Konstantin/ProxmoxVED
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Konstantin:delete_files_isponsorblocktv
Branches Tags
Konstantin:main Konstantin:delete_files_versitygw Konstantin:delete_files_isponsorblocktv Konstantin:delete_files_alpine-wakapi Konstantin:delete_files_teleport Konstantin:feature/pocketbase-bot Konstantin:MickLesk-patch-3-1 Konstantin:delete_files_split-pro Konstantin:delete_files_gluetun Konstantin:delete_files_anytype-server Konstantin:delete_files_yamtrack Konstantin:arm64-dev-build Konstantin:michelroegl-brunner-patch-2 Konstantin:michelroegl-brunner-patch-1 Konstantin:update_versions Konstantin:github-action-update-changelog Konstantin:change_to_gitea
..
compare: Konstantin:main
Branches Tags
Konstantin:main Konstantin:delete_files_versitygw Konstantin:delete_files_isponsorblocktv Konstantin:delete_files_alpine-wakapi Konstantin:delete_files_teleport Konstantin:feature/pocketbase-bot Konstantin:MickLesk-patch-3-1 Konstantin:delete_files_split-pro Konstantin:delete_files_gluetun Konstantin:delete_files_anytype-server Konstantin:delete_files_yamtrack Konstantin:arm64-dev-build Konstantin:michelroegl-brunner-patch-2 Konstantin:michelroegl-brunner-patch-1 Konstantin:update_versions Konstantin:github-action-update-changelog Konstantin:change_to_gitea

30 Commits
delete_fil ... main

Author SHA1 Message Date
Tobias
e76681ed8e Improve stale PR auto-labeling and management 
Enhance stale PR management by auto-labeling PRs with no activity in the last 14 days and maintaining existing stale PR handling.
 2026-03-22 13:58:26 +01:00
Tobias
87bb2a34ca Merge pull request #1603 from heinemannj/patch-1 
Enhance step-ca installation and initialization process
 2026-03-22 10:30:41 +01:00
github-actions[bot]
2b907821a7 Delete versitygw (ct) after migration to ProxmoxVE (#1604) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-22 08:40:58 +00:00
MickLesk
96d9835d79 refactor(nginxproxymanager): use version-agnostic sed and revert to Debian 12 2026-03-21 19:39:59 +01:00
MickLesk
bba8577237 refactor(nginxproxymanager): clean up install and update scripts 
Install script:
- Merge dependency blocks into one
- Remove pre-installed ca-certificates
- Use get_latest_github_release instead of curl/grep/awk
- Re-enable systemctl enable openresty
- Remove redundant systemctl restart

CT update script:
- Bump var_version to 13 (Trixie)
- Use apt instead of apt-get (project convention)
- Add $STD to apt purge/autoremove
- Use get_latest_github_release
- Remove redundant systemctl restart after enable --now
 2026-03-21 19:34:42 +01:00
MickLesk
b4a824b9a1 fix(nginxproxymanager): add missing OpenResty modules for NPM 
Add --with-http_sub_module and --with-http_auth_request_module
to OpenResty configure flags. NPM needs auth_request for access
list subrequests and sub_filter for response rewriting.
 2026-03-21 19:23:30 +01:00
MickLesk
bd5e20237f test 2026-03-21 19:20:00 +01:00
MickLesk
96fc169f4b fix(build): prevent error handler crash from pipefail on grep 
The missing_cmd grep pipeline in the install error handler runs
under set -o pipefail. When grep finds no match (exit 1), the
entire pipeline fails and triggers the ERR trap recursively,
crashing the recovery menu. Add || true to suppress this.
 2026-03-21 19:16:33 +01:00
MickLesk
74007d3f72 fix(nginxproxymanager): add missing systemctl daemon-reload before enable 
Without daemon-reload, systemd doesn't know about the new
openresty.service unit file, causing enable --now to fail.
 2026-03-21 19:12:04 +01:00
MickLesk
7fec6ed156 fix(nginxproxymanager): reorder update to migrate OpenResty from apt to source 
- Move OpenResty apt removal + source build before environment setup
- Ensures symlinks and configs point to freshly built OpenResty
- Use simplified systemd service (Type=simple, daemon off)
- Remove duplicate OpenResty build block
 2026-03-21 19:08:39 +01:00
MickLesk
a6921a33f3 fix(nginxproxymanager): simplify openresty service for LXC compatibility 
- Switch from Type=forking to Type=simple with 'daemon off;'
- Remove PIDFile, ExecReload, ExecStop (systemd handles these)
- Remove PrivateTmp=true (incompatible with LXC containers)
 2026-03-21 19:02:08 +01:00
MickLesk
fde17c12ed testing npm openresty 2026-03-21 18:49:47 +01:00
Joerg Heinemann
16f7904371 Enhance step-ca installation and initialization process 
First change to reduce the amount of status msg_xxx blocks.

