw5-dev \
+    redis-server \
     redis-tools \
-    p7zip \
+    p7zip-full \
     tzdata \
-    jq
-msg_ok "Installed core dependencies"
+    jq \
+    nginx
+msg_ok "Installed dependencies"
 
-PYTHON_VERSION="3.12" setup_uv
-NODE_VERSION="22" NODE_MODULE="serve" setup_nodejs
+UV_VERSION="0.7.19" PYTHON_VERSION="3.13" setup_uv
+NODE_VERSION="22" setup_nodejs
 setup_mariadb
+MARIADB_DB_NAME="romm" MARIADB_DB_USER="romm" setup_mariadb_db
 
-msg_info "Configuring Database"
-DB_NAME=romm
-DB_USER=romm
-DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
-$STD mariadb -u root -e "CREATE DATABASE IF NOT EXISTS $DB_NAME CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
-$STD mariadb -u root -e "CREATE USER IF NOT EXISTS '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';"
-$STD mariadb -u root -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
-{
-    echo "RomM-Credentials"
-    echo "RomM Database User: $DB_USER"
-    echo "RomM Database Password: $DB_PASS"
-    echo "RomM Database Name: $DB_NAME"
-} >~/romm.creds
-chmod 600 ~/romm.creds
-msg_ok "Configured Database"
-
-msg_info "Creating romm user and directories"
-id -u romm &>/dev/null || useradd -r -m -d /var/lib/romm -s /bin/bash romm
+msg_info "Creating directories"
 mkdir -p /opt/romm \
     /var/lib/romm/config \
     /var/lib/romm/resources \
     /var/lib/romm/assets/{saves,states,screenshots} \
-    /var/lib/romm/library/roms/{gba,gbc,ps} \
-    /var/lib/romm/library/bios/{gba,ps}
-chown -R romm:romm /opt/romm /var/lib/romm
-msg_ok "Created romm user and directories"
+    /var/lib/romm/library/roms \
+    /var/lib/romm/library/bios
+msg_ok "Created directories"
 
-msg_info "Configuring Database"
-DB_NAME=romm
-DB_USER=romm
-DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
-$STD mariadb -u root -e "CREATE DATABASE $DB_NAME CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
-$STD mariadb -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';"
-$STD mariadb -u root -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
-{
-    echo "RomM-Credentials"
-    echo "RomM Database User: $DB_USER"
-    echo "RomM Database Password: $DB_PASS"
-    echo "RomM Database Name: $DB_NAME"
-} >~/romm.creds
-msg_ok "Configured Database"
+msg_info "Creating configuration file"
+cat >/var/lib/romm/config/config.yml <<'CONFIGEOF'
+# RomM Configuration File
+# Documentation: https://docs.romm.app/latest/Getting-Started/Configuration-File/
+# Only uncomment the lines you want to use/modify
+
+# exclude:
+#   platforms:
+#     - excluded_folder_a
+#   roms:
+#     single_file:
+#       extensions:
+#         - xml
+#         - txt
+#       names:
+#         - '._*'
+#         - '*.nfo'
+#     multi_file:
+#       names:
+#         - downloaded_media
+#         - media
+
+# system:
+#   platforms:
+#     gc: ngc
+#     ps1: psx
+
+# The folder name where your roms are located (relative to library path)
+# filesystem:
+#   roms_folder: 'roms'
+
+# scan:
+#   priority:
+#     metadata:
+#       - "igdb"
+#       - "moby"
+#       - "ss"
+#       - "ra"
+#     artwork:
+#       - "igdb"
+#       - "moby"
+#       - "ss"
+#     region:
+#       - "us"
+#       - "eu"
+#       - "jp"
+#     language:
+#       - "en"
+#   media:
+#     - box2d
+#     - box3d
+#     - screenshot
+#     - manual
+
+# emulatorjs:
+#   debug: false
+#   cache_limit: null
+CONFIGEOF
+chmod 644 /var/lib/romm/config/config.yml
+msg_ok "Created configuration file"
+
+msg_info "Building RAHasher (RetroAchievements)"
+RAHASHER_VERSION="1.8.1"
+cd /tmp
+git clone --recursive --branch "$RAHASHER_VERSION" --depth 1 https://github.com/RetroAchievements/RALibretro.git
+cd RALibretro
+sed -i '22a #include <ctime>' ./src/Util.h
+sed -i '6a #include <unistd.h>' \
+    ./src/libchdr/deps/zlib-1.3.1/gzlib.c \
+    ./src/libchdr/deps/zlib-1.3.1/gzread.c \
+    ./src/libchdr/deps/zlib-1.3.1/gzwrite.c
+$STD make HAVE_CHD=1 -f ./Makefile.RAHasher
+cp ./bin64/RAHasher /usr/bin/RAHasher
+chmod +x /usr/bin/RAHasher
+cd /tmp
+rm -rf /tmp/RALibretro
+msg_ok "Built RAHasher"
 
 fetch_and_deploy_gh_release "romm" "rommapp/romm"
 
