ProxmoxVED/install/postiz-install.sh

#!/usr/bin/env bash

# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/gitroomhq/postiz-app

source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os

msg_info "Installing Dependencies"
$STD apt install -y \
  build-essential \
  python3 \
  redis-server \
  nginx
msg_ok "Installed Dependencies"

PG_VERSION="17" setup_postgresql
PG_DB_NAME="postiz" PG_DB_USER="postiz" setup_postgresql_db
NODE_VERSION="22" setup_nodejs

msg_info "Installing pnpm"
$STD npm install -g pnpm@10.6.1
msg_ok "Installed pnpm"

fetch_and_deploy_gh_release "temporal" "temporalio/cli" "prebuild" "latest" "/opt/temporal" "temporal_cli_*_linux_amd64.tar.gz"
chmod +x /opt/temporal/temporal

fetch_and_deploy_gh_release "postiz" "gitroomhq/postiz-app" "tarball"

msg_info "Configuring Application"
JWT_SECRET=$(openssl rand -base64 32)
mkdir -p /opt/postiz/uploads
cat <<EOF >/opt/postiz/.env
DATABASE_URL=postgresql://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}
REDIS_URL=redis://localhost:6379
JWT_SECRET=${JWT_SECRET}
MAIN_URL=http://${LOCAL_IP}
FRONTEND_URL=http://${LOCAL_IP}
NEXT_PUBLIC_BACKEND_URL=http://${LOCAL_IP}/api
BACKEND_INTERNAL_URL=http://localhost:3000
TEMPORAL_ADDRESS=localhost:7233
IS_GENERAL=true
STORAGE_PROVIDER=local
UPLOAD_DIRECTORY=/opt/postiz/uploads
NEXT_PUBLIC_UPLOAD_DIRECTORY=/uploads
NX_ADD_PLUGINS=false
EOF
msg_ok "Configured Application"

msg_info "Building Application"
cd /opt/postiz
set -a && source /opt/postiz/.env && set +a
export NODE_OPTIONS="--max-old-space-size=4096"
$STD pnpm install
$STD pnpm run build
unset NODE_OPTIONS
msg_ok "Built Application"

msg_info "Running Database Migrations"
cd /opt/postiz
set -a && source /opt/postiz/.env && set +a
$STD pnpm run prisma-db-push
msg_ok "Ran Database Migrations"

msg_info "Creating Services"
PNPM_BIN="$(command -v pnpm)"

cat <<EOF >/etc/systemd/system/postiz-temporal.service
[Unit]
Description=Temporal Dev Server (Postiz)
After=network.target

[Service]
Type=simple
User=root
ExecStart=/opt/temporal/temporal server start-dev --db-filename /opt/temporal/temporal.db --log-format json --log-level warn
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

cat <<EOF >/etc/systemd/system/postiz-backend.service
[Unit]
Description=Postiz Backend
After=network.target postgresql.service redis-server.service postiz-temporal.service
Requires=postgresql.service redis-server.service

[Service]
Type=simple
User=root
WorkingDirectory=/opt/postiz
EnvironmentFile=/opt/postiz/.env
ExecStart=${PNPM_BIN} run start:prod:backend
Environment=NODE_OPTIONS=--max-old-space-size=512
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

cat <<EOF >/etc/systemd/system/postiz-frontend.service
[Unit]
Description=Postiz Frontend
After=network.target postiz-backend.service

[Service]
Type=simple
User=root
WorkingDirectory=/opt/postiz
EnvironmentFile=/opt/postiz/.env
Environment=PORT=4200
ExecStart=${PNPM_BIN} run start:prod:frontend
Environment=NODE_OPTIONS=--max-old-space-size=512
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

cat <<EOF >/etc/systemd/system/postiz-orchestrator.service
[Unit]
Description=Postiz Orchestrator
After=network.target postiz-temporal.service postiz-backend.service
Requires=postiz-temporal.service

[Service]
Type=simple
User=root
WorkingDirectory=/opt/postiz
EnvironmentFile=/opt/postiz/.env
ExecStart=${PNPM_BIN} run start:prod:orchestrator
Environment=NODE_OPTIONS=--max-old-space-size=384
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

systemctl enable -q --now redis-server postiz-temporal postiz-backend postiz-frontend postiz-orchestrator
msg_ok "Created Services"

msg_info "Configuring Nginx"
cat <<EOF >/etc/nginx/sites-available/postiz
server {
  listen 80 default_server;
  server_name _;

  client_max_body_size 100M;

  location /api/ {
    proxy_pass http://127.0.0.1:3000/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade \$http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host \$host;
    proxy_set_header X-Real-IP \$remote_addr;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto \$scheme;
  }

  location /uploads {
    alias /opt/postiz/uploads;
  }

  location / {
    proxy_pass http://127.0.0.1:4200;
    proxy_http_version 1.1;
    proxy_set_header Upgrade \$http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host \$host;
    proxy_set_header X-Real-IP \$remote_addr;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto \$scheme;
  }
}
EOF
ln -sf /etc/nginx/sites-available/postiz /etc/nginx/sites-enabled/postiz
rm -f /etc/nginx/sites-enabled/default
$STD nginx -t
$STD systemctl enable --now nginx
msg_ok "Configured Nginx"

motd_ssh
customize
cleanup_lxc