To be continued after merging and testing.
 2026-03-21 14:57:03 +01:00
CanbiZ (MickLesk)
eb0a973c62 docs(netboot-xyz): fix guide — all 31 assets, 8GB disk, proper headings 2026-03-20 16:08:17 +01:00
CanbiZ (MickLesk)
0deb262d5f docs(netboot-xyz): update guide — all 31 assets, 8GB disk, fix lint errors 2026-03-20 16:05:44 +01:00
CanbiZ (MickLesk)
91950cc983 fix(netboot-xyz): download all 31 release assets, bump disk to 8GB 2026-03-20 15:23:33 +01:00
CanbiZ (MickLesk)
f0fc1aff4e fix(netboot-xyz): download all bootloaders + add /ipxe/ nginx alias to fix 404s 2026-03-20 15:20:07 +01:00
CanbiZ (MickLesk)
13a836c44d fix(netboot-xyz): rename install script to match APP name (netboot.xyz-install.sh) 2026-03-20 15:05:14 +01:00
CanbiZ (MickLesk)
7df3ff5ece testing netboot as lxc 2026-03-20 15:00:39 +01:00
CanbiZ (MickLesk)
1f3970fcf7 fix(discourse): update notes with creds path 2026-03-20 14:52:31 +01:00
CanbiZ (MickLesk)
8c3ebdd166 fix(discourse): nginx serve static assets from public/, fix JS/font 404s 2026-03-20 14:50:44 +01:00
CanbiZ (MickLesk)
8883957393 fix(discourse): create admin via rails runner, fix invalid email 2026-03-20 14:48:11 +01:00
CanbiZ (MickLesk)
a21f901a1a fix(versitygw): add colon prefix to VGW_PORT (:7070) 2026-03-20 14:32:31 +01:00
CanbiZ (MickLesk)
d2c4288395 fix(versitygw): move WebGUI prompt before msg_info spinner 2026-03-20 14:15:59 +01:00
CanbiZ (MickLesk)
9066f6511a fix(discourse): nginx reload, db:seed, sidekiq queues, skip email verification 2026-03-20 14:09:48 +01:00
CanbiZ (MickLesk)
c281d7ce68 fix(simplelogin): reload nginx after config, add SMTP note 2026-03-20 14:08:07 +01:00
CanbiZ (MickLesk)
e7f51e92d2 OOM 2026-03-20 13:59:50 +01:00
CanbiZ (MickLesk)
70914c20a2 Add optional VersityGW WebGUI support 
Prompt the user during install to enable the beta VersityGW WebGUI and, if accepted, append VGW_WEBUI_PORT=:7071 and VGW_WEBUI_NO_TLS=true to /etc/versitygw.d/gateway.conf. Update the installer to report that the WebGUI will be enabled and modify the completion script to display the WebGUI URL (http://<IP>:7071) when the config contains VGW_WEBUI_PORT. Keeps existing access/key generation and default gateway port unchanged.
 2026-03-20 13:58:57 +01:00
CanbiZ (MickLesk)
97b44d8a26 Switch to alembic migrations and pitchfork 
Replace calls to `flask db upgrade` with `alembic upgrade head` in SimpleLogin install and update scripts so migrations are executed via Alembic in the virtualenv. For Discourse, remove in-place puma.rb sed tweaks (socket bind and stdout redirect) and update the systemd ExecStart to run `pitchfork -c config/pitchfork.conf.rb` instead of invoking puma directly, using Discourse's recommended process manager.
 2026-03-20 13:57:43 +01:00
github-actions[bot]
055abcb99f Delete isponsorblocktv (ct) after migration to ProxmoxVE (#1600) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-20 12:31:09 +00:00
21 changed files with 1057 additions and 186 deletions
Expand all files Collapse all files

81
.github/workflows/stale_pr_close.yml generated vendored
View File

@@ -22,7 +22,7 @@ jobs:
const now = new Date();
const owner = context.repo.owner;
const repo = context.repo.repo;
// --- When stale label is added, comment immediately ---
if (context.eventName === "pull_request_target" && context.payload.action === "labeled") {
const label = context.payload.label?.name;
@@ -37,19 +37,74 @@ jobs:
}
return;
}
// --- Scheduled run: check all stale PRs ---
// --- Scheduled run: fetch all open PRs ---
const { data: prs } = await github.rest.pulls.list({
owner,
repo,
state: "open",
per_page: 100
});
for (const pr of prs) {
const hasStale = pr.labels.some(l => l.name === "stale");
if (!hasStale) continue;
const labels = pr.labels.map(l => l.name);
const hasStale = labels.includes("stale");
const hasKeepOpen = labels.includes("keep-open");
// -------------------------------------------------------
// NEW: Auto-label PRs with no activity in the last 14 days
// -------------------------------------------------------
if (!hasStale && !hasKeepOpen) {
// Find the most recent commit date
const { data: commits } = await github.rest.pulls.listCommits({
owner,
repo,
pull_number: pr.number
});
const lastCommitDate = commits.length > 0
? new Date(commits[commits.length - 1].commit.author.date)
: new Date(pr.created_at);
// Find the most recent non-bot comment date
const { data: comments } = await github.rest.issues.listComments({
owner,
repo,
issue_number: pr.number,
per_page: 100
});
const humanComments = comments.filter(c => c.user?.type !== "Bot");
const lastCommentDate = humanComments.length > 0
? new Date(humanComments[humanComments.length - 1].created_at)
: null;
// Most recent activity across commits and comments
const lastActivityDate = lastCommentDate && lastCommentDate > lastCommitDate
? lastCommentDate
: lastCommitDate;
const daysSinceActivity = (now - lastActivityDate) / (1000 * 60 * 60 * 24);
if (daysSinceActivity > 14) {
await github.rest.issues.addLabels({
owner,
repo,
issue_number: pr.number,
labels: ["stale"]
});
// The pull_request_target labeled event will fire the comment automatically.
// Skip further processing for this PR in this run.
continue;
}
// Not stale, nothing else to do for this PR.
continue;
}
// -------------------------------------------------------
// EXISTING: Manage already-stale PRs
// -------------------------------------------------------
if (!hasStale) continue; // has keep-open but not stale — skip
// Get timeline events to find when stale label was added
const { data: events } = await github.rest.issues.listEvents({
owner,
@@ -57,27 +112,27 @@ jobs:
issue_number: pr.number,
per_page: 100
});
// Find the most recent time the stale label was added
const staleLabelEvents = events
.filter(e => e.event === "labeled" && e.label?.name === "stale")
.sort((a, b) => new Date(b.created_at) - new Date(a.created_at));
if (staleLabelEvents.length === 0) continue;
const staleLabelDate = new Date(staleLabelEvents[0].created_at);
const daysSinceStale = (now - staleLabelDate) / (1000 * 60 * 60 * 24);
// Check for new commits since stale label was added
const { data: commits } = await github.rest.pulls.listCommits({
owner,
repo,
pull_number: pr.number
});
const lastCommitDate = new Date(commits[commits.length - 1].commit.author.date);
const author = pr.user.login;
// If there are new commits after the stale label, remove it
if (lastCommitDate > staleLabelDate) {
await github.rest.issues.removeLabel({

4
ct/discourse.sh
View File

@@ -73,5 +73,5 @@ msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"
echo -e "${INFO}${YW} Admin Setup:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}Create the first account in the web UI (use admin@local to match developer emails)${CL}"
echo -e "${INFO}${YW} Credentials saved in:${CL}"
echo -e "${TAB}/root/discourse.creds"