@@ -88,13 +150,14 @@ AUTH_SECRET_KEY=$(openssl rand -hex 32)
 
 cat >/opt/romm/.env <<EOF
 ROMM_BASE_PATH=/var/lib/romm
+ROMM_CONFIG_PATH=/var/lib/romm/config/config.yml
 WEB_CONCURRENCY=4
 
 DB_HOST=127.0.0.1
 DB_PORT=3306
-DB_NAME=$DB_NAME
-DB_USER=$DB_USER
-DB_PASSWD=$DB_PASS
+DB_NAME=$MARIADB_DB_NAME
+DB_USER=$MARIADB_DB_USER
+DB_PASSWD=$MARIADB_DB_PASS
 
 REDIS_HOST=127.0.0.1
 REDIS_PORT=6379
@@ -114,29 +177,101 @@ SCHEDULED_UPDATE_SWITCH_TITLEDB_CRON=0 4 * * *
 LOGLEVEL=INFO
 EOF
 
-chown romm:romm /opt/romm/.env
 chmod 600 /opt/romm/.env
 msg_ok "Created environment file"
 
 msg_info "Installing backend"
 cd /opt/romm
-uv pip install --all-extras .
+
+# Limit concurrent downloads to avoid DNS resolution failures in LXC containers
+# See: https://github.com/astral-sh/uv/issues/12054
+export UV_CONCURRENT_DOWNLOADS=1
+$STD uv sync --all-extras
 cd /opt/romm/backend
-uv run alembic upgrade head
-chown -R romm:romm /opt/romm
+$STD uv run alembic upgrade head
 msg_ok "Installed backend"
 
 msg_info "Installing frontend"
 cd /opt/romm/frontend
-npm install
-npm run build
-ln -sfn /var/lib/romm/resources /opt/romm/frontend/assets/romm/resources
-ln -sfn /var/lib/romm/assets /opt/romm/frontend/assets/romm/assets
-chown -R romm:romm /opt/romm
+$STD npm install
+$STD npm run build
+
+mkdir -p /opt/romm/frontend/dist/assets/romm
+ln -sfn /var/lib/romm/resources /opt/romm/frontend/dist/assets/romm/resources
+ln -sfn /var/lib/romm/assets /opt/romm/frontend/dist/assets/romm/assets
 msg_ok "Installed frontend"
 
-msg_info "Creating services"
+msg_info "Configuring nginx"
+cat >/etc/nginx/sites-available/romm <<'EOF'
+upstream romm_backend {
+    server 127.0.0.1:5000;
+}
 
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+}
+
+server {
+    listen 80;
+    server_name _;
+    root /opt/romm/frontend/dist;
+    client_max_body_size 0;
+
+    # Frontend SPA
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # EmulatorJS player - requires COOP/COEP headers for SharedArrayBuffer
+    location ~ ^/rom/.*/ejs$ {
+        add_header Cross-Origin-Embedder-Policy "require-corp";
+        add_header Cross-Origin-Opener-Policy "same-origin";
+        try_files $uri /index.html;
+    }
+
+    # Backend API
+    location /api {
+        proxy_pass http://romm_backend;
+        proxy_buffering off;
+        proxy_request_buffering off;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # WebSocket and Netplay
+    location ~ ^/(ws|netplay) {
+        proxy_pass http://romm_backend;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_set_header Host $host;
+        proxy_read_timeout 86400;
+    }
+
+    # OpenAPI docs
+    location = /openapi.json {
+        proxy_pass http://romm_backend;
+    }
+
+    # Internal library file serving
+    location /library/ {
+        internal;
+        alias /var/lib/romm/library/;
+    }
+}
+EOF
+
+rm -f /etc/nginx/sites-enabled/default
+ln -sf /etc/nginx/sites-available/romm /etc/nginx/sites-enabled/romm
+$STD nginx -t
+systemctl restart nginx
+systemctl enable -q nginx
+msg_ok "Configured nginx"
+
+msg_info "Creating services"
 cat >/etc/systemd/system/romm-backend.service <<EOF
 [Unit]
 Description=RomM Backend
@@ -145,27 +280,12 @@ Requires=mariadb.service redis-server.service
 
 [Service]
 Type=simple
-User=romm
 WorkingDirectory=/opt/romm/backend
+EnvironmentFile=/opt/romm/.env
 Environment="PYTHONPATH=/opt/romm"
-ExecStart=/opt/romm/.venv/bin/uv run gunicorn main:app --workers 4 --worker-class uvicorn.workers.UvicornWorker --bind 0.0.0.0:5000
-Restart=on-failure
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
-cat >/etc/systemd/system/romm-frontend.service <<EOF
-[Unit]
-Description=RomM Frontend
-After=network.target
-
-[Service]
-Type=simple
-User=romm
-WorkingDirectory=/opt/romm/frontend
-ExecStart=$(which serve) -s dist -l 8080
+ExecStart=/opt/romm/.venv/bin/python main.py
 Restart=on-failure
+RestartSec=5
 
