Konstantin/ProxmoxVED
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Konstantin:delete_files_teleport
Branches Tags
Konstantin:main Konstantin:delete_files_versitygw Konstantin:delete_files_isponsorblocktv Konstantin:delete_files_alpine-wakapi Konstantin:delete_files_teleport Konstantin:feature/pocketbase-bot Konstantin:MickLesk-patch-3-1 Konstantin:delete_files_split-pro Konstantin:delete_files_gluetun Konstantin:delete_files_anytype-server Konstantin:delete_files_yamtrack Konstantin:arm64-dev-build Konstantin:michelroegl-brunner-patch-2 Konstantin:michelroegl-brunner-patch-1 Konstantin:update_versions Konstantin:github-action-update-changelog Konstantin:change_to_gitea
..
compare: Konstantin:main
Branches Tags
Konstantin:main Konstantin:delete_files_versitygw Konstantin:delete_files_isponsorblocktv Konstantin:delete_files_alpine-wakapi Konstantin:delete_files_teleport Konstantin:feature/pocketbase-bot Konstantin:MickLesk-patch-3-1 Konstantin:delete_files_split-pro Konstantin:delete_files_gluetun Konstantin:delete_files_anytype-server Konstantin:delete_files_yamtrack Konstantin:arm64-dev-build Konstantin:michelroegl-brunner-patch-2 Konstantin:michelroegl-brunner-patch-1 Konstantin:update_versions Konstantin:github-action-update-changelog Konstantin:change_to_gitea

35 Commits
delete_fil ... main

Author SHA1 Message Date
Tobias
e76681ed8e Improve stale PR auto-labeling and management 
Enhance stale PR management by auto-labeling PRs with no activity in the last 14 days and maintaining existing stale PR handling.
 2026-03-22 13:58:26 +01:00
Tobias
87bb2a34ca Merge pull request #1603 from heinemannj/patch-1 
Enhance step-ca installation and initialization process
 2026-03-22 10:30:41 +01:00
github-actions[bot]
2b907821a7 Delete versitygw (ct) after migration to ProxmoxVE (#1604) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-22 08:40:58 +00:00
MickLesk
96d9835d79 refactor(nginxproxymanager): use version-agnostic sed and revert to Debian 12 2026-03-21 19:39:59 +01:00
MickLesk
bba8577237 refactor(nginxproxymanager): clean up install and update scripts 
Install script:
- Merge dependency blocks into one
- Remove pre-installed ca-certificates
- Use get_latest_github_release instead of curl/grep/awk
- Re-enable systemctl enable openresty
- Remove redundant systemctl restart

CT update script:
- Bump var_version to 13 (Trixie)
- Use apt instead of apt-get (project convention)
- Add $STD to apt purge/autoremove
- Use get_latest_github_release
- Remove redundant systemctl restart after enable --now
 2026-03-21 19:34:42 +01:00
MickLesk
b4a824b9a1 fix(nginxproxymanager): add missing OpenResty modules for NPM 
Add --with-http_sub_module and --with-http_auth_request_module
to OpenResty configure flags. NPM needs auth_request for access
list subrequests and sub_filter for response rewriting.
 2026-03-21 19:23:30 +01:00
MickLesk
bd5e20237f test 2026-03-21 19:20:00 +01:00
MickLesk
96fc169f4b fix(build): prevent error handler crash from pipefail on grep 
The missing_cmd grep pipeline in the install error handler runs
under set -o pipefail. When grep finds no match (exit 1), the
entire pipeline fails and triggers the ERR trap recursively,
crashing the recovery menu. Add || true to suppress this.
 2026-03-21 19:16:33 +01:00
MickLesk
74007d3f72 fix(nginxproxymanager): add missing systemctl daemon-reload before enable 
Without daemon-reload, systemd doesn't know about the new
openresty.service unit file, causing enable --now to fail.
 2026-03-21 19:12:04 +01:00
MickLesk
7fec6ed156 fix(nginxproxymanager): reorder update to migrate OpenResty from apt to source 
- Move OpenResty apt removal + source build before environment setup
- Ensures symlinks and configs point to freshly built OpenResty
- Use simplified systemd service (Type=simple, daemon off)
- Remove duplicate OpenResty build block
 2026-03-21 19:08:39 +01:00
MickLesk
a6921a33f3 fix(nginxproxymanager): simplify openresty service for LXC compatibility 
- Switch from Type=forking to Type=simple with 'daemon off;'
- Remove PIDFile, ExecReload, ExecStop (systemd handles these)
- Remove PrivateTmp=true (incompatible with LXC containers)
 2026-03-21 19:02:08 +01:00
MickLesk
fde17c12ed testing npm openresty 2026-03-21 18:49:47 +01:00
Joerg Heinemann
16f7904371 Enhance step-ca installation and initialization process 
First change to reduce the amount of status msg_xxx blocks.

To be continued after merging and testing.
 2026-03-21 14:57:03 +01:00
CanbiZ (MickLesk)
eb0a973c62 docs(netboot-xyz): fix guide — all 31 assets, 8GB disk, proper headings 2026-03-20 16:08:17 +01:00
CanbiZ (MickLesk)
0deb262d5f docs(netboot-xyz): update guide — all 31 assets, 8GB disk, fix lint errors 2026-03-20 16:05:44 +01:00
CanbiZ (MickLesk)
91950cc983 fix(netboot-xyz): download all 31 release assets, bump disk to 8GB 2026-03-20 15:23:33 +01:00
CanbiZ (MickLesk)
f0fc1aff4e fix(netboot-xyz): download all bootloaders + add /ipxe/ nginx alias to fix 404s 2026-03-20 15:20:07 +01:00
CanbiZ (MickLesk)
13a836c44d fix(netboot-xyz): rename install script to match APP name (netboot.xyz-install.sh) 2026-03-20 15:05:14 +01:00
CanbiZ (MickLesk)
7df3ff5ece testing netboot as lxc 2026-03-20 15:00:39 +01:00
CanbiZ (MickLesk)
1f3970fcf7 fix(discourse): update notes with creds path 2026-03-20 14:52:31 +01:00
CanbiZ (MickLesk)
8c3ebdd166 fix(discourse): nginx serve static assets from public/, fix JS/font 404s 2026-03-20 14:50:44 +01:00
CanbiZ (MickLesk)
8883957393 fix(discourse): create admin via rails runner, fix invalid email 2026-03-20 14:48:11 +01:00
CanbiZ (MickLesk)
a21f901a1a fix(versitygw): add colon prefix to VGW_PORT (:7070) 2026-03-20 14:32:31 +01:00
CanbiZ (MickLesk)
d2c4288395 fix(versitygw): move WebGUI prompt before msg_info spinner 2026-03-20 14:15:59 +01:00
CanbiZ (MickLesk)
9066f6511a fix(discourse): nginx reload, db:seed, sidekiq queues, skip email verification 2026-03-20 14:09:48 +01:00
CanbiZ (MickLesk)
c281d7ce68 fix(simplelogin): reload nginx after config, add SMTP note 2026-03-20 14:08:07 +01:00
CanbiZ (MickLesk)
e7f51e92d2 OOM 2026-03-20 13:59:50 +01:00
CanbiZ (MickLesk)
70914c20a2 Add optional VersityGW WebGUI support 
Prompt the user during install to enable the beta VersityGW WebGUI and, if accepted, append VGW_WEBUI_PORT=:7071 and VGW_WEBUI_NO_TLS=true to /etc/versitygw.d/gateway.conf. Update the installer to report that the WebGUI will be enabled and modify the completion script to display the WebGUI URL (http://<IP>:7071) when the config contains VGW_WEBUI_PORT. Keeps existing access/key generation and default gateway port unchanged.
 2026-03-20 13:58:57 +01:00
CanbiZ (MickLesk)
97b44d8a26 Switch to alembic migrations and pitchfork 
Replace calls to `flask db upgrade` with `alembic upgrade head` in SimpleLogin install and update scripts so migrations are executed via Alembic in the virtualenv. For Discourse, remove in-place puma.rb sed tweaks (socket bind and stdout redirect) and update the systemd ExecStart to run `pitchfork -c config/pitchfork.conf.rb` instead of invoking puma directly, using Discourse's recommended process manager.
 2026-03-20 13:57:43 +01:00
github-actions[bot]
055abcb99f Delete isponsorblocktv (ct) after migration to ProxmoxVE (#1600) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-20 12:31:09 +00:00
github-actions[bot]
b76e25910d Delete alpine-wakapi (ct) after migration to ProxmoxVE (#1599) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-20 12:24:46 +00:00
CanbiZ (MickLesk)
34250d6adf Update move-to-main-repo.yaml 2026-03-20 13:23:59 +01:00
CanbiZ (MickLesk)
7738065237 Enhance PocketBase workflow; fix installer scripts 
Workflow: add push trigger for main branch on json/*.json and update the "Get JSON file for script" step to handle both workflow_dispatch and push events. The step now collects changed json/*.json files, validates each has a .slug with jq, ignores metadata/update-apps.json/versions.json, writes changed_app_jsons.txt, and sets a count output for downstream steps.

Installer & ct scripts: normalize indentation/formatting, ensure aliases.json and plugin-settings.json are initialized as {} and repos.json as [] when missing, and add missing trailing newlines. These changes improve robustness and shellcheck friendliness and make the workflow respond to direct pushes of app JSON files.
 2026-03-20 13:21:50 +01:00
CanbiZ (MickLesk)
b833eb68eb Add degoog CT/install/metadata and update docs 
Introduce degoog support: add ct/degoog.sh (container orchestration and update handler), install/degoog-install.sh (in-container install using Bun, deploy prebuilt release, create systemd service on port 4444) and json/degoog.json (app metadata and default resources). ct script includes update routine with backups, Bun install, and fetch_and_deploy_gh_release usage. Also update documentation: refine contribution guide (CONTRIBUTING.md) with fork/testing workflow, templates, and metadata guidance; expand misc README to reflect canonical misc/* function library responsibilities and references.
 2026-03-20 12:31:43 +01:00
github-actions[bot]
cc8dd29f63 Delete teleport (ct) after migration to ProxmoxVE (#1597) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-03-20 08:06:53 +00:00
34 changed files with 1484 additions and 629 deletions
Expand all files Collapse all files

19
.github/workflows/move-to-main-repo.yaml generated vendored
View File

@@ -39,11 +39,22 @@ jobs:
env:
GH_TOKEN: ${{ github.token }}
run: |
echo "Filtering Issues with Label Migration To ProxmoxVE"
raw_output=$(gh issue list --json title,labels,number,body)
filtered_issue=$(echo "$raw_output" | jq -r '[.[] | select(.labels[]?.name == "Migration To ProxmoxVE")][0]')
echo "Resolving issue with label Migration To ProxmoxVE"
if [ "$filtered_issue" == "null" ] || [ -z "$filtered_issue" ]; then
if [[ "${{ github.event_name }}" == "issues" ]]; then
# For labeled issue events, use the exact issue from event payload.
filtered_issue='${{ toJson(github.event.issue) }}'
else
# Fallback for workflow_dispatch: query explicitly by label and raise limit.
raw_output=$(gh issue list \
--label "Migration To ProxmoxVE" \
--state open \
--limit 500 \
--json title,labels,number,body)
filtered_issue=$(echo "$raw_output" | jq -c '.[0]')
fi
if [[ "$filtered_issue" == "null" ]] || [[ -z "$filtered_issue" ]]; then
echo "No issues found with label 'Migration To ProxmoxVE'."
exit 1
fi

53
.github/workflows/push_json_to_pocketbase.yml generated vendored
View File

@@ -1,6 +1,11 @@
name: Push JSON changes to PocketBase
on:
push:
branches:
- main
paths:
- "json/*.json"
workflow_dispatch:
inputs:
script_slug:
@@ -20,20 +25,52 @@ jobs:
- name: Get JSON file for script
id: changed
run: |
script_slug="${{ github.event.inputs.script_slug }}"
file="json/${script_slug}.json"
if [[ ! -f "$file" ]]; then
echo "No JSON file at $file."
: > changed_app_jsons.txt
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
script_slug="${{ github.event.inputs.script_slug }}"
file="json/${script_slug}.json"
if [[ ! -f "$file" ]]; then
echo "No JSON file at $file."
echo "count=0" >> "$GITHUB_OUTPUT"
exit 0
fi
if ! jq -e '.slug' "$file" >/dev/null 2>&1; then
echo "File $file has no .slug."
echo "count=0" >> "$GITHUB_OUTPUT"
exit 0
fi
echo "$file" > changed_app_jsons.txt
echo "count=1" >> "$GITHUB_OUTPUT"
exit 0
fi
changed=$(git diff --name-only "${{ github.event.before }}" "${{ github.event.after }}" -- json/*.json || true)
if [[ -z "$changed" ]]; then
echo "No JSON files changed under json/*.json."
echo "count=0" >> "$GITHUB_OUTPUT"
exit 0
fi
if ! jq -e '.slug' "$file" >/dev/null 2>&1; then
echo "File $file has no .slug."
count=0
for file in $changed; do
[[ -f "$file" ]] || continue
if [[ "$file" == "json/metadata.json" || "$file" == "json/update-apps.json" || "$file" == "json/versions.json" ]]; then
continue
fi
if jq -e '.slug' "$file" >/dev/null 2>&1; then
echo "$file" >> changed_app_jsons.txt
count=$((count + 1))
fi
done
if [[ $count -eq 0 ]]; then
echo "No app JSON files with .slug found in this push."
echo "count=0" >> "$GITHUB_OUTPUT"
exit 0
fi
echo "$file" > changed_app_jsons.txt
echo "count=1" >> "$GITHUB_OUTPUT"
echo "count=$count" >> "$GITHUB_OUTPUT"
- name: Push to PocketBase
if: steps.changed.outputs.count != '0'

81
.github/workflows/stale_pr_close.yml generated vendored
View File

@@ -22,7 +22,7 @@ jobs:
const now = new Date();
const owner = context.repo.owner;
const repo = context.repo.repo;
// --- When stale label is added, comment immediately ---
if (context.eventName === "pull_request_target" && context.payload.action === "labeled") {
const label = context.payload.label?.name;
@@ -37,19 +37,74 @@ jobs:
}
return;
}
// --- Scheduled run: check all stale PRs ---
// --- Scheduled run: fetch all open PRs ---
const { data: prs } = await github.rest.pulls.list({
owner,
repo,
state: "open",
per_page: 100
});
for (const pr of prs) {
const hasStale = pr.labels.some(l => l.name === "stale");
if (!hasStale) continue;
const labels = pr.labels.map(l => l.name);
const hasStale = labels.includes("stale");
const hasKeepOpen = labels.includes("keep-open");
// -------------------------------------------------------
// NEW: Auto-label PRs with no activity in the last 14 days
// -------------------------------------------------------
if (!hasStale && !hasKeepOpen) {
// Find the most recent commit date
const { data: commits } = await github.rest.pulls.listCommits({
owner,
repo,
pull_number: pr.number
});
const lastCommitDate = commits.length > 0
? new Date(commits[commits.length - 1].commit.author.date)
: new Date(pr.created_at);
// Find the most recent non-bot comment date
const { data: comments } = await github.rest.issues.listComments({
owner,
repo,
issue_number: pr.number,
per_page: 100
});
const humanComments = comments.filter(c => c.user?.type !== "Bot");
const lastCommentDate = humanComments.length > 0
? new Date(humanComments[humanComments.length - 1].created_at)
: null;
// Most recent activity across commits and comments
const lastActivityDate = lastCommentDate && lastCommentDate > lastCommitDate
? lastCommentDate
: lastCommitDate;
const daysSinceActivity = (now - lastActivityDate) / (1000 * 60 * 60 * 24);
if (daysSinceActivity > 14) {
await github.rest.issues.addLabels({
owner,
repo,
issue_number: pr.number,
labels: ["stale"]
});
// The pull_request_target labeled event will fire the comment automatically.
// Skip further processing for this PR in this run.
continue;
}
// Not stale, nothing else to do for this PR.
continue;
}
// -------------------------------------------------------
// EXISTING: Manage already-stale PRs
// -------------------------------------------------------
if (!hasStale) continue; // has keep-open but not stale — skip
// Get timeline events to find when stale label was added
const { data: events } = await github.rest.issues.listEvents({
owner,
@@ -57,27 +112,27 @@ jobs:
issue_number: pr.number,
per_page: 100
});
// Find the most recent time the stale label was added
const staleLabelEvents = events
.filter(e => e.event === "labeled" && e.label?.name === "stale")
.sort((a, b) => new Date(b.created_at) - new Date(a.created_at));
if (staleLabelEvents.length === 0) continue;
const staleLabelDate = new Date(staleLabelEvents[0].created_at);
const daysSinceStale = (now - staleLabelDate) / (1000 * 60 * 60 * 24);
// Check for new commits since stale label was added
const { data: commits } = await github.rest.pulls.listCommits({
owner,
repo,
pull_number: pr.number
});
const lastCommitDate = new Date(commits[commits.length - 1].commit.author.date);
const author = pr.user.login;
// If there are new commits after the stale label, remove it
if (lastCommitDate > staleLabelDate) {
await github.rest.issues.removeLabel({

75
ct/alpine-wakapi.sh
View File

@@ -1,75 +0,0 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Slaviša Arežina (tremor021)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://wakapi.dev/ | https://github.com/muety/wakapi
APP="Alpine-Wakapi"
var_tags="${var_tags:-code;time-tracking}"
var_cpu="${var_cpu:-1}"
var_ram="${var_ram:-512}"
var_disk="${var_disk:-4}"
var_os="${var_os:-alpine}"
var_version="${var_version:-3.23}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -d /opt/wakapi ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
RELEASE=$(curl -s https://api.github.com/repos/muety/wakapi/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
if [ "${RELEASE}" != "$(cat ~/.wakapi 2>/dev/null)" ] || [ ! -f ~/.wakapi ]; then
msg_info "Stopping Wakapi Service"
$STD rc-service wakapi stop
msg_ok "Stopped Wakapi Service"
msg_info "Updating Wakapi LXC"
$STD apk -U upgrade
msg_ok "Updated Wakapi LXC"
msg_info "Creating backup"
mkdir -p /opt/wakapi-backup
cp /opt/wakapi/config.yml /opt/wakapi/wakapi_db.db /opt/wakapi-backup/
msg_ok "Created backup"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "tarball"
msg_info "Configuring Wakapi"
cd /opt/wakapi
$STD go mod download
$STD go build -o wakapi
cp /opt/wakapi-backup/config.yml /opt/wakapi/
cp /opt/wakapi-backup/wakapi_db.db /opt/wakapi/
rm -rf /opt/wakapi-backup
msg_ok "Configured Wakapi"
msg_info "Starting Service"
$STD rc-service wakapi start
msg_ok "Started Service"
msg_ok "Updated successfully"
else
msg_ok "No update required. ${APP} is already at ${RELEASE}"
fi
exit 0
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}"

73
ct/degoog.sh Normal file
View File

@@ -0,0 +1,73 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: vhsdream
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/fccview/degoog
APP="degoog"
var_tags="${var_tags:-search;privacy;plugins}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-2048}"
var_disk="${var_disk:-6}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -d /opt/degoog ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "degoog" "fccview/degoog"; then
msg_info "Stopping Service"
systemctl stop degoog
msg_ok "Stopped Service"
msg_info "Backing up Configuration & Data"
[[ -f /opt/degoog/.env ]] && cp /opt/degoog/.env /opt/degoog.env.bak
[[ -d /opt/degoog/data ]] && mv /opt/degoog/data /opt/degoog_data_backup
msg_ok "Backed up Configuration & Data"
if ! command -v bun >/dev/null 2>&1; then
msg_info "Installing Bun"
export BUN_INSTALL="/root/.bun"
curl -fsSL https://bun.sh/install | $STD bash
ln -sf /root/.bun/bin/bun /usr/local/bin/bun
ln -sf /root/.bun/bin/bunx /usr/local/bin/bunx
msg_ok "Installed Bun"
fi
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "degoog" "fccview/degoog" "prebuild" "latest" "/opt/degoog" "degoog_*_prebuild.tar.gz"
msg_info "Restoring Configuration & Data"
[[ -f /opt/degoog.env.bak ]] && mv /opt/degoog.env.bak /opt/degoog/.env
[[ -d /opt/degoog_data_backup ]] && mv /opt/degoog_data_backup /opt/degoog/data
msg_ok "Restored Configuration & Data"
msg_info "Starting Service"
systemctl start degoog
msg_ok "Started Service"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:4444${CL}"

4
ct/discourse.sh
View File

@@ -73,5 +73,5 @@ msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"
echo -e "${INFO}${YW} Admin Setup:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}Create the first account in the web UI (use admin@local to match developer emails)${CL}"
echo -e "${INFO}${YW} Credentials saved in:${CL}"
echo -e "${TAB}/root/discourse.creds"

55
ct/isponsorblocktv.sh
View File

@@ -1,55 +0,0 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Matthew Stern (sternma) | MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/dmunozv04/iSponsorBlockTV
APP="iSponsorBlockTV"
var_tags="${var_tags:-media;automation}"
var_cpu="${var_cpu:-1}"
var_ram="${var_ram:-1024}"
var_disk="${var_disk:-4}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -d /opt/isponsorblocktv ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "isponsorblocktv" "dmunozv04/iSponsorBlockTV"; then
msg_info "Stopping Service"
systemctl stop isponsorblocktv
msg_ok "Stopped Service"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "isponsorblocktv" "dmunozv04/iSponsorBlockTV" "singlefile" "latest" "/opt/isponsorblocktv" "iSponsorBlockTV-*-linux"
msg_info "Starting Service"
systemctl start isponsorblocktv
msg_ok "Started Service"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Run the setup wizard inside the container with:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}iSponsorBlockTV setup${CL}"

87
ct/netboot-xyz.sh Normal file
View File

@@ -0,0 +1,87 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Michel Roegl-Brunner (michelroegl-brunner)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://netboot.xyz
APP="netboot.xyz"
var_tags="${var_tags:-network;pxe;boot}"
var_cpu="${var_cpu:-1}"
var_ram="${var_ram:-512}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f ~/.netboot-xyz ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "netboot-xyz" "netbootxyz/netboot.xyz"; then
msg_info "Backing up Configuration"
cp /var/www/html/boot.cfg /opt/netboot-xyz-boot.cfg.bak
msg_ok "Backed up Configuration"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "netboot-xyz" "netbootxyz/netboot.xyz" "prebuild" "latest" "/var/www/html" "menus.tar.gz"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-undionly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-undionly.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-lkrn" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.lkrn"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-linux-bin" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-linux.bin"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-pdsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.pdsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-checksums" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-sha256-checksums.txt"
msg_info "Restoring Configuration"
cp /opt/netboot-xyz-boot.cfg.bak /var/www/html/boot.cfg
rm -f /opt/netboot-xyz-boot.cfg.bak
msg_ok "Restored Configuration"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

225
ct/nginxproxymanager.sh Normal file
View File

@@ -0,0 +1,225 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: tteck (tteckster) | Co-Author: CrazyWolf13
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://nginxproxymanager.com/ | Github: https://github.com/NginxProxyManager/nginx-proxy-manager
APP="Nginx Proxy Manager"
var_tags="${var_tags:-proxy}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-2048}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-12}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f /lib/systemd/system/npm.service ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if [[ $(grep -E '^VERSION_ID=' /etc/os-release) == *"12"* ]]; then
msg_error "Wrong Debian version detected!"
msg_error "Please create a snapshot first. You must upgrade your LXC to Debian Trixie before updating. Visit: https://github.com/community-scripts/ProxmoxVE/discussions/7489"
exit
fi
if command -v node &>/dev/null; then
CURRENT_NODE_VERSION=$(node --version | cut -d'v' -f2 | cut -d'.' -f1)
if [[ "$CURRENT_NODE_VERSION" != "22" ]]; then
systemctl stop openresty
$STD apt purge -y nodejs npm
$STD apt autoremove -y
rm -rf /usr/local/bin/node /usr/local/bin/npm
rm -rf /usr/local/lib/node_modules
rm -rf ~/.npm
rm -rf /root/.npm
fi
fi
NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
RELEASE=$(get_latest_github_release "NginxProxyManager/nginx-proxy-manager")
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "v${RELEASE}" "/opt/nginxproxymanager"
msg_info "Stopping Services"
systemctl stop openresty
systemctl stop npm
msg_ok "Stopped Services"
msg_info "Cleaning old files"
$STD rm -rf /app \
/var/www/html \
/etc/nginx \
/var/log/nginx \
/var/lib/nginx \
/var/cache/nginx
msg_ok "Cleaned old files"
msg_info "Migrating to OpenResty from source"
rm -f /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg /etc/apt/trusted.gpg.d/openresty.gpg
rm -f /etc/apt/sources.list.d/openresty.list /etc/apt/sources.list.d/openresty.sources
if dpkg -l openresty &>/dev/null; then
$STD apt remove -y openresty
$STD apt autoremove -y
fi
$STD apt install -y build-essential libpcre3-dev libssl-dev zlib1g-dev
msg_ok "Migrated to OpenResty from source"
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "latest" "/opt/openresty" "openresty-*.tar.gz"
msg_info "Building OpenResty"
cd /opt/openresty
$STD ./configure \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_auth_request_module \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module
$STD make -j"$(nproc)"
$STD make install
rm -rf /opt/openresty
cat <<'EOF' >/lib/systemd/system/openresty.service
[Unit]
Description=The OpenResty Application Platform
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
ExecStartPre=/usr/local/openresty/nginx/sbin/nginx -t
ExecStart=/usr/local/openresty/nginx/sbin/nginx -g 'daemon off;'
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
msg_ok "Built OpenResty"
msg_info "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done
mkdir -p /var/www/html /etc/nginx/logs
cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf
mkdir -p /tmp/nginx/body \
/run/nginx \
/data/nginx \
/data/custom_ssl \
/data/logs \
/data/access \
/data/nginx/default_host \
/data/nginx/default_www \
/data/nginx/proxy_host \
/data/nginx/redirection_host \
/data/nginx/stream \
/data/nginx/dead_host \
/data/nginx/temp \
/var/lib/nginx/cache/public \
/var/lib/nginx/cache/private \
/var/cache/nginx/proxy_temp
chmod -R 777 /var/cache/nginx
chown root /tmp/nginx
echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
$STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
fi
mkdir -p /app/frontend/images
cp -r /opt/nginxproxymanager/backend/* /app
msg_ok "Set up Environment"
msg_info "Building Frontend"
export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
cd /opt/nginxproxymanager/frontend
# Replace node-sass with sass in package.json before installation
sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
$STD yarn install --network-timeout 600000
$STD yarn locale-compile
$STD yarn build
cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
msg_ok "Built Frontend"
msg_info "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
cat <<'EOF' >/app/config/production.json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "better-sqlite3",
"connection": {
"filename": "/data/database.sqlite"
},
"useNullAsDefault": true
}
}
}
EOF
fi
sed -i 's/"client": "sqlite3"/"client": "better-sqlite3"/' /app/config/production.json
cd /app
$STD yarn install --network-timeout 600000
msg_ok "Initialized Backend"
msg_info "Updating Certbot"
if [ -d /opt/certbot ]; then
$STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
$STD /opt/certbot/bin/pip install --upgrade certbot certbot-dns-cloudflare
fi
msg_ok "Updated Certbot"
msg_info "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
systemctl daemon-reload
systemctl enable -q --now openresty
systemctl enable -q --now npm
msg_ok "Started Services"
msg_ok "Updated successfully!"
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:81${CL}"

2
ct/simplelogin.sh
View File

@@ -53,7 +53,7 @@ function update_script() {
msg_info "Running Database Migrations"
cd /opt/simplelogin
cp /opt/simplelogin_env.bak /opt/simplelogin/.env
$STD .venv/bin/flask db upgrade
$STD .venv/bin/alembic upgrade head
msg_ok "Ran Database Migrations"
msg_info "Restoring Data"

2
ct/twenty.sh
View File

@@ -9,7 +9,7 @@ source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxV
APP="Twenty"
var_tags="${var_tags:-crm;business;contacts}"
var_cpu="${var_cpu:-4}"
var_ram="${var_ram:-8192}"
var_ram="${var_ram:-10240}"
var_disk="${var_disk:-20}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"

54
ct/versitygw.sh
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/versity/versitygw
APP="VersityGW"
var_tags="${var_tags:-s3;storage;gateway}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-2048}"
var_disk="${var_disk:-8}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f /usr/bin/versitygw ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "versitygw" "versity/versitygw"; then
msg_info "Stopping Service"
systemctl stop versitygw@gateway
msg_ok "Stopped Service"
fetch_and_deploy_gh_release "versitygw" "versity/versitygw" "binary"
msg_info "Starting Service"
systemctl start versitygw@gateway
msg_ok "Started Service"
msg_ok "Updated successfully!"
fi
exit
}
start
build_container
description
msg_ok "Completed Successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:7070${CL}"

142
docs/contribution/CONTRIBUTING.md
View File

@@ -1,106 +1,142 @@
# Community Scripts Contribution Guide
## **Welcome to the communty-scripts Repository!**
## Welcome to the community-scripts repository
📜 These documents outline the essential coding standards for all our scripts and JSON files. Adhering to these standards ensures that our codebase remains consistent, readable, and maintainable. By following these guidelines, we can improve collaboration, reduce errors, and enhance the overall quality of our project.
These documents outline the coding standards and contribution flow for the ProxmoxVED repository.
### Why Coding Standards Matter
The important reality check is simple:
Coding standards are crucial for several reasons:
- contributors primarily submit shell scripts
- website metadata is **not** contributed as repo JSON files
- metadata changes belong to the website / maintainer workflow
1. **Consistency**: Consistent code is easier to read, understand, and maintain. It helps new team members quickly get up to speed and reduces the learning curve.
2. **Readability**: Clear and well-structured code is easier to debug and extend. It allows developers to quickly identify and fix issues.
3. **Maintainability**: Code that follows a standard structure is easier to refactor and update. It ensures that changes can be made with minimal risk of introducing new bugs.
4. **Collaboration**: When everyone follows the same standards, it becomes easier to collaborate on code. It reduces friction and misunderstandings during code reviews and merges.
## Scope of these documents
### Scope of These Documents
This contribution guide covers:
These documents cover the coding standards for the following types of files in our project:
- `ct/$AppName.sh` scripts for container creation and update entrypoints
- `install/$AppName-install.sh` scripts for in-container installation logic
- the supporting workflow for testing from your fork before opening a PR
- **`install/$AppName-install.sh` Scripts**: These scripts are responsible for the installation of applications.
- **`ct/$AppName.sh` Scripts**: These scripts handle the creation and updating of containers.
- **`json/$AppName.json`**: These files store structured data and are used for the website.
## Getting started
Each section provides detailed guidelines on various aspects of coding, including shebang usage, comments, variable naming, function naming, indentation, error handling, command substitution, quoting, script structure, and logging. Additionally, examples are provided to illustrate the application of these standards.
Before contributing, set up:
By following the coding standards outlined in this document, we ensure that our scripts and JSON files are of high quality, making our project more robust and easier to manage. Please refer to this guide whenever you create or update scripts and JSON files to maintain a high standard of code quality across the project. 📚🔍
1. Visual Studio Code or another editor with ShellCheck support
2. a fork of `community-scripts/ProxmoxVED`
3. a local clone of your fork
Let's work together to keep our codebase clean, efficient, and maintainable! 💪🚀
### Recommended extensions
- [Shell Syntax](https://marketplace.visualstudio.com/items?itemName=bmalehorn.shell-syntax)
- [ShellCheck](https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck)
- [Shell Format](https://marketplace.visualstudio.com/items?itemName=foxundermoon.shell-format)
## Getting Started
### Templates
Before contributing, please ensure that you have the following setup:
Use these templates as your starting point:
1. **Visual Studio Code** (recommended for script development)
2. **Recommended VS Code Extensions:**
- [Shell Syntax](https://marketplace.visualstudio.com/items?itemName=bmalehorn.shell-syntax)
- [ShellCheck](https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck)
- [Shell Format](https://marketplace.visualstudio.com/items?itemName=foxundermoon.shell-format)
- [CT template: `AppName.sh`](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/ct/AppName.sh)
- [Install template: `AppName-install.sh`](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.sh)
### Important Notes
- Use [AppName.sh](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/ct/AppName.sh) and [AppName-install.sh](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.sh) as templates when creating new scripts.
## Script types
---
### Application script: `ct/AppName.sh`
# 🚀 The Application Script (ct/AppName.sh)
Reference guide:
- You can find all coding standards, as well as the structure for this file [here](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/ct/AppName.md).
- These scripts are responsible for container creation, setting the necessary variables and handling the update of the application once installed.
- [CT coding guide for `AppName.sh`](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/ct/AppName.md)
---
This script is responsible for:
# 🛠 The Installation Script (install/AppName-install.sh)
- host-side container orchestration
- app variables and defaults
- update wiring for the installed app
- You can find all coding standards, as well as the structure for this file [here](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.md).
- These scripts are responsible for the installation of the application.
### Installation script: `install/AppName-install.sh`
---
Reference guide:
## 🚀 Building Your Own Scripts
- [Install coding guide for `AppName-install.sh`](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.md)
Start with the [template script](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.sh)
This script is responsible for:
---
- container-internal installation logic
- package/runtime setup
- final application configuration
## 🤝 Contribution Process
## Contribution process
### 1. Fork the repository
Fork to your GitHub account
### 2. Clone your fork on your local environment
Fork `community-scripts/ProxmoxVED` to your GitHub account.
### 2. Clone your fork
```bash
git clone https://github.com/yourUserName/ForkName
```
### 3. Create a new branch
### 3. Create a branch
```bash
git switch -c your-feature-branch
```
### 4. Change paths in build.func install.func and AppName.sh
To be able to develop from your own branch you need to change `https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main` to `https://raw.githubusercontent.com/[USER]/[REPOSITORY]/refs/heads/[BRANCH]`. You need to make this change atleast in misc/build.func misc/install.func and in your ct/AppName.sh. This change is only for testing. Before opening a Pull Request you should change this line change all this back to point to `https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main`.
### 4. Configure your fork for testing
Use the helper script:
```bash
bash docs/contribution/setup-fork.sh --full
```
This prepares the raw GitHub URLs in your working copy so you can test against your own fork instead of the upstream repository.
### 5. Build and test from your fork
Use the curl/bash execution model that matches real user behavior, for example:
```bash
bash -c "$(curl -fsSL https://raw.githubusercontent.com/<USER>/<REPO>/refs/heads/<BRANCH>/ct/myapp.sh)"
```
Do **not** document or optimize only for local manual execution if the real path is curl-based execution.
### 6. Commit only your intended contribution
### 4. Commit changes (without build.func and install.func!)
```bash
git commit -m "Your commit message"
```
### 5. Push to your fork
### 7. Push your branch
```bash
git push origin your-feature-branch
```
### 6. Create a Pull Request
Open a Pull Request from your feature branch to the main repository branch. You must only include your **$AppName.sh**, **$AppName-install.sh** and **$AppName.json** files in the pull request.
### 8. Open a pull request
---
Open a PR from your branch to `community-scripts/ProxmoxVED/main`.
## 📚 Pages
Your PR should contain only the files that belong to the script contribution itself, typically:
- `ct/myapp.sh`
- `install/myapp-install.sh`
## Website metadata
Website metadata is maintained outside this repository's script contribution flow.
That means:
- do not add repo JSON metadata files as part of the normal contribution path
- do not assume a `frontend/public/json/...` workflow exists for the live site
- route metadata creation or metadata changes through the website / maintainer workflow
## Pages
- [CT Template: AppName.sh](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/ct/AppName.sh)
- [Install Template: AppName-install.sh](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/install/AppName-install.sh)
- [JSON Template: AppName.json](https://github.com/community-scripts/ProxmoxVED/blob/main/.github/CONTRIBUTOR_AND_GUIDES/json/AppName.json)
- [Fork setup guide](./FORK_SETUP.md)
- [Contribution README](./README.md)

268
docs/guides/netboot-xyz.md Normal file
View File

@@ -0,0 +1,268 @@
# netboot.xyz — Self-Hosted PXE Boot Server on Proxmox
## What is netboot.xyz?
netboot.xyz is a **network boot (PXE) utility**. It lets any machine on your network boot from a menu of operating systems and tools — without a USB stick, CD/DVD, or pre-downloaded ISO.
Think of it like a universal boot menu that loads over the network.
### What your self-hosted container actually does
Your LXC container hosts only two things:
- **iPXE bootloader binaries** (`.efi`, `.kpxe` files — a few hundred KB each)
- **iPXE menu files** (plain text `.ipxe` scripts that define the menu structure)
That's it. The container serves ~80 MB of files total (bootloaders + menus).
When a machine PXE-boots, it:
1. Fetches the bootloader binary from your container (via TFTP or HTTP)
2. The bootloader loads the menu from your container
3. You pick an OS
4. The OS installer or live system loads **directly from upstream internet mirrors** at boot time
Your container is the **signpost**. The internet is the **library**.
> **Important:** Clients need internet access to actually install/boot an OS. Your container itself does not need to store or proxy OS images.
### What you can boot
| Category | Examples |
| ------------------ | ------------------------------------------------------------- |
| **OS Installers** | Debian, Ubuntu, Fedora, Rocky Linux, Alpine, Arch, NixOS, ... |
| **Live Systems** | Kali Live, Tails, Mint Live, Manjaro Live, ... |
| **Rescue Tools** | SystemRescue, Clonezilla, GParted, Rescuezilla, Memtest86 |
| **Virtualization** | Proxmox VE, Harvester, VMware ESXi |
| **BSD** | FreeBSD, OpenBSD |
| **Utilities** | ShredOS (disk wipe), DBAN, ZFSBootMenu, Super Grub2 |
---
## Installation
Run on your **Proxmox host**:
```bash
bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/ct/netboot-xyz.sh)"
```
Creates a minimal Debian 13 LXC container:
| Resource | Value |
| ----------- | ------ |
| CPU | 1 core |
| RAM | 512 MB |
| Disk | 8 GB |
| Port (HTTP) | 80/TCP |
| Port (TFTP) | 69/UDP |
After installation, the web interface is available at:
```
http://<container-ip>/
```
It shows a directory listing of all available bootloaders and menu files.
---
## How to PXE Boot a Machine
### Step 1 — Configure your DHCP server
Your DHCP server needs to tell PXE clients where to find the bootloader.
**Required settings:**
| Setting | Value |
| --------------------------- | ------------------ |
| Next Server (TFTP) | `<container-ip>` |
| Boot filename (UEFI) | `netboot.xyz.efi` |
| Boot filename (BIOS/Legacy) | `netboot.xyz.kpxe` |
**OPNsense / pfSense:**
`Services → DHCP Server → [interface] → Network Booting`
- _Enable_: checked
- _Next server_: `<container-ip>`
- _Default BIOS filename_: `netboot.xyz.kpxe`
- _UEFI 64-bit filename_: `netboot.xyz.efi`
**dnsmasq (Pi-hole, AdGuard Home, OpenWrt):**
```
dhcp-boot=netboot.xyz.kpxe,<container-ip> # BIOS
# or:
dhcp-boot=netboot.xyz.efi,<container-ip> # UEFI
```
**ISC DHCP (`dhcpd.conf`):**
```
next-server <container-ip>;
filename "netboot.xyz.efi";
```
### Step 2 — Enable PXE boot on your client
In the machine's BIOS/UEFI:
- Enable **Network Boot** / **PXE Boot**
- Set boot order: Network first (or select once via boot menu, usually F11/F12)
### Step 3 — Boot
Power on the machine. The iPXE bootloader loads from your container, shows the menu, and you navigate with arrow keys.
---
## UEFI HTTP Boot (no DHCP changes)
Modern UEFI firmware supports booting directly from an HTTP URL — no DHCP options needed.
Load the bootloader directly in the UEFI shell:
```
http://<container-ip>/netboot.xyz.efi
```
**Proxmox VMs:** Set the VM network boot URL in the UEFI shell, or use iPXE chaining in the VM BIOS.
---
## Available Bootloader Files
All files are served at `http://<container-ip>/` and `http://<container-ip>/ipxe/`:
### x86_64 UEFI
| File | Use case |
| ------------------------- | ----------------------------------------------- |
| `netboot.xyz.efi` | Standard UEFI — recommended starting point |
| `netboot.xyz.efi.dsk` | Virtual floppy/disk image of the EFI bootloader |
| `netboot.xyz-snp.efi` | UEFI SNP — tries all network devices |
| `netboot.xyz-snp.efi.dsk` | Disk image of SNP EFI bootloader |
| `netboot.xyz-snponly.efi` | UEFI SNP — only boots from chained device |
### x86_64 UEFI Metal (Secure Boot / code-signed)
| File | Use case |
| ------------------------------- | ------------------------------------------- |
| `netboot.xyz-metal.efi` | Secure Boot compatible UEFI bootloader |
| `netboot.xyz-metal.efi.dsk` | Disk image of metal EFI bootloader |
| `netboot.xyz-metal-snp.efi` | Secure Boot SNP — tries all network devices |
| `netboot.xyz-metal-snp.efi.dsk` | Disk image of metal SNP EFI bootloader |
| `netboot.xyz-metal-snponly.efi` | Secure Boot SNP — only chained device |
### x86_64 BIOS / Legacy
| File | Use case |
| --------------------------- | ------------------------------------------------- |
| `netboot.xyz.kpxe` | BIOS PXE — built-in iPXE NIC drivers |
| `netboot.xyz-undionly.kpxe` | BIOS PXE fallback — use if NIC has driver issues |
| `netboot.xyz-metal.kpxe` | BIOS PXE — Secure Boot / code-signed variant |
| `netboot.xyz.lkrn` | Kernel module — load from GRUB/EXTLINUX |
| `netboot.xyz-linux.bin` | Linux binary — chainload from existing Linux boot |
| `netboot.xyz.dsk` | Virtual floppy disk for DRAC/iLO, VMware, etc. |
| `netboot.xyz.pdsk` | Padded virtual floppy disk |
### ARM64
| File | Use case |
| ------------------------------------- | ------------------------------------------- |
| `netboot.xyz-arm64.efi` | ARM64 UEFI — standard |
| `netboot.xyz-arm64-snp.efi` | ARM64 UEFI SNP — tries all network devices |
| `netboot.xyz-arm64-snponly.efi` | ARM64 UEFI SNP — only chained device |
| `netboot.xyz-metal-arm64.efi` | ARM64 Secure Boot UEFI |
| `netboot.xyz-metal-arm64-snp.efi` | ARM64 Secure Boot SNP |
| `netboot.xyz-metal-arm64-snponly.efi` | ARM64 Secure Boot SNP — only chained device |
### ISO / IMG (for media creation or virtual boot)
| File | Use case |
| --------------------------- | ------------------------------------------------- |
| `netboot.xyz.iso` | x86_64 ISO — CD/DVD, virtual CD, DRAC/iLO, VMware |
| `netboot.xyz.img` | x86_64 IMG — USB key creation |
| `netboot.xyz-arm64.iso` | ARM64 ISO |
| `netboot.xyz-arm64.img` | ARM64 IMG — USB key creation |
| `netboot.xyz-multiarch.iso` | Combined x86_64 + ARM64 ISO |
| `netboot.xyz-multiarch.img` | Combined x86_64 + ARM64 IMG |
### Checksums
| File | Use case |
| ---------------------------------- | --------------------------- |
| `netboot.xyz-sha256-checksums.txt` | SHA256 hashes for all files |
> **BIOS vs UEFI:** Use `.efi` for UEFI systems, `.kpxe` for legacy BIOS. Mixing them causes silent failures.
>
> **Secure Boot:** Use the `-metal-` variants if your firmware enforces Secure Boot.
---
## Customizing the Menu
Edit `/var/www/html/boot.cfg` inside the container:
```bash
# SSH into the container, then:
nano /var/www/html/boot.cfg
```
Changes take effect immediately — no service restart needed.
Common customizations:
```bash
# Set a default boot entry with 10-second timeout:
set menu-timeout 10000
set menu-default linux
# Override the mirror used for Ubuntu:
set mirror http://de.archive.ubuntu.com/ubuntu
```
Full documentation: [netboot.xyz/docs](https://netboot.xyz/docs/)
---
## Updating
The update script preserves your `boot.cfg` customizations, updates menus and bootloaders to the latest release:
```bash
bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/ct/netboot-xyz.sh)"
```
---
## Troubleshooting
### Client can't reach the container / TFTP timeout
- Check that UDP/69 (TFTP) and TCP/80 (HTTP) are not blocked between client and container
- Proxmox firewall: add rules to allow these ports inbound on the container
- Check that the container is in the same VLAN/subnet as the client, or that inter-VLAN routing is configured
### Menu loads but OS download fails or is slow
- Expected — OS files come from the internet, not your container
- Client needs internet access (direct or via NAT through Proxmox)
- For air-gapped networks, you need to mirror OS images locally (advanced, see netboot.xyz docs)
### Machine boots to local disk instead of PXE
- Check boot order in BIOS/UEFI — network boot must come first, or select it manually via F11/F12
- Some UEFI systems require Secure Boot to be disabled for iPXE
### UEFI machine ignores the boot filename
- Some DHCP servers send the same `filename` option to both BIOS and UEFI clients
- Use vendor class matching in your DHCP config to send `.efi` only to UEFI clients
- OPNsense/pfSense handle this automatically when you set both BIOS and UEFI filenames separately
### `netboot.xyz.kpxe` works but `netboot.xyz.efi` doesn't (or vice versa)
- BIOS systems → use `netboot.xyz.kpxe` or `netboot.xyz-undionly.kpxe`
- UEFI systems → use `netboot.xyz.efi` or `netboot.xyz-snp.efi`

108
docs/misc/README.md
View File

@@ -1,15 +1,25 @@
# Misc Documentation
This directory contains comprehensive documentation for all function libraries and components of the Proxmox Community Scripts project. Each section is organized as a dedicated subdirectory with detailed references, examples, and integration guides.
This directory documents the shared Bash function libraries under `misc/`.
The important implementation detail is that these libraries are **not independent islands**:
- `build.func` orchestrates host-side CT creation.
- `api.func` is the canonical source of telemetry and exit-code explanations.
- `error_handler.func` wraps trap handling and falls back to `explain_exit_code()` if `api.func` was not loaded yet.
- `install.func` runs inside the container and bootstraps `core.func` + `error_handler.func` first, then downloads `tools.func` after the OS update stage.
- `tools.func` is the large Debian/Ubuntu helper toolbox for repository management, retries, releases, services, language runtimes, databases, GPU helpers, and update workflows.
---
## 🏗️ **Core Function Libraries**
### 📁 [build.func/](./build.func/)
**Core LXC Container Orchestration** - Main orchestrator for Proxmox LXC container creation
**Contents:**
- BUILD_FUNC_FLOWCHART.md - Visual execution flows and decision trees
- BUILD_FUNC_ARCHITECTURE.md - System architecture and design
- BUILD_FUNC_ENVIRONMENT_VARIABLES.md - Complete environment variable reference
@@ -23,9 +33,11 @@ This directory contains comprehensive documentation for all function libraries a
---
### 📁 [core.func/](./core.func/)
**System Utilities & Foundation** - Essential utility functions and system checks
**System Utilities & Foundation** - Shared runtime foundation for logging, prompts, validation, and execution control
**Contents:**
- CORE_FLOWCHART.md - Visual execution flows
- CORE_FUNCTIONS_REFERENCE.md - Complete function reference
- CORE_INTEGRATION.md - Integration points
@@ -37,9 +49,11 @@ This directory contains comprehensive documentation for all function libraries a
---
### 📁 [error_handler.func/](./error_handler.func/)
**Error Handling & Signal Management** - Comprehensive error handling and signal trapping
**Error Handling & Signal Management** - Trap orchestration, cleanup, and abort telemetry
**Contents:**
- ERROR_HANDLER_FLOWCHART.md - Visual error handling flows
- ERROR_HANDLER_FUNCTIONS_REFERENCE.md - Function reference
- ERROR_HANDLER_INTEGRATION.md - Integration with other components
@@ -51,39 +65,45 @@ This directory contains comprehensive documentation for all function libraries a
---
### 📁 [api.func/](./api.func/)
**Proxmox API Integration** - API communication and diagnostic reporting
**Telemetry & Diagnostics Runtime** - Anonymous telemetry reporting, progress tracking, and canonical exit-code mapping
**Contents:**
- API_FLOWCHART.md - API communication flows
- API_FUNCTIONS_REFERENCE.md - Function reference
- API_INTEGRATION.md - Integration points
- API_USAGE_EXAMPLES.md - Practical examples
- README.md - Overview and quick reference
**Key Functions**: `post_to_api()`, `post_update_to_api()`, `get_error_description()`
**Key Functions**: `post_to_api()`, `post_to_api_vm()`, `post_progress_to_api()`, `post_update_to_api()`, `explain_exit_code()`
---
## 📦 **Installation & Setup Function Libraries**
### 📁 [install.func/](./install.func/)
**Container Installation Workflow** - Installation orchestration for container-internal setup
**Container Installation Workflow** - Container bootstrap inside the LXC
**Contents:**
- INSTALL_FUNC_FLOWCHART.md - Installation workflow diagrams
- INSTALL_FUNC_FUNCTIONS_REFERENCE.md - Complete function reference
- INSTALL_FUNC_INTEGRATION.md - Integration with build and tools
- INSTALL_FUNC_USAGE_EXAMPLES.md - Practical examples
- README.md - Overview and quick reference
**Key Functions**: `setting_up_container()`, `network_check()`, `update_os()`, `motd_ssh()`, `cleanup_lxc()`
**Key Functions**: `setting_up_container()`, `network_check()`, `update_os()`, `motd_ssh()`, `customize()`
---
### 📁 [tools.func/](./tools.func/)
**Package & Tool Installation** - Robust package management and 30+ tool installation functions
**Package & Tool Installation** - Repository, package, release, runtime, and service toolbox
**Contents:**
- TOOLS_FUNC_FLOWCHART.md - Package management flows
- TOOLS_FUNC_FUNCTIONS_REFERENCE.md - 30+ function reference
- TOOLS_FUNC_INTEGRATION.md - Integration with install workflows
@@ -91,14 +111,16 @@ This directory contains comprehensive documentation for all function libraries a
- TOOLS_FUNC_ENVIRONMENT_VARIABLES.md - Configuration reference
- README.md - Overview and quick reference
**Key Functions**: `setup_nodejs()`, `setup_php()`, `setup_mariadb()`, `setup_docker()`, `setup_deb822_repo()`, `pkg_install()`, `pkg_update()`
**Key Functions**: `curl_with_retry()`, `setup_deb822_repo()`, `install_packages_with_retry()`, `setup_mariadb()`, `setup_postgresql()`, `get_latest_github_release()`
---
### 📁 [alpine-install.func/](./alpine-install.func/)
**Alpine Container Setup** - Alpine Linux-specific installation functions
**Contents:**
- ALPINE_INSTALL_FUNC_FLOWCHART.md - Alpine setup flows
- ALPINE_INSTALL_FUNC_FUNCTIONS_REFERENCE.md - Function reference
- ALPINE_INSTALL_FUNC_INTEGRATION.md - Integration points
@@ -110,9 +132,11 @@ This directory contains comprehensive documentation for all function libraries a
---
### 📁 [alpine-tools.func/](./alpine-tools.func/)
**Alpine Tool Installation** - Alpine-specific package and tool installation
**Contents:**
- ALPINE_TOOLS_FUNC_FLOWCHART.md - Alpine package flows
- ALPINE_TOOLS_FUNC_FUNCTIONS_REFERENCE.md - Function reference
- ALPINE_TOOLS_FUNC_INTEGRATION.md - Integration with Alpine workflows
@@ -124,9 +148,11 @@ This directory contains comprehensive documentation for all function libraries a
---
### 📁 [cloud-init.func/](./cloud-init.func/)
**VM Cloud-Init Configuration** - Cloud-init and VM provisioning functions
**Contents:**
- CLOUD_INIT_FUNC_FLOWCHART.md - Cloud-init flows
- CLOUD_INIT_FUNC_FUNCTIONS_REFERENCE.md - Function reference
- CLOUD_INIT_FUNC_INTEGRATION.md - Integration points
@@ -145,18 +171,24 @@ This directory contains comprehensive documentation for all function libraries a
├─────────────────────────────────────────────┤
│ │
│ ct/AppName.sh │
│ ↓ (sources)
│ ↓ sources
│ build.func │
│ ├─ variables()
│ ├─ build_container()
advanced_settings()
↓ (calls pct create with)
│ ├─ sources api.func
│ ├─ sources core.func
sources error_handler.func
├─ loads variables/settings/prompts
│ └─ creates container + launch phase │
│ ↓ pct exec / lxc-attach │
│ install/appname-install.sh │
│ ↓ (sources)
│ ├─ core.func (colors, messaging)
│ ├─ error_handler.func (error trapping)
│ ├─ install.func (setup/network)
tools.func (packages/tools)
│ ↓ sources install.func
│ ├─ sources core.func
│ ├─ sources error_handler.func
│ ├─ load_functions()
catch_errors()
│ ├─ network_check() │
│ ├─ update_os() │
│ │ └─ downloads + sources tools.func │
│ └─ app install uses tools.func │
│ │
└─────────────────────────────────────────────┘
@@ -191,17 +223,17 @@ This directory contains comprehensive documentation for all function libraries a
## 📊 **Documentation Quick Stats**
| Library | Files | Functions | Status |
|---------|:---:|:---:|:---:|
| build.func | 7 | 50+ | ✅ Complete |
| core.func | 5 | 20+ | ✅ Complete |
| error_handler.func | 5 | 10+ | ✅ Complete |
| api.func | 5 | 5+ | ✅ Complete |
| install.func | 5 | 8+ | ✅ Complete |
| tools.func | 6 | 30+ | ✅ Complete |
| alpine-install.func | 5 | 6+ | ✅ Complete |
| alpine-tools.func | 5 | 15+ | ✅ Complete |
| cloud-init.func | 5 | 12+ | ✅ Complete |
| Library | Files | Functions | Status |
| ------------------- | :---: | :-------: | :---------: |
| build.func | 7 | 50+ | ✅ Complete |
| core.func | 5 | 20+ | ✅ Complete |
| error_handler.func | 5 | 10+ | ✅ Complete |
| api.func | 5 | 5+ | ✅ Complete |
| install.func | 5 | 8+ | ✅ Complete |
| tools.func | 6 | 30+ | ✅ Complete |
| alpine-install.func | 5 | 6+ | ✅ Complete |
| alpine-tools.func | 5 | 15+ | ✅ Complete |
| cloud-init.func | 5 | 12+ | ✅ Complete |
**Total**: 9 function libraries, 48 documentation files, 150+ functions
@@ -210,16 +242,20 @@ This directory contains comprehensive documentation for all function libraries a
## 🚀 **Getting Started**
### For Container Creation Scripts
Start with: **[build.func/](./build.func/)** → **[tools.func/](./tools.func/)** → **[install.func/](./install.func/)**
Start with: **[build.func/](./build.func/)** → **[core.func/](./core.func/)** → **[error_handler.func/](./error_handler.func/)** → **[api.func/](./api.func/)** → **[install.func/](./install.func/)** → **[tools.func/](./tools.func/)**
### For Alpine Containers
Start with: **[alpine-install.func/](./alpine-install.func/)** → **[alpine-tools.func/](./alpine-tools.func/)**
### For VM Provisioning
Start with: **[cloud-init.func/](./cloud-init.func/)**
### For Troubleshooting
Start with: **[error_handler.func/](./error_handler.func/)** → **[EXIT_CODES.md](../EXIT_CODES.md)**
Start with: **[error_handler.func/](./error_handler.func/)** → **[api.func/](./api.func/)**
---
@@ -251,6 +287,7 @@ function-library/
```
**Advantages**:
- ✅ Consistent navigation across all libraries
- ✅ Quick reference sections in each README
- ✅ Visual flowcharts for understanding
@@ -273,11 +310,12 @@ All documentation follows these standards:
---
## ✅ **Last Updated**: December 2025
## ✅ **Last Updated**: Based on live `misc/*` code verification
**Maintainers**: community-scripts team
**License**: MIT
**Status**: All 9 libraries fully documented and standardized
**Status**: Canonical overviews aligned to live code; deeper generated subpages may still require occasional drift cleanup
---
*This directory contains specialized documentation for specific components of the Proxmox Community Scripts project.*
_When documentation conflicts with the live shell implementation, prefer the files under `ProxmoxVE` / `ProxmoxVED` `misc/`._

61
install/alpine-wakapi-install.sh
View File

@@ -1,61 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Slaviša Arežina (tremor021)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://wakapi.dev/ | https://github.com/muety/wakapi
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apk add --no-cache \
ca-certificates \
tzdata
$STD update-ca-certificates
$STD apk add --no-cache go --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
msg_ok "Installed Dependencies"
fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "tarball"
msg_info "Configuring Wakapi"
LOCAL_IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
cd /opt/wakapi
$STD go mod download
$STD go build -o wakapi
cp config.default.yml config.yml
sed -i 's/listen_ipv6: ::1/listen_ipv6: "-"/g' config.yml
sed -i 's/listen_ipv4: 127.0.0.1/listen_ipv4: "0.0.0.0"/g' config.yml
sed -i "s/public_url: http:\/\/localhost:3000/public_url: http:\/\/$LOCAL_IP:3000/g" config.yml
msg_ok "Configured Wakapi"
msg_info "Enabling Wakapi Service"
cat <<EOF >/etc/init.d/wakapi
#!/sbin/openrc-run
description="Wakapi Service"
directory="/opt/wakapi"
command="/opt/wakapi/wakapi"
command_args="-config config.yml"
command_background="true"
command_user="root"
pidfile="/var/run/wakapi.pid"
depend() {
use net
}
EOF
chmod +x /etc/init.d/wakapi
$STD rc-update add wakapi default
msg_ok "Enabled Wakapi Service"
msg_info "Starting Wakapi"
$STD rc-service wakapi start
msg_ok "Started Wakapi"
motd_ssh
customize

88
install/degoog-install.sh Normal file
View File

@@ -0,0 +1,88 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: vhsdream
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/fccview/degoog
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
git \
unzip
msg_ok "Installed Dependencies"
msg_info "Installing Bun"
export BUN_INSTALL="/root/.bun"
curl -fsSL https://bun.sh/install | $STD bash
ln -sf /root/.bun/bin/bun /usr/local/bin/bun
ln -sf /root/.bun/bin/bunx /usr/local/bin/bunx
msg_ok "Installed Bun"
fetch_and_deploy_gh_release "degoog" "fccview/degoog" "prebuild" "latest" "/opt/degoog" "degoog_*_prebuild.tar.gz"
msg_info "Setting up degoog"
mkdir -p /opt/degoog/data/{engines,plugins,themes,store}
cat <<EOF >/opt/degoog/.env
DEGOOG_PORT=4444
DEGOOG_ENGINES_DIR=/opt/degoog/data/engines
DEGOOG_PLUGINS_DIR=/opt/degoog/data/plugins
DEGOOG_THEMES_DIR=/opt/degoog/data/themes
DEGOOG_ALIASES_FILE=/opt/degoog/data/aliases.json
DEGOOG_PLUGIN_SETTINGS_FILE=/opt/degoog/data/plugin-settings.json
# DEGOOG_SETTINGS_PASSWORDS=changeme
# DEGOOG_PUBLIC_INSTANCE=false
# LOGGER=debug
EOF
if [[ ! -f /opt/degoog/data/aliases.json ]]; then
cat <<EOF >/opt/degoog/data/aliases.json
{}
EOF
fi
if [[ ! -f /opt/degoog/data/plugin-settings.json ]]; then
cat <<EOF >/opt/degoog/data/plugin-settings.json
{}
EOF
fi
if [[ ! -f /opt/degoog/data/repos.json ]]; then
cat <<EOF >/opt/degoog/data/repos.json
[]
EOF
fi
msg_ok "Set up degoog"
msg_info "Creating Service"
cat <<EOF >/etc/systemd/system/degoog.service
[Unit]
Description=degoog
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/opt/degoog
EnvironmentFile=/opt/degoog/.env
ExecStart=/usr/local/bin/bun run src/server/index.ts
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now degoog
msg_ok "Created Service"
motd_ssh
customize
cleanup_lxc

52
install/discourse-install.sh
View File

@@ -55,18 +55,17 @@ DISCOURSE_DB_NAME=discourse
DISCOURSE_DB_USERNAME=discourse
DISCOURSE_DB_PASSWORD=${DISCOURSE_DB_PASS}
DISCOURSE_REDIS_URL=redis://localhost:6379
DISCOURSE_DEVELOPER_EMAILS=admin@local
DISCOURSE_DEVELOPER_EMAILS=admin@discourse.local
DISCOURSE_HOSTNAME=${LOCAL_IP}
DISCOURSE_SMTP_ADDRESS=localhost
DISCOURSE_SMTP_PORT=25
DISCOURSE_SMTP_AUTHENTICATION=none
DISCOURSE_NOTIFICATION_EMAIL=noreply@${LOCAL_IP}
DISCOURSE_SKIP_NEW_ACCOUNT_EMAIL=true
APP_ROOT=/opt/discourse
EOF
mkdir -p /opt/discourse/tmp/sockets /opt/discourse/tmp/pids /opt/discourse/log
sed -i 's|bind "unix://#{APP_ROOT}/tmp/sockets/puma.sock"|bind "tcp://127.0.0.1:3000"|' /opt/discourse/config/puma.rb
sed -i 's|stdout_redirect.*|# logging handled by systemd|' /opt/discourse/config/puma.rb
chown -R root:root /opt/discourse
chmod 755 /opt/discourse
msg_ok "Configured Discourse"
@@ -94,8 +93,32 @@ set -a
source /opt/discourse/.env
set +a
$STD bundle exec rails db:migrate
$STD bundle exec rails db:seed
msg_ok "Set Up Database"
msg_info "Creating Admin Account"
ADMIN_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c16)
$STD bundle exec rails runner "
user = User.new(email: 'admin@discourse.local', username: 'admin', password: '${ADMIN_PASS}')
user.active = true
user.admin = true
user.approved = true
user.save!(validate: false)
user.activate
user.grant_admin!
user.change_trust_level!(TrustLevel[4])
SiteSetting.has_login_hint = false
SiteSetting.wizard_enabled = false
"
{
echo "Discourse Credentials"
echo "Admin Username: admin"
echo "Admin Email: admin@discourse.local"
echo "Admin Password: ${ADMIN_PASS}"
echo "Database Password: ${DISCOURSE_DB_PASS}"
} >~/discourse.creds
msg_ok "Created Admin Account"
msg_info "Building Discourse Assets"
cd /opt/discourse
export PATH="$HOME/.rbenv/bin:$HOME/.rbenv/shims:$PATH"
@@ -119,7 +142,7 @@ User=root
WorkingDirectory=/opt/discourse
EnvironmentFile=/opt/discourse/.env
Environment=PATH=/root/.rbenv/shims:/root/.rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ExecStart=/root/.rbenv/shims/bundle exec puma -w 2
ExecStart=/root/.rbenv/shims/bundle exec pitchfork -c config/pitchfork.conf.rb
Restart=on-failure
RestartSec=5
@@ -138,7 +161,7 @@ User=root
WorkingDirectory=/opt/discourse
EnvironmentFile=/opt/discourse/.env
Environment=PATH=/root/.rbenv/shims:/root/.rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ExecStart=/root/.rbenv/shims/bundle exec sidekiq -q critical -q low -q default
ExecStart=/root/.rbenv/shims/bundle exec sidekiq -q critical -q default -q low -q ultra_low
Restart=on-failure
RestartSec=5
@@ -153,12 +176,27 @@ cat <<EOF >/etc/nginx/sites-available/discourse
server {
listen 80 default_server;
server_name _;
root /opt/discourse/public;
client_max_body_size 100M;
proxy_busy_buffers_size 512k;
proxy_buffers 4 512k;
location /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public,immutable;
}
location /uploads/ {
expires 1h;
}
location / {
try_files \$uri @discourse;
}
location @discourse {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
@@ -167,6 +205,7 @@ server {
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Accel-Mapping /opt/discourse/public/=/downloads/;
}
}
EOF
@@ -175,6 +214,7 @@ ln -sf /etc/nginx/sites-available/discourse /etc/nginx/sites-enabled/discourse
rm -f /etc/nginx/sites-enabled/default
$STD nginx -t
$STD systemctl enable --now nginx
$STD systemctl reload nginx
msg_ok "Configured Nginx"
motd_ssh

68
install/isponsorblocktv-install.sh
View File

@@ -1,68 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Matthew Stern (sternma) | MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/dmunozv04/iSponsorBlockTV
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
fetch_and_deploy_gh_release "isponsorblocktv" "dmunozv04/iSponsorBlockTV" "singlefile" "latest" "/opt/isponsorblocktv" "iSponsorBlockTV-*-linux"
msg_info "Setting up iSponsorBlockTV"
install -d /var/lib/isponsorblocktv
msg_ok "Set up iSponsorBlockTV"
msg_info "Creating Service"
cat <<EOF >/etc/systemd/system/isponsorblocktv.service
[Unit]
Description=iSponsorBlockTV
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=root
Group=root
Environment=iSPBTV_data_dir=/var/lib/isponsorblocktv
ExecStart=/opt/isponsorblocktv/isponsorblocktv
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q isponsorblocktv
msg_ok "Created Service"
msg_info "Creating CLI wrapper"
cat <<EOF >/usr/local/bin/iSponsorBlockTV
#!/usr/bin/env bash
export iSPBTV_data_dir="/var/lib/isponsorblocktv"
set +e
/opt/isponsorblocktv/isponsorblocktv "$@"
status=$?
set -e
case "${1:-}" in
setup|setup-cli)
systemctl restart isponsorblocktv >/dev/null 2>&1 || true
;;
esac
exit $status
EOF
chmod +x /usr/local/bin/iSponsorBlockTV
ln -sf /usr/local/bin/iSponsorBlockTV /usr/bin/iSponsorBlockTV
msg_ok "Created CLI wrapper"
motd_ssh
customize
cleanup_lxc

102
install/netboot.xyz-install.sh Normal file
View File

@@ -0,0 +1,102 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Michel Roegl-Brunner (michelroegl-brunner)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://netboot.xyz
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
nginx \
tftpd-hpa
msg_ok "Installed Dependencies"
fetch_and_deploy_gh_release "netboot-xyz" "netbootxyz/netboot.xyz" "prebuild" "latest" "/var/www/html" "menus.tar.gz"
# x86_64 UEFI bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-efi-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-snponly.efi"
# x86_64 metal (code-signed) UEFI bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snp-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snp.efi.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-snponly.efi"
# x86_64 BIOS/Legacy bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-undionly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-undionly.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-kpxe" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal.kpxe"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-lkrn" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.lkrn"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-linux-bin" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-linux.bin"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-dsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.dsk"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-pdsk" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.pdsk"
# ARM64 bootloaders
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64-snponly.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snp" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snp.efi"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-metal-arm64-snponly" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-metal-arm64-snponly.efi"
# ISO and IMG images (for virtual/physical media creation)
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-arm64-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-arm64.img"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-iso" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.iso"
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-multiarch-img" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-multiarch.img"
# SHA256 checksums
USE_ORIGINAL_FILENAME=true fetch_and_deploy_gh_release "netboot-xyz-checksums" "netbootxyz/netboot.xyz" "singlefile" "latest" "/var/www/html" "netboot.xyz-sha256-checksums.txt"
msg_info "Configuring Webserver"
rm -f /etc/nginx/sites-enabled/default
cat <<'EOF' >/etc/nginx/sites-available/netboot-xyz
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name _;
location / {
autoindex on;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Headers "Content-Type";
}
# The index.html from menus.tar.gz links bootloaders under /ipxe/ —
# serve them from the same root directory via alias
location /ipxe/ {
alias /var/www/html/;
autoindex on;
add_header Access-Control-Allow-Origin "*";
}
}
EOF
ln -sf /etc/nginx/sites-available/netboot-xyz /etc/nginx/sites-enabled/netboot-xyz
$STD systemctl reload nginx
msg_ok "Configured Webserver"
msg_info "Configuring TFTP Server"
cat <<EOF >/etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/www/html"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"
EOF
systemctl enable -q --now tftpd-hpa
msg_ok "Configured TFTP Server"
motd_ssh
customize
cleanup_lxc

190
install/nginxproxymanager-install.sh Normal file
View File

@@ -0,0 +1,190 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: tteck (tteckster) | Co-Author: CrazyWolf13
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://nginxproxymanager.com/ | Github: https://github.com/NginxProxyManager/nginx-proxy-manager
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
apache2-utils \
logrotate \
build-essential \
libpcre3-dev \
libssl-dev \
zlib1g-dev \
git \
python3 \
python3-dev \
python3-pip \
python3-venv \
python3-cffi
msg_ok "Installed Dependencies"
msg_info "Setting up Certbot"
$STD python3 -m venv /opt/certbot
$STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
$STD /opt/certbot/bin/pip install certbot certbot-dns-cloudflare
ln -sf /opt/certbot/bin/certbot /usr/local/bin/certbot
msg_ok "Set up Certbot"
fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "latest" "/opt/openresty" "openresty-*.tar.gz"
msg_info "Building OpenResty"
cd /opt/openresty
$STD ./configure \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_auth_request_module \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module
$STD make -j"$(nproc)"
$STD make install
rm -rf /opt/openresty
cat <<'EOF' >/lib/systemd/system/openresty.service
[Unit]
Description=The OpenResty Application Platform
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
ExecStartPre=/usr/local/openresty/nginx/sbin/nginx -t
ExecStart=/usr/local/openresty/nginx/sbin/nginx -g 'daemon off;'
[Install]
WantedBy=multi-user.target
EOF
msg_ok "Built OpenResty"
NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
RELEASE=$(get_latest_github_release "NginxProxyManager/nginx-proxy-manager")
fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "v${RELEASE}"
msg_info "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done
mkdir -p /var/www/html /etc/nginx/logs
cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf
mkdir -p /tmp/nginx/body \
/run/nginx \
/data/nginx \
/data/custom_ssl \
/data/logs \
/data/access \
/data/nginx/default_host \
/data/nginx/default_www \
/data/nginx/proxy_host \
/data/nginx/redirection_host \
/data/nginx/stream \
/data/nginx/dead_host \
/data/nginx/temp \
/var/lib/nginx/cache/public \
/var/lib/nginx/cache/private \
/var/cache/nginx/proxy_temp
chmod -R 777 /var/cache/nginx
chown root /tmp/nginx
echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
$STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
fi
mkdir -p /app/frontend/images
cp -r /opt/nginxproxymanager/backend/* /app
msg_ok "Set up Environment"
msg_info "Building Frontend"
export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
cd /opt/nginxproxymanager/frontend
# Replace node-sass with sass in package.json before installation
sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
$STD yarn install --network-timeout 600000
$STD yarn locale-compile
$STD yarn build
cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
msg_ok "Built Frontend"
msg_info "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
cat <<'EOF' >/app/config/production.json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "better-sqlite3",
"connection": {
"filename": "/data/database.sqlite"
},
"useNullAsDefault": true
}
}
}
EOF
fi
cd /app
$STD yarn install --network-timeout 600000
msg_ok "Initialized Backend"
msg_info "Creating Service"
cat <<'EOF' >/lib/systemd/system/npm.service
[Unit]
Description=Nginx Proxy Manager
After=network.target
Wants=openresty.service
[Service]
Type=simple
Environment=NODE_ENV=production
ExecStartPre=-mkdir -p /tmp/nginx/body /data/letsencrypt-acme-challenge
ExecStart=/usr/bin/node index.js --abort_on_uncaught_exception --max_old_space_size=250
WorkingDirectory=/app
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
msg_ok "Created Service"
msg_info "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
systemctl enable -q --now openresty
systemctl enable -q --now npm
msg_ok "Started Services"
motd_ssh
customize
cleanup_lxc

3
install/simplelogin-install.sh
View File

@@ -110,7 +110,7 @@ export NAMESERVERS="1.1.1.1"
export MEM_STORE_URI="redis://localhost:6379/1"
export OPENID_PRIVATE_KEY_PATH="/opt/simplelogin/openid-rsa.key"
export OPENID_PUBLIC_KEY_PATH="/opt/simplelogin/openid-rsa.pub"
$STD .venv/bin/flask db upgrade
$STD .venv/bin/alembic upgrade head
$STD .venv/bin/python init_app.py
msg_ok "Configured SimpleLogin"
@@ -224,6 +224,7 @@ ln -sf /etc/nginx/sites-available/simplelogin.conf /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default
$STD nginx -t
$STD systemctl enable --now nginx
$STD systemctl reload nginx
msg_ok "Configured Nginx"
motd_ssh

20
install/step-ca-install.sh
View File

@@ -22,27 +22,20 @@ setup_deb822_repo \
msg_info "Installing step-ca and step-cli"
$STD apt install -y step-ca step-cli
msg_ok "Installed step-ca and step-cli"
msg_info "Define smallstep environment variables"
STEPHOME="/root/.step"
$STD export STEPPATH=/etc/step-ca
$STD export STEPHOME=$STEPHOME
msg_ok "Defined smallstep environment variables"
msg_info "Add smallstep environment variables to /etc/profile"
$STD sed -i '1i export STEPPATH=/etc/step-ca' /etc/profile
$STD sed -i '1i export STEPHOME=/root/.step' /etc/profile
msg_ok "Added smallstep environment variables to /etc/profile"
msg_info "Authorize step-ca binary with low port-binding capabilities"
$STD setcap CAP_NET_BIND_SERVICE=+eip $(which step-ca)
msg_ok "Authorized low port-binding capabilities"
msg_info "Add a smallstep CA service user - Will only be used by systemd to manage the CA"
$STD useradd --user-group --system --home $(step path) --shell /bin/false step
msg_ok "Created smallstep CA service user"
msg_ok "Installed step-ca and step-cli"
msg_info "Initializing step-ca"
DeploymentType="standalone"
FQDN=$(hostname -f)
DomainName=$(hostname -d)
@@ -77,7 +70,6 @@ X509DefaultDur=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step
done
msg_info "Initializing step-ca"
EncryptionPwdDir="$(step path)/encryption"
PwdFile="$EncryptionPwdDir/ca.pwd"
ProvisionerPwdFile="$EncryptionPwdDir/provisioner.pwd"
@@ -100,25 +92,19 @@ $STD step ca init \
ln -s "$PwdFile" "$(step path)/password.txt"
chown -R step:step $(step path)
chmod -R 700 $(step path)
msg_ok "Initialized step-ca"
msg_info "Add ACME provisioner"
$STD step ca provisioner add "$AcmeProvisioner" --type ACME --admin-name "$AcmeProvisioner"
msg_ok "Added ACME provisioner"
msg_info "Update provisioner configurations"
$STD step ca provisioner update "$PKIProvisioner" \
--x509-min-dur=$X509MinDur \
--x509-max-dur=$X509MaxDur \
--x509-default-dur=$X509DefaultDur \
--allow-renewal-after-expiry
$STD step ca provisioner update "$AcmeProvisioner" \
--x509-min-dur=$X509MinDur \
--x509-max-dur=$X509MaxDur \
--x509-default-dur=$X509DefaultDur \
--allow-renewal-after-expiry
msg_ok "Updated provisioner configurations"
msg_ok "Initialized step-ca"
msg_info "Start step-ca as a Daemon"
cat <<'EOF' >/etc/systemd/system/step-ca.service

2
install/twenty-install.sh
View File

@@ -31,7 +31,7 @@ export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
$STD corepack enable
$STD corepack prepare yarn@4.9.2 --activate
$STD yarn install --immutable || $STD yarn install
export NODE_OPTIONS="--max-old-space-size=3072"
export NODE_OPTIONS="--max-old-space-size=4096"
$STD npx nx run twenty-server:build
$STD npx nx build twenty-front
cp -r /opt/twenty/packages/twenty-front/build /opt/twenty/packages/twenty-server/dist/front

37
install/versitygw-install.sh
View File

@@ -1,37 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://github.com/versity/versitygw
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
fetch_and_deploy_gh_release "versitygw" "versity/versitygw" "binary"
msg_info "Configuring VersityGW"
mkdir -p /opt/versitygw-data
ACCESS_KEY=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-20)
SECRET_KEY=$(openssl rand -base64 36 | tr -dc 'a-zA-Z0-9' | cut -c1-40)
cat <<EOF >/etc/versitygw.d/gateway.conf
VGW_BACKEND=posix
VGW_BACKEND_ARG=/opt/versitygw-data
VGW_PORT=7070
ROOT_ACCESS_KEY_ID=${ACCESS_KEY}
ROOT_SECRET_ACCESS_KEY=${SECRET_KEY}
EOF
msg_ok "Configured VersityGW"
msg_info "Enabling Service"
systemctl enable -q --now versitygw@gateway
msg_ok "Enabled Service"
motd_ssh
customize
cleanup_lxc

40
json/alpine-wakapi.json
View File

@@ -1,40 +0,0 @@
{
"name": "Alpine-Wakapi",
"slug": "alpine-wakapi",
"categories": [
9
],
"date_created": "2026-02-16",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 3000,
"documentation": "https://github.com/muety/wakapi/wiki",
"website": "https://wakapi.dev/",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/wakapi.webp",
"config_path": "/opt/wakapi/config.yml",
"description": "Wakapi is an open-source tool that helps you keep track of the time you have spent coding on different projects in different programming languages and more. Ideal for statistics freaks and anyone else.",
"install_methods": [
{
"type": "default",
"script": "ct/alpine-wakapi.sh",
"resources": {
"cpu": 1,
"ram": 512,
"hdd": 4,
"os": "alpine",
"version": "3.23"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "The first user created will be an admin.",
"type": "warning"
}
]
}

44
json/degoog.json Normal file
View File

@@ -0,0 +1,44 @@
{
"name": "degoog",
"slug": "degoog",
"categories": [
0
],
"date_created": "2026-03-20",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 4444,
"documentation": "https://fccview.github.io/degoog/",
"website": "https://github.com/fccview/degoog",
"logo": "https://raw.githubusercontent.com/fccview/degoog/main/src/public/images/degoog-logo.png",
"config_path": "/opt/degoog/.env",
"description": "Search aggregator that queries multiple engines and supports plugins, themes, and extension repositories.",
"install_methods": [
{
"type": "default",
"script": "ct/degoog.sh",
"resources": {
"cpu": 2,
"ram": 2048,
"hdd": 6,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "Project is currently marked beta upstream and not intended for production use yet.",
"type": "warning"
},
{
"text": "Add extension store repositories in Settings after first start (official repo: https://github.com/fccview/fccview-degoog-extensions).",
"type": "info"
}
]
}

4
json/discourse.json
View File

@@ -37,11 +37,11 @@
"type": "warning"
},
{
"text": "Admin user is created with username 'admin'. Set password in first login.",
"text": "Admin credentials are saved in `/root/discourse.creds` inside the container.",
"type": "info"
},
{
"text": "Configure SMTP settings in admin panel for email notifications.",
"text": "Configure SMTP settings in the admin panel (Admin > Settings > Email) for email notifications.",
"type": "info"
}
]

44
json/isponsorblocktv.json
View File

@@ -1,44 +0,0 @@
{
"name": "iSponsorBlockTV",
"slug": "isponsorblocktv",
"categories": [
13
],
"date_created": "2026-01-25",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": null,
"documentation": "https://github.com/dmunozv04/iSponsorBlockTV/wiki",
"website": "https://github.com/dmunozv04/iSponsorBlockTV",
"logo": "https://raw.githubusercontent.com/ajayyy/SponsorBlock/master/public/icons/IconSponsorBlocker512px.png",
"config_path": "/var/lib/isponsorblocktv/config.json",
"description": "iSponsorBlockTV connects to YouTube TV clients and automatically skips SponsorBlock segments, mutes ads, and presses the Skip Ad button when available.",
"install_methods": [
{
"type": "default",
"script": "ct/isponsorblocktv.sh",
"resources": {
"cpu": 1,
"ram": 1024,
"hdd": 4,
"os": "debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "No web UI; run `iSponsorBlockTV setup` inside the container to configure.",
"type": "info"
},
{
"text": "SSDP auto-discovery requires multicast on your bridge; manual pairing works without it.",
"type": "info"
}
]
}

52
json/netboot-xyz.json Normal file
View File

@@ -0,0 +1,52 @@
{
"name": "netboot.xyz",
"slug": "netboot-xyz",
"categories": [
4
],
"date_created": "2026-03-20",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 80,
"documentation": "https://netboot.xyz/docs/",
"website": "https://netboot.xyz/",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/netboot-xyz.webp",
"config_path": "/var/www/html/boot.cfg",
"description": "netboot.xyz is a network boot utility that lets you boot into any type of operating system or utility disk directly from a BIOS/UEFI, without needing a physical boot media. It uses iPXE to present a user-friendly menu of operating systems and tools.",
"install_methods": [
{
"type": "default",
"script": "ct/netboot-xyz.sh",
"resources": {
"cpu": 1,
"ram": 512,
"hdd": 8,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "Configure your DHCP server: set `next-server` to the container IP, and `boot-filename` to `netboot.xyz.efi` (UEFI) or `netboot.xyz.kpxe` (BIOS/legacy).",
"type": "info"
},
{
"text": "For UEFI HTTP boot (no DHCP changes required), load the bootloader directly from your firmware: `http://IP/netboot.xyz.efi`.",
"type": "info"
},
{
"text": "Customize menus by editing `/var/www/html/boot.cfg`. Changes are picked up immediately — no service restart needed.",
"type": "info"
},
{
"text": "TFTP is available on port 69/UDP and HTTP on port 80, both serving from `/var/www/html`.",
"type": "info"
}
]
}

6
json/simplelogin.json
View File

@@ -33,7 +33,11 @@
},
"notes": [
{
"text": "After installation, update EMAIL_DOMAIN in /opt/simplelogin/.env with your actual domain and configure DNS (MX, SPF, DKIM) accordingly.",
"text": "After installation, update EMAIL_DOMAIN and URL in /opt/simplelogin/.env with your actual domain and configure DNS (MX, SPF, DKIM) accordingly.",
"type": "warning"
},
{
"text": "A working SMTP setup (Postfix + valid domain/DNS) is required. Registration sends an activation email that must be delivered.",
"type": "warning"
},
{

2
json/twenty.json
View File

@@ -20,7 +20,7 @@
"script": "ct/twenty.sh",
"resources": {
"cpu": 4,
"ram": 8192,
"ram": 10240,
"hdd": 20,
"os": "Debian",
"version": "13"

48
json/versitygw.json
View File

@@ -1,48 +0,0 @@
{
"name": "VersityGW",
"slug": "versitygw",
"categories": [
11
],
"date_created": "2026-03-10",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 7070,
"documentation": "https://github.com/versity/versitygw/wiki",
"config_path": "/etc/versitygw.d/gateway.conf",
"website": "https://www.versity.com/",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/versitygw.webp",
"description": "VersityGW is a high-performance, cloud-native S3-compatible gateway that provides S3 API access to various storage backends including POSIX filesystems.",
"install_methods": [
{
"type": "default",
"script": "ct/versitygw.sh",
"resources": {
"cpu": 2,
"ram": 2048,
"hdd": 8,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "S3 access credentials are generated during installation and stored in /etc/versitygw.d/gateway.conf",
"type": "info"
},
{
"text": "Data is stored in /opt/versitygw-data (POSIX backend)",
"type": "info"
},
{
"text": "Use any S3-compatible client to connect to the gateway endpoint",
"type": "info"
}
]
}

2
misc/build.func
View File

@@ -4796,7 +4796,7 @@ EOF'
if [[ "$is_cmd_not_found" == true ]]; then
local missing_cmd=""
if [[ -f "$combined_log" ]]; then
missing_cmd=$(grep -oiE '[a-zA-Z0-9_.-]+: command not found' "$combined_log" | tail -1 | sed 's/: command not found//')
missing_cmd=$(grep -oiE '[a-zA-Z0-9_.-]+: command not found' "$combined_log" | tail -1 | sed 's/: command not found//' || true)
fi
if [[ -n "$missing_cmd" ]]; then
echo -e "${TAB}${INFO} Missing command: ${GN}${missing_cmd}${CL}"