87
ct/netboot-xyz.sh Normal file
View File

@@ -0,0 +1,87 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Michel Roegl-Brunner (michelroegl-brunner)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://netboot.xyz
APP="netboot.xyz"
var_tags="${var_tags:-network;pxe;boot}"
var_cpu="${var_cpu:-1}"
var_ram="${var_ram:-512}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f ~/.netboot-xyz ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "netboot-xyz" "netbootxyz/netboot.xyz"; then
msg_info "Backing up Configuration"
cp /var/www/html/boot.cfg /opt/netboot-xyz-boot.cfg.bak
msg_ok "Backed up Configuration"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "netboot-xyz" "netbootxyz/netboot.xyz" "prebuild" "latest" "/var/www/html" "menus.tar.gz"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-undionly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-undionly.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-lkrn" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.lkrn"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-linux-bin" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-linux.bin"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-pdsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.pdsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-checksums" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-sha256-checksums.txt"
msg_info "Restoring Configuration"
cp /opt/netboot-xyz-boot.cfg.bak /var/www/html/boot.cfg
rm -f /opt/netboot-xyz-boot.cfg.bak
msg_ok "Restored Configuration"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

225
ct/nginxproxymanager.sh Normal file
View File

@@ -0,0 +1,225 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: tteck (tteckster) | Co-Author: CrazyWolf13
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://nginxproxymanager.com/ | Github: https://github.com/NginxProxyManager/nginx-proxy-manager
APP="Nginx Proxy Manager"
var_tags="${var_tags:-proxy}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-2048}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-12}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f /lib/systemd/system/npm.service ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if [[ $(grep -E '^VERSION_ID=' /etc/os-release) == *"12"* ]]; then
msg_error "Wrong Debian version detected!"
msg_error "Please create a snapshot first. You must upgrade your LXC to Debian Trixie before updating. Visit: https://github.com/community-scripts/ProxmoxVE/discussions/7489"
exit
fi
if command -v node &>/dev/null; then
CURRENT_NODE_VERSION=$(node --version | cut -d'v' -f2 | cut -d'.' -f1)
if [[ "$CURRENT_NODE_VERSION" != "22" ]]; then
systemctl stop openresty
$STD apt purge -y nodejs npm
$STD apt autoremove -y
rm -rf /usr/local/bin/node /usr/local/bin/npm
rm -rf /usr/local/lib/node_modules
rm -rf ~/.npm
rm -rf /root/.npm
fi
fi
NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
RELEASE=$(get_latest_github_release "NginxProxyManager/nginx-proxy-manager")
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "v${RELEASE}" "/opt/nginxproxymanager"
msg_info "Stopping Services"
systemctl stop openresty
systemctl stop npm
msg_ok "Stopped Services"
msg_info "Cleaning old files"
$STD rm -rf /app \
/var/www/html \
/etc/nginx \
/var/log/nginx \
/var/lib/nginx \
/var/cache/nginx
msg_ok "Cleaned old files"
msg_info "Migrating to OpenResty from source"
rm -f /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg /etc/apt/trusted.gpg.d/openresty.gpg
rm -f /etc/apt/sources.list.d/openresty.list /etc/apt/sources.list.d/openresty.sources
if dpkg -l openresty &>/dev/null; then
$STD apt remove -y openresty
$STD apt autoremove -y
fi
$STD apt install -y build-essential libpcre3-dev libssl-dev zlib1g-dev
msg_ok "Migrated to OpenResty from source"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "latest" "/opt/openresty" "openresty-*.tar.gz"
msg_info "Building OpenResty"
cd /opt/openresty
$STD ./configure \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_auth_request_module \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module
$STD make -j"$(nproc)"
$STD make install
rm -rf /opt/openresty
cat <<'EOF' >/lib/systemd/system/openresty.service
[Unit]
Description=The OpenResty Application Platform
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
ExecStartPre=/usr/local/openresty/nginx/sbin/nginx -t
ExecStart=/usr/local/openresty/nginx/sbin/nginx -g 'daemon off;'
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
msg_ok "Built OpenResty"
msg_info "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done
mkdir -p /var/www/html /etc/nginx/logs
cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf
mkdir -p /tmp/nginx/body \
/run/nginx \
/data/nginx \
/data/custom_ssl \
/data/logs \
/data/access \
/data/nginx/default_host \
/data/nginx/default_www \
/data/nginx/proxy_host \
/data/nginx/redirection_host \
/data/nginx/stream \
/data/nginx/dead_host \
/data/nginx/temp \
/var/lib/nginx/cache/public \
/var/lib/nginx/cache/private \
/var/cache/nginx/proxy_temp
chmod -R 777 /var/cache/nginx
chown root /tmp/nginx
echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
$STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
fi
mkdir -p /app/frontend/images
cp -r /opt/nginxproxymanager/backend/* /app
msg_ok "Set up Environment"
msg_info "Building Frontend"
export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
cd /opt/nginxproxymanager/frontend
# Replace node-sass with sass in package.json before installation
sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
$STD yarn install --network-timeout 600000
$STD yarn locale-compile
$STD yarn build
cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
msg_ok "Built Frontend"
msg_info "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
cat <<'EOF' >/app/config/production.json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "better-sqlite3",
"connection": {
"filename": "/data/database.sqlite"
},
"useNullAsDefault": true
}
}
}
EOF
fi
sed -i 's/"client": "sqlite3"/"client": "better-sqlite3"/' /app/config/production.json
cd /app
$STD yarn install --network-timeout 600000
msg_ok "Initialized Backend"
msg_info "Updating Certbot"
if [ -d /opt/certbot ]; then
$STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
$STD /opt/certbot/bin/pip install --upgrade certbot certbot-dns-cloudflare
fi
msg_ok "Updated Certbot"
msg_info "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
systemctl daemon-reload
systemctl enable -q --now openresty
systemctl enable -q --now npm
msg_ok "Started Services"
msg_ok "Updated successfully!"
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:81${CL}"

2
ct/simplelogin.sh
View File

@@ -53,7 +53,7 @@ function update_script() {
msg_info "Running Database Migrations"
cd /opt/simplelogin
cp /opt/simplelogin_env.bak /opt/simplelogin/.env
$STD .venv/bin/flask db upgrade
$STD .venv/bin/alembic upgrade head
msg_ok "Ran Database Migrations"
msg_info "Restoring Data"

2
ct/twenty.sh
View File

@@ -9,7 +9,7 @@ source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxV
APP="Twenty"
var_tags="${var_tags:-crm;business;contacts}"
var_cpu="${var_cpu:-4}"
var_ram="${var_ram:-8192}"
var_ram="${var_ram:-10240}"
var_disk="${var_disk:-20}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"

54
ct/versitygw.sh
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/versity/versitygw
APP="VersityGW"
var_tags="${var_tags:-s3;storage;gateway}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-2048}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f /usr/bin/versitygw ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "versitygw" "versity/versitygw"; then
msg_info "Stopping Service"
systemctl stop versitygw@gateway
msg_ok "Stopped Service"
fetch_and_deploy_gh_release "versitygw" "versity/versitygw" "binary"
msg_info "Starting Service"
systemctl start versitygw@gateway
msg_ok "Started Service"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:7070${CL}"

268
docs/guides/netboot-xyz.md Normal file
View File

@@ -0,0 +1,268 @@
# netboot.xyz — Self-Hosted PXE Boot Server on Proxmox
## What is netboot.xyz?
netboot.xyz is a **network boot (PXE) utility**. It lets any machine on your network boot from a menu of operating systems and tools — without a USB stick, CD/DVD, or pre-downloaded ISO.
Think of it like a universal boot menu that loads over the network.
### What your self-hosted container actually does
Your LXC container hosts only two things:
- **iPXE bootloader binaries** (`.efi`, `.kpxe` files — a few hundred KB each)
- **iPXE menu files** (plain text `.ipxe` scripts that define the menu structure)
That's it. The container serves ~80 MB of files total (bootloaders + menus).
When a machine PXE-boots, it:
1. Fetches the bootloader binary from your container (via TFTP or HTTP)
2. The bootloader loads the menu from your container
3. You pick an OS
4. The OS installer or live system loads **directly from upstream internet mirrors** at boot time
Your container is the **signpost**. The internet is the **library**.
> **Important:** Clients need internet access to actually install/boot an OS. Your container itself does not need to store or proxy OS images.
### What you can boot
| Category | Examples |
| ------------------ | ------------------------------------------------------------- |
| **OS Installers** | Debian, Ubuntu, Fedora, Rocky Linux, Alpine, Arch, NixOS, ... |
| **Live Systems** | Kali Live, Tails, Mint Live, Manjaro Live, ... |
| **Rescue Tools** | SystemRescue, Clonezilla, GParted, Rescuezilla, Memtest86 |
| **Virtualization** | Proxmox VE, Harvester, VMware ESXi |
| **BSD** | FreeBSD, OpenBSD |
| **Utilities** | ShredOS (disk wipe), DBAN, ZFSBootMenu, Super Grub2 |
---
## Installation
Run on your **Proxmox host**:
```bash
bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/ct/netboot-xyz.sh)"
```
Creates a minimal Debian 13 LXC container:
| Resource | Value |
| ----------- | ------ |
| CPU | 1 core |
| RAM | 512 MB |
| Disk | 8 GB |
| Port (HTTP) | 80/TCP |
| Port (TFTP) | 69/UDP |
After installation, the web interface is available at:
```
http://<container-ip>/
```
It shows a directory listing of all available bootloaders and menu files.
---
## How to PXE Boot a Machine
### Step 1 — Configure your DHCP server
Your DHCP server needs to tell PXE clients where to find the bootloader.
**Required settings:**
| Setting | Value |
| --------------------------- | ------------------ |
| Next Server (TFTP) | `<container-ip>` |
| Boot filename (UEFI) | `netboot.xyz.efi` |
| Boot filename (BIOS/Legacy) | `netboot.xyz.kpxe` |
**OPNsense / pfSense:**
`Services → DHCP Server → [interface] → Network Booting`
- _Enable_: checked
- _Next server_: `<container-ip>`
- _Default BIOS filename_: `netboot.xyz.kpxe`
- _UEFI 64-bit filename_: `netboot.xyz.efi`
**dnsmasq (Pi-hole, AdGuard Home, OpenWrt):**
```
dhcp-boot=netboot.xyz.kpxe,<container-ip> # BIOS
# or:
dhcp-boot=netboot.xyz.efi,<container-ip> # UEFI
```
**ISC DHCP (`dhcpd.conf`):**
```
next-server <container-ip>;
filename "netboot.xyz.efi";
```
### Step 2 — Enable PXE boot on your client
In the machine's BIOS/UEFI:
- Enable **Network Boot** / **PXE Boot**
- Set boot order: Network first (or select once via boot menu, usually F11/F12)
### Step 3 — Boot
Power on the machine. The iPXE bootloader loads from your container, shows the menu, and you navigate with arrow keys.
---
## UEFI HTTP Boot (no DHCP changes)
Modern UEFI firmware supports booting directly from an HTTP URL — no DHCP options needed.
Load the bootloader directly in the UEFI shell:
```
http://<container-ip>/netboot.xyz.efi
```
**Proxmox VMs:** Set the VM network boot URL in the UEFI shell, or use iPXE chaining in the VM BIOS.
---
## Available Bootloader Files
All files are served at `http://<container-ip>/` and `http://<container-ip>/ipxe/`:
### x86_64 UEFI
| File | Use case |
| ------------------------- | ----------------------------------------------- |
| `netboot.xyz.efi` | Standard UEFI — recommended starting point |
| `netboot.xyz.efi.dsk` | Virtual floppy/disk image of the EFI bootloader |
| `netboot.xyz-snp.efi` | UEFI SNP — tries all network devices |
| `netboot.xyz-snp.efi.dsk` | Disk image of SNP EFI bootloader |
| `netboot.xyz-snponly.efi` | UEFI SNP — only boots from chained device |
### x86_64 UEFI Metal (Secure Boot / code-signed)
| File | Use case |
| ------------------------------- | ------------------------------------------- |
| `netboot.xyz-metal.efi` | Secure Boot compatible UEFI bootloader |
| `netboot.xyz-metal.efi.dsk` | Disk image of metal EFI bootloader |
| `netboot.xyz-metal-snp.efi` | Secure Boot SNP — tries all network devices |
| `netboot.xyz-metal-snp.efi.dsk` | Disk image of metal SNP EFI bootloader |
| `netboot.xyz-metal-snponly.efi` | Secure Boot SNP — only chained device |
### x86_64 BIOS / Legacy
| File | Use case |
| --------------------------- | ------------------------------------------------- |
| `netboot.xyz.kpxe` | BIOS PXE — built-in iPXE NIC drivers |
| `netboot.xyz-undionly.kpxe` | BIOS PXE fallback — use if NIC has driver issues |
| `netboot.xyz-metal.kpxe` | BIOS PXE — Secure Boot / code-signed variant |
| `netboot.xyz.lkrn` | Kernel module — load from GRUB/EXTLINUX |
| `netboot.xyz-linux.bin` | Linux binary — chainload from existing Linux boot |
| `netboot.xyz.dsk` | Virtual floppy disk for DRAC/iLO, VMware, etc. |
| `netboot.xyz.pdsk` | Padded virtual floppy disk |
### ARM64
| File | Use case |
| ------------------------------------- | ------------------------------------------- |
| `netboot.xyz-arm64.efi` | ARM64 UEFI — standard |
| `netboot.xyz-arm64-snp.efi` | ARM64 UEFI SNP — tries all network devices |
| `netboot.xyz-arm64-snponly.efi` | ARM64 UEFI SNP — only chained device |
| `netboot.xyz-metal-arm64.efi` | ARM64 Secure Boot UEFI |
| `netboot.xyz-metal-arm64-snp.efi` | ARM64 Secure Boot SNP |
| `netboot.xyz-metal-arm64-snponly.efi` | ARM64 Secure Boot SNP — only chained device |
### ISO / IMG (for media creation or virtual boot)
| File | Use case |
| --------------------------- | ------------------------------------------------- |
| `netboot.xyz.iso` | x86_64 ISO — CD/DVD, virtual CD, DRAC/iLO, VMware |
| `netboot.xyz.img` | x86_64 IMG — USB key creation |
| `netboot.xyz-arm64.iso` | ARM64 ISO |
| `netboot.xyz-arm64.img` | ARM64 IMG — USB key creation |
| `netboot.xyz-multiarch.iso` | Combined x86_64 + ARM64 ISO |
| `netboot.xyz-multiarch.img` | Combined x86_64 + ARM64 IMG |
### Checksums
| File | Use case |
| ---------------------------------- | --------------------------- |
| `netboot.xyz-sha256-checksums.txt` | SHA256 hashes for all files |
> **BIOS vs UEFI:** Use `.efi` for UEFI systems, `.kpxe` for legacy BIOS. Mixing them causes silent failures.
>
> **Secure Boot:** Use the `-metal-` variants if your firmware enforces Secure Boot.
---
## Customizing the Menu
Edit `/var/www/html/boot.cfg` inside the container:
```bash
# SSH into the container, then:
nano /var/www/html/boot.cfg
```
Changes take effect immediately — no service restart needed.
Common customizations:
```bash
# Set a default boot entry with 10-second timeout:
set menu-timeout 10000
set menu-default linux
# Override the mirror used for Ubuntu:
set mirror http://de.archive.ubuntu.com/ubuntu
```
Full documentation: [netboot.xyz/docs](https://netboot.xyz/docs/)
---
## Updating
The update script preserves your `boot.cfg` customizations, updates menus and bootloaders to the latest release:
```bash
bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/ct/netboot-xyz.sh)"
```
---
## Troubleshooting
### Client can't reach the container / TFTP timeout
- Check that UDP/69 (TFTP) and TCP/80 (HTTP) are not blocked between client and container
- Proxmox firewall: add rules to allow these ports inbound on the container
- Check that the container is in the same VLAN/subnet as the client, or that inter-VLAN routing is configured
### Menu loads but OS download fails or is slow
- Expected — OS files come from the internet, not your container
- Client needs internet access (direct or via NAT through Proxmox)
- For air-gapped networks, you need to mirror OS images locally (advanced, see netboot.xyz docs)
### Machine boots to local disk instead of PXE
- Check boot order in BIOS/UEFI — network boot must come first, or select it manually via F11/F12
- Some UEFI systems require Secure Boot to be disabled for iPXE
### UEFI machine ignores the boot filename
- Some DHCP servers send the same `filename` option to both BIOS and UEFI clients
- Use vendor class matching in your DHCP config to send `.efi` only to UEFI clients
- OPNsense/pfSense handle this automatically when you set both BIOS and UEFI filenames separately
### `netboot.xyz.kpxe` works but `netboot.xyz.efi` doesn't (or vice versa)
- BIOS systems → use `netboot.xyz.kpxe` or `netboot.xyz-undionly.kpxe`
- UEFI systems → use `netboot.xyz.efi` or `netboot.xyz-snp.efi`

52
install/discourse-install.sh
View File

@@ -55,18 +55,17 @@ DISCOURSE_DB_NAME=discourse
DISCOURSE_DB_USERNAME=discourse
DISCOURSE_DB_PASSWORD=${DISCOURSE_DB_PASS}
DISCOURSE_REDIS_URL=redis://localhost:6379
DISCOURSE_DEVELOPER_EMAILS=admin@local
DISCOURSE_DEVELOPER_EMAILS=admin@discourse.local
DISCOURSE_HOSTNAME=${LOCAL_IP}
DISCOURSE_SMTP_ADDRESS=localhost
DISCOURSE_SMTP_PORT=25
DISCOURSE_SMTP_AUTHENTICATION=none
DISCOURSE_NOTIFICATION_EMAIL=noreply@${LOCAL_IP}
DISCOURSE_SKIP_NEW_ACCOUNT_EMAIL=true
APP_ROOT=/opt/discourse
EOF
mkdir -p /opt/discourse/tmp/sockets /opt/discourse/tmp/pids /opt/discourse/log
sed -i 's|bind "unix://#{APP_ROOT}/tmp/sockets/puma.sock"|bind "tcp://127.0.0.1:3000"|' /opt/discourse/config/puma.rb
sed -i 's|stdout_redirect.*|# logging handled by systemd|' /opt/discourse/config/puma.rb
chown -R root:root /opt/discourse
chmod 755 /opt/discourse
msg_ok "Configured Discourse"
@@ -94,8 +93,32 @@ set -a
source /opt/discourse/.env
set +a
$STD bundle exec rails db:migrate
$STD bundle exec rails db:seed
msg_ok "Set Up Database"
msg_info "Creating Admin Account"
ADMIN_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c16)
$STD bundle exec rails runner "
user = User.new(email: 'admin@discourse.local', username: 'admin', password: '${ADMIN_PASS}')
user.active = true
user.admin = true
user.approved = true
user.save!(validate: false)
user.activate
user.grant_admin!
user.change_trust_level!(TrustLevel[4])
SiteSetting.has_login_hint = false
SiteSetting.wizard_enabled = false
"
{
echo "Discourse Credentials"
echo "Admin Username: admin"
echo "Admin Email: admin@discourse.local"
echo "Admin Password: ${ADMIN_PASS}"
echo "Database Password: ${DISCOURSE_DB_PASS}"
} >~/discourse.creds
msg_ok "Created Admin Account"
msg_info "Building Discourse Assets"
cd /opt/discourse
export PATH="$HOME/.rbenv/bin:$HOME/.rbenv/shims:$PATH"
@@ -119,7 +142,7 @@ User=root
WorkingDirectory=/opt/discourse
EnvironmentFile=/opt/discourse/.env
Environment=PATH=/root/.rbenv/shims:/root/.rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ExecStart=/root/.rbenv/shims/bundle exec puma -w 2
ExecStart=/root/.rbenv/shims/bundle exec pitchfork -c config/pitchfork.conf.rb
Restart=on-failure
RestartSec=5
@@ -138,7 +161,7 @@ User=root
WorkingDirectory=/opt/discourse
EnvironmentFile=/opt/discourse/.env
Environment=PATH=/root/.rbenv/shims:/root/.rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ExecStart=/root/.rbenv/shims/bundle exec sidekiq -q critical -q low -q default
ExecStart=/root/.rbenv/shims/bundle exec sidekiq -q critical -q default -q low -q ultra_low
Restart=on-failure
RestartSec=5
@@ -153,12 +176,27 @@ cat <<EOF >/etc/nginx/sites-available/discourse
server {
listen 80 default_server;
server_name _;
root /opt/discourse/public;
client_max_body_size 100M;
proxy_busy_buffers_size 512k;
proxy_buffers 4 512k;
location /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public,immutable;
}
location /uploads/ {
expires 1h;
}
location / {
try_files \$uri @discourse;
}
location @discourse {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
@@ -167,6 +205,7 @@ server {
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Accel-Mapping /opt/discourse/public/=/downloads/;
}
}
EOF
@@ -175,6 +214,7 @@ ln -sf /etc/nginx/sites-available/discourse /etc/nginx/sites-enabled/discourse
rm -f /etc/nginx/sites-enabled/default
$STD nginx -t
$STD systemctl enable --now nginx
$STD systemctl reload nginx
msg_ok "Configured Nginx"
motd_ssh

102
install/netboot.xyz-install.sh Normal file
View File

@@ -0,0 +1,102 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Michel Roegl-Brunner (michelroegl-brunner)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://netboot.xyz
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
nginx \
tftpd-hpa
msg_ok "Installed Dependencies"
fetch_and_deploy_gh_release "netboot-xyz" "netbootxyz/netboot.xyz" "prebuild" "latest" "/var/www/html" "menus.tar.gz"
# x86_64 UEFI bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snponly.efi"
# x86_64 metal (code-signed) UEFI bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snponly.efi"
# x86_64 BIOS/Legacy bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-undionly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-undionly.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-lkrn" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.lkrn"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-linux-bin" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-linux.bin"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-pdsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.pdsk"
# ARM64 bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snponly.efi"
# ISO and IMG images (for virtual/physical media creation)
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.img"
# SHA256 checksums
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-checksums" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-sha256-checksums.txt"
msg_info "Configuring Webserver"
rm -f /etc/nginx/sites-enabled/default
cat <<'EOF' >/etc/nginx/sites-available/netboot-xyz
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name _;
location / {
autoindex on;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Headers "Content-Type";
}
# The index.html from menus.tar.gz links bootloaders under /ipxe/ —
# serve them from the same root directory via alias
location /ipxe/ {
alias /var/www/html/;
autoindex on;
add_header Access-Control-Allow-Origin "*";
}
}
EOF
ln -sf /etc/nginx/sites-available/netboot-xyz /etc/nginx/sites-enabled/netboot-xyz
$STD systemctl reload nginx
msg_ok "Configured Webserver"
msg_info "Configuring TFTP Server"
cat <<EOF >/etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/www/html"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"
EOF
systemctl enable -q --now tftpd-hpa
msg_ok "Configured TFTP Server"
motd_ssh
customize
cleanup_lxc

190
install/nginxproxymanager-install.sh Normal file
View File

@@ -0,0 +1,190 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: tteck (tteckster) | Co-Author: CrazyWolf13
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://nginxproxymanager.com/ | Github: https://github.com/NginxProxyManager/nginx-proxy-manager
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
apache2-utils \
logrotate \
build-essential \
libpcre3-dev \
libssl-dev \
zlib1g-dev \
git \
python3 \
python3-dev \
python3-pip \
python3-venv \
python3-cffi
msg_ok "Installed Dependencies"
msg_info "Setting up Certbot"
$STD python3 -m venv /opt/certbot
$STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
$STD /opt/certbot/bin/pip install certbot certbot-dns-cloudflare
ln -sf /opt/certbot/bin/certbot /usr/local/bin/certbot
msg_ok "Set up Certbot"
fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "latest" "/opt/openresty" "openresty-*.tar.gz"
msg_info "Building OpenResty"
cd /opt/openresty
$STD ./configure \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_auth_request_module \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module
$STD make -j"$(nproc)"
$STD make install
rm -rf /opt/openresty
cat <<'EOF' >/lib/systemd/system/openresty.service
[Unit]
Description=The OpenResty Application Platform
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
ExecStartPre=/usr/local/openresty/nginx/sbin/nginx -t
ExecStart=/usr/local/openresty/nginx/sbin/nginx -g 'daemon off;'
[Install]
WantedBy=multi-user.target
EOF
msg_ok "Built OpenResty"
NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
RELEASE=$(get_latest_github_release "NginxProxyManager/nginx-proxy-manager")
fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "v${RELEASE}"
msg_info "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done
mkdir -p /var/www/html /etc/nginx/logs
cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf
mkdir -p /tmp/nginx/body \
/run/nginx \
/data/nginx \
/data/custom_ssl \
/data/logs \
/data/access \
/data/nginx/default_host \
/data/nginx/default_www \
/data/nginx/proxy_host \
/data/nginx/redirection_host \
/data/nginx/stream \
/data/nginx/dead_host \
/data/nginx/temp \
/var/lib/nginx/cache/public \
/var/lib/nginx/cache/private \
/var/cache/nginx/proxy_temp
chmod -R 777 /var/cache/nginx
chown root /tmp/nginx
echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
$STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
fi
mkdir -p /app/frontend/images
cp -r /opt/nginxproxymanager/backend/* /app
msg_ok "Set up Environment"
msg_info "Building Frontend"
export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
cd /opt/nginxproxymanager/frontend
# Replace node-sass with sass in package.json before installation
sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
$STD yarn install --network-timeout 600000
$STD yarn locale-compile
$STD yarn build
cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
msg_ok "Built Frontend"
msg_info "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
cat <<'EOF' >/app/config/production.json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "better-sqlite3",
"connection": {
"filename": "/data/database.sqlite"
},
"useNullAsDefault": true
}
}
}
EOF
fi
cd /app
$STD yarn install --network-timeout 600000
msg_ok "Initialized Backend"
msg_info "Creating Service"
cat <<'EOF' >/lib/systemd/system/npm.service
[Unit]
Description=Nginx Proxy Manager
After=network.target
Wants=openresty.service
[Service]
Type=simple
Environment=NODE_ENV=production
ExecStartPre=-mkdir -p /tmp/nginx/body /data/letsencrypt-acme-challenge
ExecStart=/usr/bin/node index.js --abort_on_uncaught_exception --max_old_space_size=250
WorkingDirectory=/app
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
msg_ok "Created Service"
msg_info "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
systemctl enable -q --now openresty
systemctl enable -q --now npm
msg_ok "Started Services"
motd_ssh
customize
cleanup_lxc

3
install/simplelogin-install.sh
View File

@@ -110,7 +110,7 @@ export NAMESERVERS="1.1.1.1"
export MEM_STORE_URI="redis://localhost:6379/1"
export OPENID_PRIVATE_KEY_PATH="/opt/simplelogin/openid-rsa.key"
export OPENID_PUBLIC_KEY_PATH="/opt/simplelogin/openid-rsa.pub"
$STD .venv/bin/flask db upgrade
$STD .venv/bin/alembic upgrade head
$STD .venv/bin/python init_app.py
msg_ok "Configured SimpleLogin"
@@ -224,6 +224,7 @@ ln -sf /etc/nginx/sites-available/simplelogin.conf /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default
$STD nginx -t
$STD systemctl enable --now nginx
$STD systemctl reload nginx
msg_ok "Configured Nginx"
motd_ssh

20
install/step-ca-install.sh
View File

@@ -22,27 +22,20 @@ setup_deb822_repo \
msg_info "Installing step-ca and step-cli"
$STD apt install -y step-ca step-cli
msg_ok "Installed step-ca and step-cli"
msg_info "Define smallstep environment variables"
STEPHOME="/root/.step"
$STD export STEPPATH=/etc/step-ca
$STD export STEPHOME=$STEPHOME
msg_ok "Defined smallstep environment variables"
msg_info "Add smallstep environment variables to /etc/profile"
$STD sed -i '1i export STEPPATH=/etc/step-ca' /etc/profile
$STD sed -i '1i export STEPHOME=/root/.step' /etc/profile
msg_ok "Added smallstep environment variables to /etc/profile"
msg_info "Authorize step-ca binary with low port-binding capabilities"
$STD setcap CAP_NET_BIND_SERVICE=+eip $(which step-ca)
msg_ok "Authorized low port-binding capabilities"
msg_info "Add a smallstep CA service user - Will only be used by systemd to manage the CA"
$STD useradd --user-group --system --home $(step path) --shell /bin/false step
msg_ok "Created smallstep CA service user"
msg_ok "Installed step-ca and step-cli"
msg_info "Initializing step-ca"
DeploymentType="standalone"
FQDN=$(hostname -f)
DomainName=$(hostname -d)
@@ -77,7 +70,6 @@ X509DefaultDur=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step
done
msg_info "Initializing step-ca"
EncryptionPwdDir="$(step path)/encryption"
PwdFile="$EncryptionPwdDir/ca.pwd"
ProvisionerPwdFile="$EncryptionPwdDir/provisioner.pwd"
@@ -100,25 +92,19 @@ $STD step ca init \
ln -s "$PwdFile" "$(step path)/password.txt"
chown -R step:step $(step path)
chmod -R 700 $(step path)
msg_ok "Initialized step-ca"
msg_info "Add ACME provisioner"
$STD step ca provisioner add "$AcmeProvisioner" --type ACME --admin-name "$AcmeProvisioner"
msg_ok "Added ACME provisioner"
msg_info "Update provisioner configurations"
$STD step ca provisioner update "$PKIProvisioner" \
--x509-min-dur=$X509MinDur \
--x509-max-dur=$X509MaxDur \
--x509-default-dur=$X509DefaultDur \
--allow-renewal-after-expiry
$STD step ca provisioner update "$AcmeProvisioner" \
--x509-min-dur=$X509MinDur \
--x509-max-dur=$X509MaxDur \
--x509-default-dur=$X509DefaultDur \
--allow-renewal-after-expiry
msg_ok "Updated provisioner configurations"
msg_ok "Initialized step-ca"
msg_info "Start step-ca as a Daemon"
cat <<'EOF' >/etc/systemd/system/step-ca.service

2
install/twenty-install.sh
View File

@@ -31,7 +31,7 @@ export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
$STD corepack enable
$STD corepack prepare yarn@4.9.2 --activate
$STD yarn install --immutable || $STD yarn install
export NODE_OPTIONS="--max-old-space-size=3072"
export NODE_OPTIONS="--max-old-space-size=4096"
$STD npx nx run twenty-server:build
$STD npx nx build twenty-front
cp -r /opt/twenty/packages/twenty-front/build /opt/twenty/packages/twenty-server/dist/front

37
install/versitygw-install.sh
View File

@@ -1,37 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/versity/versitygw
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
fetch_and_deploy_gh_release "versitygw" "versity/versitygw" "binary"
msg_info "Configuring VersityGW"
mkdir -p /opt/versitygw-data
ACCESS_KEY=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-20)
SECRET_KEY=$(openssl rand -base64 36 | tr -dc 'a-zA-Z0-9' | cut -c1-40)
cat <<EOF >/etc/versitygw.d/gateway.conf
VGW_BACKEND=posix
VGW_BACKEND_ARG=/opt/versitygw-data
VGW_PORT=7070
ROOT_ACCESS_KEY_ID=${ACCESS_KEY}
ROOT_SECRET_ACCESS_KEY=${SECRET_KEY}
EOF
msg_ok "Configured VersityGW"
msg_info "Enabling Service"
systemctl enable -q --now versitygw@gateway
msg_ok "Enabled Service"
motd_ssh
customize
cleanup_lxc

4
json/discourse.json
View File

@@ -37,11 +37,11 @@
"type": "warning"
},
{
"text": "Admin user is created with username 'admin'. Set password in first login.",
"text": "Admin credentials are saved in `/root/discourse.creds` inside the container.",
"type": "info"
},
{
"text": "Configure SMTP settings in admin panel for email notifications.",
"text": "Configure SMTP settings in the admin panel (Admin > Settings > Email) for email notifications.",
"type": "info"
}
]

52
json/netboot-xyz.json Normal file
View File

@@ -0,0 +1,52 @@
{
"name": "netboot.xyz",
"slug": "netboot-xyz",
"categories": [
4
],
"date_created": "2026-03-20",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 80,
"documentation": "https://netboot.xyz/docs/",
"website": "https://netboot.xyz/",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/netboot-xyz.webp",
"config_path": "/var/www/html/boot.cfg",
"description": "netboot.xyz is a network boot utility that lets you boot into any type of operating system or utility disk directly from a BIOS/UEFI, without needing a physical boot media. It uses iPXE to present a user-friendly menu of operating systems and tools.",
"install_methods": [
{
"type": "default",
"script": "ct/netboot-xyz.sh",
"resources": {
"cpu": 1,
"ram": 512,
"hdd": 8,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "Configure your DHCP server: set `next-server` to the container IP, and `boot-filename` to `netboot.xyz.efi` (UEFI) or `netboot.xyz.kpxe` (BIOS/legacy).",
"type": "info"
},
{
"text": "For UEFI HTTP boot (no DHCP changes required), load the bootloader directly from your firmware: `http://IP/netboot.xyz.efi`.",
"type": "info"
},
{
"text": "Customize menus by editing `/var/www/html/boot.cfg`. Changes are picked up immediately — no service restart needed.",
"type": "info"
},
{
"text": "TFTP is available on port 69/UDP and HTTP on port 80, both serving from `/var/www/html`.",
"type": "info"
}
]
}

6
json/simplelogin.json
View File

@@ -33,7 +33,11 @@
},
"notes": [
{
"text": "After installation, update EMAIL_DOMAIN in /opt/simplelogin/.env with your actual domain and configure DNS (MX, SPF, DKIM) accordingly.",
"text": "After installation, update EMAIL_DOMAIN and URL in /opt/simplelogin/.env with your actual domain and configure DNS (MX, SPF, DKIM) accordingly.",
"type": "warning"
},
{
"text": "A working SMTP setup (Postfix + valid domain/DNS) is required. Registration sends an activation email that must be delivered.",
"type": "warning"
},
{

2
json/twenty.json
View File

@@ -20,7 +20,7 @@
"script": "ct/twenty.sh",
"resources": {
"cpu": 4,
"ram": 8192,
"ram": 10240,
"hdd": 20,
"os": "Debian",
"version": "13"

48
json/versitygw.json
View File

@@ -1,48 +0,0 @@
{
"name": "VersityGW",
"slug": "versitygw",
"categories": [
11
],
"date_created": "2026-03-10",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 7070,
"documentation": "https://github.com/versity/versitygw/wiki",
"config_path": "/etc/versitygw.d/gateway.conf",
"website": "https://www.versity.com/",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/versitygw.webp",
"description": "VersityGW is a high-performance, cloud-native S3-compatible gateway that provides S3 API access to various storage backends including POSIX filesystems.",
"install_methods": [
{
"type": "default",
"script": "ct/versitygw.sh",
"resources": {
"cpu": 2,
"ram": 2048,
"hdd": 8,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "S3 access credentials are generated during installation and stored in /etc/versitygw.d/gateway.conf",
"type": "info"
},
{
"text": "Data is stored in /opt/versitygw-data (POSIX backend)",
"type": "info"
},
{
"text": "Use any S3-compatible client to connect to the gateway endpoint",
"type": "info"
}
]
}

2
misc/build.func
View File

@@ -4796,7 +4796,7 @@ EOF'
if [[ "$is_cmd_not_found" == true ]]; then
local missing_cmd=""
if [[ -f "$combined_log" ]]; then
missing_cmd=$(grep -oiE '[a-zA-Z0-9_.-]+: command not found' "$combined_log" | tail -1 | sed 's/: command not found//')
missing_cmd=$(grep -oiE '[a-zA-Z0-9_.-]+: command not found' "$combined_log" | tail -1 | sed 's/: command not found//' || true)
fi
if [[ -n "$missing_cmd" ]]; then
echo -e "${TAB}${INFO} Missing command: ${GN}${missing_cmd}${CL}"