 [Install]
 WantedBy=multi-user.target
@@ -173,17 +293,18 @@ EOF
 
 cat >/etc/systemd/system/romm-worker.service <<EOF
 [Unit]
-Description=RomM Worker
+Description=RomM RQ Worker
 After=network.target mariadb.service redis-server.service romm-backend.service
 Requires=mariadb.service redis-server.service
 
 [Service]
 Type=simple
-User=romm
 WorkingDirectory=/opt/romm/backend
-Environment="PYTHONPATH=/opt/romm"
-ExecStart=/opt/romm/.venv/bin/uv run python3 worker.py
+EnvironmentFile=/opt/romm/.env
+Environment="PYTHONPATH=/opt/romm/backend"
+ExecStart=/opt/romm/.venv/bin/rq worker --path /opt/romm/backend --url redis://127.0.0.1:6379/0 high default low
 Restart=on-failure
+RestartSec=5
 
 [Install]
 WantedBy=multi-user.target
@@ -191,33 +312,48 @@ EOF
 
 cat >/etc/systemd/system/romm-scheduler.service <<EOF
 [Unit]
-Description=RomM Scheduler
+Description=RomM RQ Scheduler
 After=network.target mariadb.service redis-server.service romm-backend.service
 Requires=mariadb.service redis-server.service
 
 [Service]
 Type=simple
-User=romm
 WorkingDirectory=/opt/romm/backend
-Environment="PYTHONPATH=/opt/romm"
-ExecStart=/opt/romm/.venv/bin/uv run python3 scheduler.py
+EnvironmentFile=/opt/romm/.env
+Environment="PYTHONPATH=/opt/romm/backend"
+Environment="RQ_REDIS_HOST=127.0.0.1"
+Environment="RQ_REDIS_PORT=6379"
+ExecStart=/opt/romm/.venv/bin/rqscheduler --path /opt/romm/backend
 Restart=on-failure
+RestartSec=5
 
 [Install]
 WantedBy=multi-user.target
 EOF
 
-systemctl enable -q --now romm-backend romm-frontend romm-worker romm-scheduler
-msg_ok "Created services"
+cat >/etc/systemd/system/romm-watcher.service <<EOF
+[Unit]
+Description=RomM Filesystem Watcher
+After=network.target romm-backend.service
+Requires=romm-backend.service
 
-# Install serve globally
-su - ${ROMM_USER} -c "npm install -g serve"
+[Service]
+Type=simple
+WorkingDirectory=/opt/romm/backend
+EnvironmentFile=/opt/romm/.env
+Environment="PYTHONPATH=/opt/romm/backend"
+ExecStart=/opt/romm/.venv/bin/watchfiles --target-type command '/opt/romm/.venv/bin/python watcher.py' /var/lib/romm/library
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl daemon-reload
+systemctl enable -q --now romm-backend romm-worker romm-scheduler romm-watcher
+msg_ok "Created services"
 
 motd_ssh
 customize
-
-msg_info "Cleaning up"
-$STD apt-get -y autoremove
-$STD apt-get -y autoclean
-$STD apt-get -y clean
-msg_ok "Cleaned up"
+cleanup_lxc

install/rustypaste-install.sh

@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: GoldenSpringness
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://github.com/orhun/rustypaste
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y build-essential
+msg_ok "Dependencies Installed Successfully"
+
+RUST_VERSION="1.92.0" setup_rust
+fetch_and_deploy_gh_release "rustypaste" "orhun/rustypaste" "tarball"
+
+msg_info "Setting up rustypaste"
+cd /opt/rustypaste
+sed -i 's|^address = ".*"|address = "0.0.0.0:8000"|' config.toml
+$STD cargo build --locked --release
+msg_ok "Set up rustypaste"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/rustypaste.service
+[Unit]
+Description=rustypaste Service
+After=network.target
+
+[Service]
+WorkingDirectory=/opt/rustypaste
+ExecStart=/opt/rustypaste/target/release/rustypaste
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now rustypaste
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

install/sportarr-install.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: Slaviša Arežina (tremor021)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://github.com/Sportarr/Sportarr
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+setup_hwaccel
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  ffmpeg \
+  gosu \
+  sqlite3
+msg_ok "Installed Dependencies"
+
+fetch_and_deploy_gh_release "sportarr" "Sportarr/Sportarr" "prebuild" "latest" "/opt/sportarr" "Sportarr-linux-x64-*.tar.gz"
+
+msg_info "Setting up Sportarr"
+cat <<EOF >/opt/sportarr/.env
+Sportarr__DataPath="/opt/sportarr-data/config"
+ASPNETCORE_URLS="http://*:1867"
+ASPNETCORE_ENVIRONMENT="Production"
+DOTNET_CLI_TELEMETRY_OPTOUT=1
+DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false
+LIBVA_DRIVER_NAME=iHD
+EOF
+msg_ok "Setup Sportarr"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/sportarr.service
+[Unit]
+Description=Sportarr Service
+After=network.target
+
+[Service]
+EnvironmentFile=/opt/sportarr/.env
+WorkingDirectory=/opt/sportarr
+ExecStart=/opt/sportarr/Sportarr
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now sportarr
+msg_info "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc