community-scripts/ProxmoxVED
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVED.git synced 2026-02-26 04:15:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup

Browse Source
This commit is contained in:
CanbiZ
2025-09-03 09:45:11 +02:00
parent 5ebb011f35
commit d5b550493b
26 changed files with 0 additions and 1830 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
install/debian13-install.sh
View File

@@ -1,25 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y gpg
msg_ok "Installed Dependencies"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt -y autoremove
$STD apt -y autoclean
msg_ok "Cleaned"

0
install/vikunja-install.sh → install/deferred/vikunja-install.sh
View File

94
install/jeedom-install.sh
View File

@@ -1,94 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: Mips2648
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://jeedom.com/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing dependencies"
$STD apt-get install -y \
lsb-release \
git
msg_ok "Dependencies installed"
DEFAULT_BRANCH="master"
REPO_URL="https://github.com/jeedom/core.git"
echo
while true; do
read -rp "${TAB3}Enter branch to use (master, beta, alpha...) (Default: ${DEFAULT_BRANCH}): " BRANCH
BRANCH="${BRANCH:-$DEFAULT_BRANCH}"
if git ls-remote --heads "$REPO_URL" "refs/heads/$BRANCH" | grep -q .; then
break
else
msg_error "Branch '$BRANCH' does not exist on remote. Please try again."
fi
done
msg_info "Downloading Jeedom installation script"
cd /tmp
wget -q https://raw.githubusercontent.com/jeedom/core/"${BRANCH}"/install/install.sh
chmod +x install.sh
msg_ok "Installation script downloaded"
msg_info "Install Jeedom main dependencies, please wait"
$STD ./install.sh -v "$BRANCH" -s 2
msg_ok "Installed Jeedom main dependencies"
msg_info "Install Database"
$STD ./install.sh -v "$BRANCH" -s 3
msg_ok "Database installed"
msg_info "Install Apache"
$STD ./install.sh -v "$BRANCH" -s 4
msg_ok "Apache installed"
msg_info "Install PHP and dependencies"
$STD ./install.sh -v "$BRANCH" -s 5
msg_ok "PHP installed"
msg_info "Download Jeedom core"
$STD ./install.sh -v "$BRANCH" -s 6
msg_ok "Download done"
msg_info "Database customisation"
$STD ./install.sh -v "$BRANCH" -s 7
msg_ok "Database customisation done"
msg_info "Jeedom customisation"
$STD ./install.sh -v "$BRANCH" -s 8
msg_ok "Jeedom customisation done"
msg_info "Configuring Jeedom"
$STD ./install.sh -v "$BRANCH" -s 9
msg_ok "Jeedom configured"
msg_info "Installing Jeedom"
$STD ./install.sh -v "$BRANCH" -s 10
msg_ok "Jeedom installed"
msg_info "Post installation"
$STD ./install.sh -v "$BRANCH" -s 11
msg_ok "Post installation done"
msg_info "Check installation"
$STD ./install.sh -v "$BRANCH" -s 12
msg_ok "Installation checked, everything is successfuly installed. A reboot is recommended."
motd_ssh
customize
msg_info "Cleaning up"
rm -rf /tmp/install.sh
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

54
install/librespeed-install.sh
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: elvito
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/librespeed/speedtest
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get update
$STD apt-get install -y \
caddy \
php-fpm
msg_ok "Installed Dependencies"
msg_info "Installing librespeed"
temp_file=$(mktemp)
RELEASE=$(curl -fsSL https://api.github.com/repos/librespeed/speedtest/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3)}')
curl -fsSL "https://github.com/librespeed/speedtest/archive/refs/tags/${RELEASE}.zip" -o "$temp_file"
mkdir -p /opt/librespeed
mkdir -p /temp
unzip -q "$temp_file" -d /temp
cd /temp/speedtest-"${RELEASE}"
cp -u favicon.ico index.html speedtest.js speedtest_worker.js /opt/librespeed/
cp -ru backend results /opt/librespeed/
cat <<EOF >/etc/caddy/Caddyfile
:80 {
root * /opt/librespeed
file_server
php_fastcgi unix//run/php/php-fpm.sock
}
EOF
systemctl restart caddy
echo "${RELEASE}" >/opt/"${APP}_version.txt"
msg_ok "Installation completed"
motd_ssh
customize
msg_info "Cleaning up"
rm -rf /temp
rm -f "$temp_file"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

80
install/litellm-install.sh
View File

@@ -1,80 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: stout01
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/BerriAI/litellm
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
PG_VERSION="17" setup_postgresql
PYTHON_VERSION="3.13" setup_uv
msg_info "Setting up PostgreSQL"
DB_NAME="litellm_db"
DB_USER="litellm"
DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC';"
{
echo "${APPLICATION} Credentials"
echo "Database Name: $DB_NAME"
echo "Database User: $DB_USER"
echo "Database Password: $DB_PASS"
} >>~/litellm.creds
msg_ok "Set up PostgreSQL"
msg_info "Setting up Virtual Environment"
mkdir -p /opt/litellm
cd /opt/litellm
$STD uv venv /opt/litellm/.venv
$STD /opt/litellm/.venv/bin/python -m ensurepip --upgrade
$STD /opt/litellm/.venv/bin/python -m pip install --upgrade pip
$STD /opt/litellm/.venv/bin/python -m pip install litellm[proxy] prisma
msg_ok "Installed LiteLLM"
msg_info "Configuring LiteLLM"
mkdir -p /opt
cat <<EOF >/opt/litellm/litellm.yaml
general_settings:
master_key: sk-1234
database_url: postgresql://$DB_USER:$DB_PASS@127.0.0.1:5432/$DB_NAME
store_model_in_db: true
EOF
uv --directory=/opt/litellm run litellm --config /opt/litellm/litellm.yaml --use_prisma_db_push --skip_server_startup
msg_ok "Configured LiteLLM"
msg_info "Creating Service"
cat <<EOF >/etc/systemd/system/litellm.service
[Unit]
Description=LiteLLM
[Service]
Type=simple
ExecStart=uv --directory=/opt/litellm run litellm --config /opt/litellm/litellm.yaml
Restart=always
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now litellm
msg_ok "Created Service"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

120
install/mediamanager-install.sh
View File

@@ -1,120 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2025 Community Scripts ORG
# Author: vhsdream
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/maxdorninger/MediaManager
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
read -r -p "${TAB3}Enter the email address of your first admin user: " admin_email
if [[ "$admin_email" ]]; then
EMAIL="$admin_email"
fi
setup_yq
NODE_VERSION="24" setup_nodejs
setup_uv
PG_VERSION="17" setup_postgresql
msg_info "Setting up PostgreSQL"
DB_NAME="mm_db"
DB_USER="mm_user"
DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER TEMPLATE template0;"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
{
echo "MediaManager Credentials"
echo "MediaManager Database User: $DB_USER"
echo "MediaManager Database Password: $DB_PASS"
echo "MediaManager Database Name: $DB_NAME"
} >>~/mediamanager.creds
msg_ok "Set up PostgreSQL"
fetch_and_deploy_gh_release "MediaManager" "maxdorninger/MediaManager" "tarball" "latest" "/opt/mediamanager"
msg_info "Configuring MediaManager"
MM_DIR="/opt/mm"
MEDIA_DIR="${MM_DIR}/media"
export CONFIG_DIR="${MM_DIR}/config"
export FRONTEND_FILES_DIR="${MM_DIR}/web/build"
export BASE_PATH=""
export PUBLIC_VERSION=""
export PUBLIC_API_URL="${BASE_PATH}/api/v1"
export BASE_PATH="${BASE_PATH}/web"
cd /opt/mediamanager/web
$STD npm ci
$STD npm run build
mkdir -p {"$MM_DIR"/web,"$MEDIA_DIR","$CONFIG_DIR"}
cp -r build "$FRONTEND_FILES_DIR"
export BASE_PATH=""
export VIRTUAL_ENV="${MM_DIR}/venv"
cd /opt/mediamanager
cp -r {media_manager,alembic*} "$MM_DIR"
$STD /usr/local/bin/uv venv "$VIRTUAL_ENV"
$STD /usr/local/bin/uv sync --locked --active
msg_ok "Configured MediaManager"
msg_info "Creating config and start script"
LOCAL_IP="$(hostname -I | awk '{print $1}')"
SECRET="$(openssl rand -hex 32)"
sed -e "s/localhost:8/$LOCAL_IP:8/g" \
-e "s|/data/|$MEDIA_DIR/|g" \
-e 's/"db"/"localhost"/' \
-e "s/user = \"MediaManager\"/user = \"$DB_USER\"/" \
-e "s/password = \"MediaManager\"/password = \"$DB_PASS\"/" \
-e "s/dbname = \"MediaManager\"/dbname = \"$DB_NAME\"/" \
-e "/^token_secret/s/=.*/= \"$SECRET\"/" \
-e "s/admin@example.com/$EMAIL/" \
-e '/^admin_emails/s/, .*/]/' \
/opt/mediamanager/config.example.toml >"$CONFIG_DIR"/config.toml
mkdir -p "$MEDIA_DIR"/{images,tv,movies,torrents}
cat <<EOF >"$MM_DIR"/start.sh
#!/usr/bin/env bash
export CONFIG_DIR="$CONFIG_DIR"
export FRONTEND_FILES_DIR="$FRONTEND_FILES_DIR"
export BASE_PATH=""
cd "$MM_DIR"
source ./venv/bin/activate
/usr/local/bin/uv run alembic upgrade head
/usr/local/bin/uv run fastapi run ./media_manager/main.py --port 8000
EOF
chmod +x "$MM_DIR"/start.sh
msg_ok "Created config and start script"
msg_info "Creating service"
cat <<EOF >/etc/systemd/system/mediamanager.service
[Unit]
Description=MediaManager Backend Service
After=network.target
[Service]
Type=simple
WorkingDirectory=${MM_DIR}
ExecStart=/usr/bin/bash start.sh
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now mediamanager
msg_ok "Created service"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

171
install/nginxproxymanager-install.sh
View File

@@ -1,171 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 tteck
# Author: tteck (tteckster)
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://nginxproxymanager.com/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get update
$STD apt-get -y install \
ca-certificates \
apache2-utils \
logrotate \
build-essential \
jq \
git
msg_ok "Installed Dependencies"
NODE_VERSION="16" NODE_MODULE="yarn" setup_nodejs
PYTHON_VERSION="3.12" setup_uv
fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "latest" "/tmp/nginxproxymanager"
msg_info "Installing Python Dependencies"
$STD apt-get install -y \
python3 \
python3-dev \
python3-venv
msg_ok "Installed Python Dependencies"
msg_info "Setting up Certbot Environment"
$STD uv venv /opt/certbot
$STD uv pip install --python \
certbot \
certbot-dns-cloudflare \
certbot-dns-multi
msg_ok "Certbot Environment Ready"
msg_info "Installing Openresty"
VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"
curl -fsSL "https://openresty.org/package/pubkey.gpg" | gpg --dearmor -o /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg
echo -e "deb http://openresty.org/package/debian $VERSION openresty" >/etc/apt/sources.list.d/openresty.list
$STD apt-get update
$STD apt-get -y install openresty
msg_ok "Installed Openresty"
msg_info "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /opt/certbot/bin/certbot /usr/bin/certbot
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx
sed -i 's+^daemon+#daemon+g' /tmp/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find "$(pwd)" -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done
mkdir -p /var/www/html /etc/nginx/logs
cd /tmp/nginxproxymanager
cp -r docker/rootfs/var/www/html/* /var/www/html/
cp -r docker/rootfs/etc/nginx/* /etc/nginx/
cp docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf
mkdir -p /tmp/nginx/body \
/run/nginx \
/data/nginx \
/data/custom_ssl \
/data/logs \
/data/access \
/data/nginx/default_host \
/data/nginx/default_www \
/data/nginx/proxy_host \
/data/nginx/redirection_host \
/data/nginx/stream \
/data/nginx/dead_host \
/data/nginx/temp \
/var/lib/nginx/cache/public \
/var/lib/nginx/cache/private \
/var/cache/nginx/proxy_temp
chmod -R 777 /var/cache/nginx
chown root /tmp/nginx
echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem &>/dev/null
fi
mkdir -p /app/global /app/frontend/images
cd /tmp/nginxproxymanager
cp -r backend/* /app
cp -r global/* /app/global
msg_ok "Set up Environment"
msg_info "Building Frontend"
cd /tmp/nginxproxymanager/frontend
$STD yarn install --frozen-lockfile
$STD yarn build
cp -r dist/* /app/frontend
cp -r app-images/* /app/frontend/images
msg_ok "Built Frontend"
msg_info "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
cat <<'EOF' >/app/config/production.json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "sqlite3",
"connection": {
"filename": "/data/database.sqlite"
}
}
}
}
EOF
fi
cd /app
$STD yarn install --production
msg_ok "Initialized Backend"
msg_info "Creating Service"
cat <<'EOF' >/lib/systemd/system/npm.service
[Unit]
Description=Nginx Proxy Manager
After=network.target
Wants=openresty.service
[Service]
Type=simple
Environment=NODE_ENV=production
Environment=NODE_OPTIONS=--openssl-legacy-provider
ExecStartPre=-mkdir -p /tmp/nginx/body /data/letsencrypt-acme-challenge
ExecStart=/usr/bin/node index.js --abort_on_uncaught_exception --max_old_space_size=1024
WorkingDirectory=/app
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
msg_ok "Created Service"
motd_ssh
customize
msg_info "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
systemctl enable -q --now openresty
systemctl enable -q --now npm
msg_ok "Started Services"
msg_info "Cleaning up"
rm -rf /tmp/*
systemctl restart openresty
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

39
install/proxmox-backup-server-install.sh
View File

@@ -1,39 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 tteck
# Author: tteck (tteckster)
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://www.proxmox.com/en/proxmox-backup-server
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
read -rp "${TAB3}Do you want to use the Enterprise repository (requires valid subscription key)? [y/N]: " USE_ENTERPRISE_REPO
msg_info "Installing Proxmox Backup Server"
curl -fsSL https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg |
gpg --dearmor -o /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
if [[ "$USE_ENTERPRISE_REPO" =~ ^([yY].*)$ ]]; then
echo "deb https://enterprise.proxmox.com/debian/pbs bookworm pbs-enterprise" >/etc/apt/sources.list.d/pbs-enterprise.list
msg_ok "Enterprise repository enabled. Make sure your subscription key is installed."
else
echo "deb http://download.proxmox.com/debian/pbs bookworm pbs-no-subscription" >>/etc/apt/sources.list
msg_ok "No-subscription repository enabled."
fi
$STD apt-get update
$STD apt-get install -y proxmox-backup-server
msg_ok "Installed Proxmox Backup Server"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

61
install/tracktor-install.sh
View File

@@ -1,61 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2025 Community Scripts ORG
# Author: CrazyWolf13
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://tracktor.bytedge.in
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
setup_nodejs
fetch_and_deploy_gh_release "tracktor" "javedh-dev/tracktor" "tarball" "latest" "/opt/tracktor"
msg_info "Configuring Tracktor"
cd /opt/tracktor
$STD npm install
$STD npm run build
mkdir /opt/tracktor-data
HOST_IP=$(hostname -I | awk '{print $1}')
cat <<EOF >/opt/tracktor/app/backend/.env
NODE_ENV=production
PUBLIC_DEMO_MODE=false
DB_PATH=/opt/tracktor-data/tracktor.db
# Replace this URL if using behind reverse proxy for https traffic. Though it is optional and should work without changing
PUBLIC_API_BASE_URL=http://$HOST_IP:3000
# Here add the reverse proxy url as well to avoid cross errors from the app.
CORS_ORIGINS=http://$HOST_IP:3000
PORT=3000
EOF
msg_ok "Configured Tracktor"
msg_info "Creating service"
cat <<EOF >/etc/systemd/system/tracktor.service
[Unit]
Description=Tracktor Service
After=network.target
[Service]
Type=simple
WorkingDirectory=/opt/tracktor
EnvironmentFile=/opt/tracktor/app/backend/.env
ExecStart=/usr/bin/npm start
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now tracktor
msg_ok "Created service"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

266
install/traefik-install.sh
View File

@@ -1,266 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 tteck
# Author: tteck (tteckster)
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://traefik.io/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt-get install -y apt-transport-https
msg_ok "Installed Dependencies"
RELEASE=$(curl -fsSL https://api.github.com/repos/traefik/traefik/releases | grep -oP '"tag_name":\s*"v\K[\d.]+?(?=")' | sort -V | tail -n 1)
msg_info "Installing Traefik v${RELEASE}"
mkdir -p /etc/traefik/{conf.d,ssl,sites-available}
curl -fsSL "https://github.com/traefik/traefik/releases/download/v${RELEASE}/traefik_v${RELEASE}_linux_amd64.tar.gz" -o "traefik_v${RELEASE}_linux_amd64.tar.gz"
tar -C /tmp -xzf traefik*.tar.gz
mv /tmp/traefik /usr/bin/
rm -rf traefik*.tar.gz
echo "${RELEASE}" >/opt/${APPLICATION}_version.txt
msg_ok "Installed Traefik v${RELEASE}"
msg_info "Creating Traefik configuration"
cat <<'EOF' >/etc/traefik/traefik.yaml
providers:
file:
directory: /etc/traefik/conf.d/
watch: true
entryPoints:
web:
address: ':80'
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ':443'
http:
tls:
certResolver: letsencrypt
# Uncomment below if using cloudflare
/*
forwardedHeaders:
trustedIPs:
- 173.245.48.0/20
- 103.21.244.0/22
- 103.22.200.0/22
- 103.31.101.64/22
- 141.101.64.0/18
- 108.162.192.0/18
- 190.93.240.0/20
- 188.114.96.0/20
- 197.234.240.0/22
- 198.41.128.0/17
- 162.158.0.0/15
- 104.16.0.0/13
- 104.16.0.0/13
- 172.64.0.0/13
- 131.0.72.0/22
*/
asDefault: true
traefik:
address: ':8080'
certificatesResolvers:
letsencrypt:
acme:
email: "foo@bar.com"
storage: /etc/traefik/ssl/acme.json
tlsChallenge: {}
# Uncomment below if you are using self signed or no certificate
#serversTransport:
# insecureSkipVerify: true
api:
dashboard: true
insecure: true
log:
filePath: /var/log/traefik/traefik.log
format: json
level: INFO
accessLog:
filePath: /var/log/traefik/traefik-access.log
format: json
filters:
statusCodes:
- "200"
- "400-599"
retryAttempts: true
minDuration: "10ms"
bufferingSize: 0
fields:
headers:
defaultMode: drop
names:
User-Agent: keep
EOF
msg_ok "Created Traefik configuration"
msg_info "Creating Service"
cat <<'EOF' >/etc/systemd/system/traefik.service
[Unit]
Description=Traefik is an open-source Edge Router that makes publishing your services a fun and easy experience
[Service]
Type=notify
ExecStart=/usr/bin/traefik --configFile=/etc/traefik/traefik.yaml
Restart=on-failure
ExecReload=/bin/kill -USR1 \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now traefik
msg_ok "Created Service"
msg_info "Creating site templates"
cat <<'EOF' >/etc/traefik/template.yaml.tpl
http:
routers:
${hostname}:
rule: Host(`${FQDN}`)
service: ${hostname}
tls:
certResolver: letsencrypt
services:
${hostname}:
loadbalancer:
servers:
- url: "${URL}"
EOF
msg_ok "Template Created"
msg_info "Creating Helper Scripts"
cat <<'EOF' >/usr/bin/addsite
#!/bin/bash
function setup_site() {
hostname="$(whiptail --inputbox "Enter the hostname of the Site" 8 78 --title "Hostname" 3>&1 1>&2 2>&3)"
exitstatus=$?
[[ "$exitstatus" = 1 ]] && return;
FQDN="$(whiptail --inputbox "Enter the FQDN of the Site" 8 78 --title "FQDN" 3>&1 1>&2 2>&3)"
exitstatus=$?
[[ "$exitstatus" = 1 ]] && return;
URL="$(whiptail --inputbox "Enter the URL of the Site (For example http://192.168.x.x:8080)" 8 78 --title "URL" 3>&1 1>&2 2>&3)"
exitstatus=$?
[[ "$exitstatus" = 1 ]] && return;
filename="/etc/traefik/sites-available/${hostname}.yaml"
export hostname FQDN URL
envsubst '${hostname} ${FQDN} ${URL}' < /etc/traefik/template.yaml.tpl > ${filename}
}
setup_site
EOF
cat <<'EOF' >/usr/bin/ensite
#!/bin/bash
function ensite() {
DIR="/etc/traefik/sites-available"
files=( "$DIR"/* )
opts=()
for f in "${files[@]}"; do
name="${f##*/}"
opts+=( "$name" "" )
done
choice=$(whiptail \
--title "Select an entry" \
--menu "Choose a site" \
20 60 12 \
"${opts[@]}" \
3>&1 1>&2 2>&3)
if [ $? -eq 0 ]; then
ln -s $DIR/$choice /etc/traefik/conf.d
else
return
fi
}
ensite
EOF
cat <<'EOF' >/usr/bin/dissite
#!/bin/bash
function dissite() {
DIR="/etc/traefik/conf.d"
files=( "$DIR"/* )
opts=()
for f in "${files[@]}"; do
name="${f##*/}"
opts+=( "$name" "" )
done
choice=$(whiptail \
--title "Select an entry" \
--menu "Choose a site" \
20 60 12 \
"${opts[@]}" \
3>&1 1>&2 2>&3)
if [ $? -eq 0 ]; then
rm $DIR/$choice
else
return
fi
}
dissite
EOF
cat <<'EOF' >/usr/bin/editsite
#!/bin/bash
function edit_site() {
DIR="/etc/traefik/sites-available"
files=( "$DIR"/* )
opts=()
for f in "${files[@]}"; do
name="${f##*/}"
opts+=( "$name" "" )
done
choice=$(whiptail \
--title "Select an entry" \
--menu "Choose a site" \
20 60 12 \
"${opts[@]}" \
3>&1 1>&2 2>&3)
if [ $? -eq 0 ]; then
nano $DIR/$choice
else
return
fi
}
edit_site
EOF
msg_ok "Helper Scripts Created"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"

149
install/zitadel-install.sh
View File

@@ -1,149 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: dave-yap
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://zitadel.com/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies (Patience)"
$STD apt-get install -y ca-certificates
msg_ok "Installed Dependecies"
PG_VERSION="17" setup_postgresql
msg_info "Installing Postgresql"
DB_NAME="zitadel"
DB_USER="zitadel"
DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)
DB_ADMIN_USER="root"
DB_ADMIN_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)
systemctl start postgresql
$STD sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
$STD sudo -u postgres psql -c "CREATE USER $DB_ADMIN_USER WITH PASSWORD '$DB_ADMIN_PASS' SUPERUSER;"
$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_ADMIN_USER;"
{
echo "Application Credentials"
echo "DB_NAME: $DB_NAME"
echo "DB_USER: $DB_USER"
echo "DB_PASS: $DB_PASS"
echo "DB_ADMIN_USER: $DB_ADMIN_USER"
echo "DB_ADMIN_PASS: $DB_ADMIN_PASS"
} >>~/zitadel.creds
msg_ok "Installed PostgreSQL"
fetch_and_deploy_gh_release "zitadel" "zitadel/zitadel" "prebuild" "latest" "/usr/local/bin" "zitadel-linux-amd64.tar.gz"
msg_info "Setting up Zitadel Environments"
mkdir -p /opt/zitadel
echo "/opt/zitadel/config.yaml" >"/opt/zitadel/.config"
head -c 32 < <(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9') >"/opt/zitadel/.masterkey"
{
echo "Config location: $(cat "/opt/zitadel/.config")"
echo "Masterkey: $(cat "/opt/zitadel/.masterkey")"
} >>~/zitadel.creds
cat <<EOF >/opt/zitadel/config.yaml
Port: 8080
ExternalPort: 8080
ExternalDomain: localhost
ExternalSecure: false
TLS:
Enabled: false
KeyPath: ""
Key: ""
CertPath: ""
Cert: ""
Database:
postgres:
Host: localhost
Port: 5432
Database: ${DB_NAME}
User:
Username: ${DB_USER}
Password: ${DB_PASS}
SSL:
Mode: disable
RootCert: ""
Cert: ""
Key: ""
Admin:
Username: ${DB_ADMIN_USER}
Password: ${DB_ADMIN_PASS}
SSL:
Mode: disable
RootCert: ""
Cert: ""
Key: ""
DefaultInstance:
Features:
LoginV2:
Required: false
EOF
msg_ok "Installed Zitadel Enviroments"
msg_info "Creating Services"
cat <<EOF >/etc/systemd/system/zitadel.service
[Unit]
Description=ZITADEL Identiy Server
After=network.target postgresql.service
Wants=postgresql.service
[Service]
Type=simple
User=zitadel
Group=zitadel
ExecStart=/usr/local/bin/zitadel start --masterkeyFile "/opt/zitadel/.masterkey" --config "/opt/zitadel/config.yaml"
Restart=always
RestartSec=5
TimeoutStartSec=0
# Security Hardening options
ProtectSystem=full
ProtectHome=true
PrivateTmp=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q zitadel
msg_ok "Created Services"
msg_info "Zitadel initial setup"
zitadel start-from-init --masterkeyFile /opt/zitadel/.masterkey --config /opt/zitadel/config.yaml &>/dev/null &
sleep 60
kill $(lsof -i | awk '/zitadel/ {print $2}' | head -n1)
useradd zitadel
msg_ok "Zitadel initialized"
msg_info "Set ExternalDomain to current IP and restart Zitadel"
IP=$(ip a s dev eth0 | awk '/inet / {print $2}' | cut -d/ -f1)
sed -i "0,/localhost/s/localhost/${IP}/" /opt/zitadel/config.yaml
systemctl stop -q zitadel
$STD zitadel setup --masterkeyFile /opt/zitadel/.masterkey --config /opt/zitadel/config.yaml
systemctl restart -q zitadel
msg_ok "Zitadel restarted with ExternalDomain set to current IP"
msg_info "Create zitadel-rerun.sh"
cat <<EOF >~/zitadel-rerun.sh
systemctl stop zitadel
timeout --kill-after=5s 15s zitadel setup --masterkeyFile /opt/zitadel/.masterkey --config /opt/zitadel/config.yaml
systemctl restart zitadel
EOF
msg_ok "Bash script for rerunning Zitadel after changing Zitadel config.yaml"
motd_ssh
customize
msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"