Update CHANGELOG.md

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

CHANGELOG.md

@@ -483,6 +483,19 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
+## 2026-06-20
+
+### 🆕 New Scripts
+
+  - Apache-Airflow ([#15228](https://github.com/community-scripts/ProxmoxVE/pull/15228))
+- Plane ([#15227](https://github.com/community-scripts/ProxmoxVE/pull/15227))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Nginxproxymanager: repair broken certbot pip before update [@MickLesk](https://github.com/MickLesk) ([#15224](https://github.com/community-scripts/ProxmoxVE/pull/15224))
+
 ## 2026-06-19
 
 ### 🚀 Updated Scripts

ct/apache-airflow.sh

@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/apache/airflow
+
+APP="Apache-Airflow"
+var_tags="${var_tags:-workflow;scheduler;automation}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-16}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/airflow ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  INSTALLED=$(cat ~/.airflow 2>/dev/null || echo "0")
+  LATEST=$(curl -fsSL "https://pypi.org/pypi/apache-airflow/json" | jq -r '.info.version')
+
+  if [[ "$INSTALLED" == "$LATEST" ]]; then
+    msg_ok "Already on the latest version (${LATEST})"
+    exit
+  fi
+
+  msg_info "Stopping Services"
+  systemctl stop airflow-api-server airflow-scheduler airflow-dag-processor airflow-triggerer
+  msg_ok "Stopped Services"
+
+  create_backup /opt/airflow/.env
+
+  msg_info "Updating Apache Airflow to ${LATEST}"
+  $STD uv pip install --python /opt/airflow/.venv/bin/python \
+    "apache-airflow[postgres,fab]==${LATEST}" \
+    --constraint "https://raw.githubusercontent.com/apache/airflow/constraints-${LATEST}/constraints-3.12.txt"
+  echo "${LATEST}" >~/.airflow
+  msg_ok "Updated Apache Airflow to ${LATEST}"
+
+  restore_backup
+
+  msg_info "Running Database Migrations"
+  set -a && source /opt/airflow/.env && set +a
+  $STD /opt/airflow/.venv/bin/airflow db migrate
+  msg_ok "Ran Database Migrations"
+
+  msg_info "Starting Services"
+  systemctl start airflow-api-server airflow-scheduler airflow-dag-processor airflow-triggerer
+  msg_ok "Started Services"
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080${CL}"

ct/headers/apache-airflow

@@ -0,0 +1,6 @@
+    ___                     __               ___    _      ______             
+   /   |  ____  ____ ______/ /_  ___        /   |  (_)____/ __/ /___ _      __
+  / /| | / __ \/ __ `/ ___/ __ \/ _ \______/ /| | / / ___/ /_/ / __ \ | /| / /
+ / ___ |/ /_/ / /_/ / /__/ / / /  __/_____/ ___ |/ / /  / __/ / /_/ / |/ |/ / 
+/_/  |_/ .___/\__,_/\___/_/ /_/\___/     /_/  |_/_/_/  /_/ /_/\____/|__/|__/  
+      /_/                                                                     

ct/headers/plane

@@ -0,0 +1,6 @@
+    ____  __               
+   / __ \/ /___ _____  ___ 
+  / /_/ / / __ `/ __ \/ _ \
+ / ____/ / /_/ / / / /  __/
+/_/   /_/\__,_/_/ /_/\___/ 
+                           

ct/nginxproxymanager.sh

@@ -108,8 +108,13 @@ EOF
   cd /root
   if [ -d /opt/certbot ]; then
     msg_info "Updating Certbot"
-    $STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
+    CERTBOT_PYTHON="/opt/certbot/bin/python"
-    $STD /opt/certbot/bin/pip install --upgrade certbot certbot-dns-cloudflare
+    if ! "$CERTBOT_PYTHON" -m pip --version &>/dev/null; then
+      msg_info "Repairing Certbot pip"
+      $STD "$CERTBOT_PYTHON" -m ensurepip --upgrade
+    fi
+    $STD "$CERTBOT_PYTHON" -m pip install --upgrade pip setuptools wheel
+    $STD "$CERTBOT_PYTHON" -m pip install --upgrade certbot certbot-dns-cloudflare
     msg_ok "Updated Certbot"
   fi
 

ct/plane.sh

@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: onionrings29
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://plane.so | GitHub: https://github.com/makeplane/plane
+
+APP="Plane"
+var_tags="${var_tags:-project-management}"
+var_cpu="${var_cpu:-4}"
+var_ram="${var_ram:-6144}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/plane ]]; then
+    msg_error "No Plane Installation Found!"
+    exit 1
+  fi
+
+  if check_for_gh_release "plane" "makeplane/plane"; then
+    msg_info "Stopping Services"
+    systemctl stop plane-api plane-worker plane-beat plane-live plane-space
+    msg_ok "Stopped Services"
+
+    create_backup /opt/plane/.env \
+        /opt/plane/apps/admin/.env \
+        /opt/plane/apps/api/.env \
+        /opt/plane/apps/space/.env \
+       /opt/plane/apps/web/.env
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "plane" "makeplane/plane" "tarball"
+
+    restore_backup
+
+    msg_info "Rebuilding Frontend (Patience)"
+    cd /opt/plane
+    export NODE_OPTIONS="--max-old-space-size=4096"
+    export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
+    $STD corepack enable pnpm
+    $STD pnpm install --frozen-lockfile
+    $STD pnpm turbo run build --filter=web --filter=admin --filter=space --filter=live
+    msg_ok "Rebuilt Frontend"
+
+    msg_info "Updating Python Dependencies"
+    cd /opt/plane/apps/api
+    export VIRTUAL_ENV=/opt/plane-venv
+    $STD uv pip install --upgrade -r requirements/production.txt
+    msg_ok "Updated Python Dependencies"
+
+    msg_info "Running Migrations"
+    cd /opt/plane/apps/api
+    set -a
+    source /opt/plane/apps/api/.env
+    set +a
+    $STD /opt/plane-venv/bin/python manage.py migrate
+    $STD /opt/plane-venv/bin/python manage.py collectstatic --noinput
+    $STD /opt/plane-venv/bin/python manage.py configure_instance
+    msg_ok "Ran Migrations"
+
+    msg_info "Starting Services"
+    systemctl start plane-api plane-worker plane-beat plane-live plane-space
+    msg_ok "Started Services"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

install/apache-airflow-install.sh

@@ -0,0 +1,141 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/apache/airflow
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  build-essential \
+  libpq-dev \
+  libssl-dev \
+  libffi-dev \
+  python3-dev
+msg_ok "Installed Dependencies"
+
+UV_PYTHON="3.12" setup_uv
+PG_VERSION="16" setup_postgresql
+PG_DB_NAME="airflow" PG_DB_USER="airflow" setup_postgresql_db
+
+msg_info "Installing Apache Airflow"
+AIRFLOW_VERSION="3.2.1"
+mkdir -p /opt/airflow/{dags,logs,plugins}
+cd /opt/airflow
+$STD uv venv --python 3.12
+$STD uv pip install --python /opt/airflow/.venv/bin/python \
+  "apache-airflow[postgres,fab]==${AIRFLOW_VERSION}" \
+  --constraint "https://raw.githubusercontent.com/apache/airflow/constraints-${AIRFLOW_VERSION}/constraints-3.12.txt"
+echo "${AIRFLOW_VERSION}" >~/.airflow
+msg_ok "Installed Apache Airflow"
+
+msg_info "Configuring Application"
+FERNET_KEY=$(/opt/airflow/.venv/bin/python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())")
+SECRET_KEY=$(openssl rand -hex 32)
+ADMIN_PASS=$(openssl rand -base64 12 | tr -dc 'a-zA-Z0-9' | cut -c1-12)
+cat <<EOF >/opt/airflow/.env
+AIRFLOW_HOME=/opt/airflow
+AIRFLOW__DATABASE__SQL_ALCHEMY_CONN=postgresql+psycopg2://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}
+AIRFLOW__CORE__EXECUTOR=LocalExecutor
+AIRFLOW__CORE__FERNET_KEY=${FERNET_KEY}
+AIRFLOW__CORE__DAGS_FOLDER=/opt/airflow/dags
+AIRFLOW__CORE__LOAD_EXAMPLES=false
+AIRFLOW__CORE__AUTH_MANAGER=airflow.providers.fab.auth_manager.fab_auth_manager.FabAuthManager
+AIRFLOW__API__AUTH_BACKENDS=airflow.api.auth.backend.basic_auth,airflow.api.auth.backend.session
+AIRFLOW__WEBSERVER__SECRET_KEY=${SECRET_KEY}
+AIRFLOW__WEBSERVER__BASE_URL=http://${LOCAL_IP}:8080
+AIRFLOW_ADMIN_PASSWORD=${ADMIN_PASS}
+EOF
+set -a && source /opt/airflow/.env && set +a
+$STD /opt/airflow/.venv/bin/airflow db migrate
+$STD /opt/airflow/.venv/bin/airflow users create \
+  --username admin \
+  --firstname Admin \
+  --lastname User \
+  --role Admin \
+  --email admin@example.com \
+  --password "${ADMIN_PASS}"
+msg_ok "Configured Application"
+
+msg_info "Creating Services"
+cat <<EOF >/etc/systemd/system/airflow-api-server.service
+[Unit]
+Description=Apache Airflow API Server
+After=network.target postgresql.service
+
+[Service]
+Type=simple
+User=root
+EnvironmentFile=/opt/airflow/.env
+ExecStart=/opt/airflow/.venv/bin/airflow api-server --port 8080
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/airflow-scheduler.service
+[Unit]
+Description=Apache Airflow Scheduler
+After=network.target postgresql.service
+
+[Service]
+Type=simple
+User=root
+EnvironmentFile=/opt/airflow/.env
+ExecStart=/opt/airflow/.venv/bin/airflow scheduler
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/airflow-dag-processor.service
+[Unit]
+Description=Apache Airflow DAG Processor
+After=network.target postgresql.service
+
+[Service]
+Type=simple
+User=root
+EnvironmentFile=/opt/airflow/.env
+ExecStart=/opt/airflow/.venv/bin/airflow dag-processor
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/airflow-triggerer.service
+[Unit]
+Description=Apache Airflow Triggerer
+After=network.target postgresql.service
+
+[Service]
+Type=simple
+User=root
+EnvironmentFile=/opt/airflow/.env
+ExecStart=/opt/airflow/.venv/bin/airflow triggerer
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now airflow-api-server airflow-scheduler airflow-dag-processor airflow-triggerer
+msg_ok "Created Services"
+
+motd_ssh
+customize
+cleanup_lxc

install/plane-install.sh

@@ -0,0 +1,386 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: onionrings29
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://plane.so
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  nginx \
+  build-essential \
+  libpq-dev \
+  libxml2-dev \
+  libxslt1-dev \
+  libxmlsec1-dev \
+  libxmlsec1-openssl \
+  pkg-config \
+  python3-dev \
+  python3-venv \
+  redis-server \
+  erlang-base \
+  erlang-{asn1,crypto,eldap,ftp,inets,mnesia,os-mon,parsetools} \
+  erlang-{public-key,runtime-tools,snmp,ssl,syntax-tools,tftp,tools,xmerl} \
+  rabbitmq-server
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="24" setup_nodejs
+PG_VERSION="16" setup_postgresql
+PG_DB_NAME="plane" PG_DB_USER="plane" setup_postgresql_db
+
+msg_info "Configuring RabbitMQ"
+RABBITMQ_PASS=$(openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c16)
+$STD rabbitmqctl add_vhost plane
+$STD rabbitmqctl add_user plane "${RABBITMQ_PASS}"
+$STD rabbitmqctl set_permissions -p plane plane ".*" ".*" ".*"
+msg_ok "Configured RabbitMQ"
+
+msg_info "Installing MinIO"
+curl -fsSL https://dl.min.io/server/minio/release/linux-amd64/minio -o /usr/local/bin/minio
+chmod +x /usr/local/bin/minio
+mkdir -p /opt/minio/data
+MINIO_ACCESS_KEY=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c16)
+MINIO_SECRET_KEY=$(openssl rand -base64 36 | tr -dc 'a-zA-Z0-9' | head -c32)
+cat <<EOF >/etc/default/minio
+MINIO_ROOT_USER="${MINIO_ACCESS_KEY}"
+MINIO_ROOT_PASSWORD="${MINIO_SECRET_KEY}"
+MINIO_VOLUMES="/opt/minio/data"
+EOF
+cat <<EOF >/etc/systemd/system/minio.service
+[Unit]
+Description=MinIO Object Storage
+After=network.target
+
+[Service]
+Type=simple
+EnvironmentFile=/etc/default/minio
+ExecStart=/usr/local/bin/minio server \$MINIO_VOLUMES --console-address ":9090"
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now minio
+msg_ok "Installed MinIO"
+
+fetch_and_deploy_gh_release "plane" "makeplane/plane" "tarball"
+
+msg_info "Building Frontend Apps (Patience)"
+cd /opt/plane
+FRONTEND_ENV="VITE_API_BASE_URL=http://${LOCAL_IP}
+VITE_WEB_BASE_URL=http://${LOCAL_IP}
+VITE_ADMIN_BASE_URL=http://${LOCAL_IP}
+VITE_ADMIN_BASE_PATH=/god-mode
+VITE_SPACE_BASE_URL=http://${LOCAL_IP}
+VITE_SPACE_BASE_PATH=/spaces
+VITE_LIVE_BASE_URL=http://${LOCAL_IP}
+VITE_LIVE_BASE_PATH=/live"
+# Each Vite app needs its own .env for the build
+for app in web admin space; do
+  echo "$FRONTEND_ENV" >/opt/plane/apps/${app}/.env
+done
+export NODE_OPTIONS="--max-old-space-size=4096"
+export COREPACK_ENABLE_DOWNLOAD_PROMPT=0
+$STD corepack enable pnpm
+$STD pnpm install --frozen-lockfile
+$STD pnpm turbo run build --filter=web --filter=admin --filter=space --filter=live
+msg_ok "Built Frontend Apps"
+
+msg_info "Setting up Python API"
+setup_uv
+$STD uv venv /opt/plane-venv
+export VIRTUAL_ENV=/opt/plane-venv
+$STD uv pip install -r /opt/plane/apps/api/requirements/production.txt
+msg_ok "Set up Python API"
+
+msg_info "Configuring Plane"
+SECRET_KEY=$(openssl rand -hex 32)
+MACHINE_SIG=$(echo -n "$(hostname)-$(date +%s)" | sha256sum | head -c64)
+LIVE_SECRET=$(openssl rand -hex 16)
+cat <<EOF >/opt/plane/apps/api/.env
+DEBUG=0
+CORS_ALLOWED_ORIGINS=http://${LOCAL_IP}
+
+POSTGRES_USER=plane
+POSTGRES_PASSWORD=${PG_DB_PASS}
+POSTGRES_HOST=localhost
+POSTGRES_DB=plane
+POSTGRES_PORT=5432
+DATABASE_URL=postgresql://plane:${PG_DB_PASS}@localhost:5432/plane
+
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_URL=redis://localhost:6379/
+
+RABBITMQ_HOST=localhost
+RABBITMQ_PORT=5672
+RABBITMQ_USER=plane
+RABBITMQ_PASSWORD=${RABBITMQ_PASS}
+RABBITMQ_VHOST=plane
+AMQP_URL=amqp://plane:${RABBITMQ_PASS}@localhost:5672/plane
+
+AWS_REGION=us-east-1
+AWS_ACCESS_KEY_ID=${MINIO_ACCESS_KEY}
+AWS_SECRET_ACCESS_KEY=${MINIO_SECRET_KEY}
+AWS_S3_ENDPOINT_URL=http://localhost:9000
+AWS_S3_BUCKET_NAME=uploads
+FILE_SIZE_LIMIT=104857600
+
+USE_MINIO=1
+MINIO_ENDPOINT_SSL=0
+SECRET_KEY=${SECRET_KEY}
+MACHINE_SIGNATURE=${MACHINE_SIG}
+
+WEB_URL=http://${LOCAL_IP}
+ADMIN_BASE_URL=http://${LOCAL_IP}
+ADMIN_BASE_PATH=/god-mode
+SPACE_BASE_URL=http://${LOCAL_IP}
+SPACE_BASE_PATH=/spaces
+APP_BASE_URL=http://${LOCAL_IP}
+APP_BASE_PATH=
+LIVE_BASE_URL=http://${LOCAL_IP}
+LIVE_BASE_PATH=/live
+
+GUNICORN_WORKERS=2
+LIVE_SERVER_SECRET_KEY=${LIVE_SECRET}
+API_KEY_RATE_LIMIT=60/minute
+EOF
+cat <<EOF >/opt/plane/.env
+API_BASE_URL=http://localhost:8000
+LIVE_SERVER_SECRET_KEY=${LIVE_SECRET}
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_URL=redis://localhost:6379/
+PORT=3100
+EOF
+msg_ok "Configured Plane"
+
+msg_info "Running Database Migrations"
+cd /opt/plane/apps/api
+set -a
+source /opt/plane/apps/api/.env
+set +a
+$STD /opt/plane-venv/bin/python manage.py migrate
+$STD /opt/plane-venv/bin/python manage.py collectstatic --noinput
+$STD /opt/plane-venv/bin/python manage.py configure_instance
+$STD /opt/plane-venv/bin/python manage.py register_instance "${MACHINE_SIG}"
+msg_ok "Ran Database Migrations"
+
+msg_info "Creating Services and MinIO Bucket"
+curl -fsSL https://dl.min.io/client/mc/release/linux-amd64/mc -o /usr/local/bin/mcli
+chmod +x /usr/local/bin/mcli
+$STD /usr/local/bin/mcli alias set plane http://localhost:9000 "${MINIO_ACCESS_KEY}" "${MINIO_SECRET_KEY}"
+$STD /usr/local/bin/mcli mb plane/uploads --ignore-existing
+$STD /usr/local/bin/mcli anonymous set download plane/uploads
+
+cat <<EOF >/etc/systemd/system/plane-api.service
+[Unit]
+Description=Plane API
+After=network.target postgresql.service redis-server.service rabbitmq-server.service minio.service
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/plane/apps/api
+EnvironmentFile=/opt/plane/apps/api/.env
+ExecStart=/opt/plane-venv/bin/gunicorn -w 2 -k uvicorn.workers.UvicornWorker plane.asgi:application --bind 0.0.0.0:8000 --max-requests 1200 --max-requests-jitter 1000 --access-logfile -
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/plane-worker.service
+[Unit]
+Description=Plane Celery Worker
+After=plane-api.service
+Requires=plane-api.service
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/plane/apps/api
+EnvironmentFile=/opt/plane/apps/api/.env
+ExecStart=/opt/plane-venv/bin/celery -A plane worker -l info
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/plane-beat.service
+[Unit]
+Description=Plane Celery Beat
+After=plane-api.service
+Requires=plane-api.service
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/plane/apps/api
+EnvironmentFile=/opt/plane/apps/api/.env
+ExecStart=/opt/plane-venv/bin/celery -A plane beat -l info
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/plane-live.service
+[Unit]
+Description=Plane Live Server
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/plane
+EnvironmentFile=/opt/plane/.env
+ExecStart=/usr/bin/node apps/live/dist/start.mjs
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+cat <<EOF >/etc/systemd/system/plane-space.service
+[Unit]
+Description=Plane Space Server
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/plane/apps/space
+Environment=PORT=3002
+Environment=NODE_ENV=production
+ExecStart=/opt/plane/apps/space/node_modules/.bin/react-router-serve ./build/server/index.js
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl daemon-reload
+systemctl enable -q --now plane-api plane-worker plane-beat plane-live plane-space
+{
+  echo "RabbitMQ User: plane"
+  echo "RabbitMQ Password: ${RABBITMQ_PASS}"
+  echo "MinIO Access Key: ${MINIO_ACCESS_KEY}"
+  echo "MinIO Secret Key: ${MINIO_SECRET_KEY}"
+  echo "Secret Key: ${SECRET_KEY}"
+  echo "Config: /opt/plane/apps/api/.env"
+} >>~/plane.creds
+msg_ok "Created Services and MinIO Bucket"
+
+msg_info "Configuring Nginx"
+cat <<'EOF' >/etc/nginx/sites-available/plane.conf
+upstream plane-api {
+    server 127.0.0.1:8000;
+}
+
+upstream plane-live {
+    server 127.0.0.1:3100;
+}
+
+upstream plane-space {
+    server 127.0.0.1:3002;
+}
+
+upstream plane-minio {
+    server 127.0.0.1:9000;
+}
+
+server {
+    listen 80 default_server;
+    server_name _;
+    client_max_body_size 100M;
+
+    location /api/ {
+        proxy_pass http://plane-api;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /auth/ {
+        proxy_pass http://plane-api;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /static/ {
+        alias /opt/plane/apps/api/plane/static-assets/collected-static/;
+    }
+
+    location /live/ {
+        proxy_pass http://plane-live;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location = /uploads {
+        proxy_pass http://plane-minio;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location /uploads/ {
+        proxy_pass http://plane-minio;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location /spaces/ {
+        proxy_pass http://plane-space;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /spaces {
+        return 301 /spaces/;
+    }
+
+    location /god-mode/ {
+        alias /opt/plane/apps/admin/build/client/;
+        try_files $uri $uri/ /god-mode/index.html;
+    }
+
+    location /god-mode {
+        return 301 /god-mode/;
+    }
+
+    location / {
+        root /opt/plane/apps/web/build/client;
+        try_files $uri $uri/ /index.html;
+    }
+}
+EOF
+ln -sf /etc/nginx/sites-available/plane.conf /etc/nginx/sites-enabled/plane.conf
+rm -f /etc/nginx/sites-enabled/default
+$STD systemctl reload nginx
+msg_ok "Configured Nginx"
+
+motd_ssh
+customize
+cleanup_lxc