mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-03-29 14:23:00 +02:00
Compare commits
2 Commits
add-script
...
cdn_improv
| Author | SHA1 | Date | |
|---|---|---|---|
|
1aa26290ae | ||
|
|
ef425844ae |
@@ -447,7 +447,6 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
|
||||
|
||||
- #### ✨ New Features
|
||||
|
||||
- core: APT/APK Mirror Fallback for CDN Failures [@MickLesk](https://github.com/MickLesk) ([#13316](https://github.com/community-scripts/ProxmoxVE/pull/13316))
|
||||
- core/tools: replace generic return 1 exit_codes with more specific exit_codes [@MickLesk](https://github.com/MickLesk) ([#13311](https://github.com/community-scripts/ProxmoxVE/pull/13311))
|
||||
|
||||
- #### 🔧 Refactor
|
||||
|
||||
@@ -1,71 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
|
||||
# Copyright (c) 2021-2026 community-scripts ORG
|
||||
# Author: CrazyWolf13
|
||||
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
||||
# Source: https://github.com/tess1o/geopulse
|
||||
|
||||
APP="GeoPulse"
|
||||
var_tags="${var_tags:-location;tracking;gps}"
|
||||
var_cpu="${var_cpu:-2}"
|
||||
var_ram="${var_ram:-1024}"
|
||||
var_disk="${var_disk:-8}"
|
||||
var_os="${var_os:-debian}"
|
||||
var_version="${var_version:-13}"
|
||||
var_unprivileged="${var_unprivileged:-1}"
|
||||
|
||||
header_info "$APP"
|
||||
variables
|
||||
color
|
||||
catch_errors
|
||||
|
||||
function update_script() {
|
||||
header_info
|
||||
check_container_storage
|
||||
check_container_resources
|
||||
|
||||
if [[ ! -f /opt/geopulse/backend/geopulse-backend ]]; then
|
||||
msg_error "No ${APP} Installation Found!"
|
||||
exit
|
||||
fi
|
||||
|
||||
if check_for_gh_release "geopulse-backend" "tess1o/geopulse"; then
|
||||
msg_info "Stopping Service"
|
||||
systemctl stop geopulse-backend
|
||||
msg_ok "Stopped Service"
|
||||
|
||||
if [[ "$(uname -m)" == "aarch64" ]]; then
|
||||
if grep -qi "raspberry\|bcm" /proc/cpuinfo 2>/dev/null; then
|
||||
BINARY_PATTERN="geopulse-backend-native-arm64-compat-*"
|
||||
else
|
||||
BINARY_PATTERN="geopulse-backend-native-arm64-[!c]*"
|
||||
fi
|
||||
else
|
||||
if grep -q avx2 /proc/cpuinfo && grep -q bmi2 /proc/cpuinfo && grep -q fma /proc/cpuinfo; then
|
||||
BINARY_PATTERN="geopulse-backend-native-amd64-[!c]*"
|
||||
else
|
||||
BINARY_PATTERN="geopulse-backend-native-amd64-compat-*"
|
||||
fi
|
||||
fi
|
||||
|
||||
fetch_and_deploy_gh_release "geopulse-backend" "tess1o/geopulse" "singlefile" "latest" "/opt/geopulse/backend" "${BINARY_PATTERN}"
|
||||
fetch_and_deploy_gh_release "geopulse-frontend" "tess1o/geopulse" "prebuild" "latest" "/var/www/geopulse" "geopulse-frontend-*.tar.gz"
|
||||
|
||||
msg_info "Starting Service"
|
||||
systemctl start geopulse-backend
|
||||
msg_ok "Started Service"
|
||||
msg_ok "Updated successfully!"
|
||||
fi
|
||||
exit
|
||||
}
|
||||
|
||||
start
|
||||
build_container
|
||||
description
|
||||
|
||||
msg_ok "Completed Successfully!\n"
|
||||
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
|
||||
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
|
||||
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"
|
||||
echo -e "${INFO}${YW} To create an admin account, run:${CL}"
|
||||
echo -e "${TAB}${BGN}/usr/local/bin/create-geopulse-admin${CL}"
|
||||
@@ -1,205 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Copyright (c) 2021-2026 community-scripts ORG
|
||||
# Author: CrazyWolf13
|
||||
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
||||
# Source: https://github.com/tess1o/geopulse
|
||||
|
||||
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
|
||||
color
|
||||
verb_ip6
|
||||
catch_errors
|
||||
setting_up_container
|
||||
network_check
|
||||
update_os
|
||||
|
||||
msg_info "Installing Dependencies"
|
||||
$STD apt install -y \
|
||||
openssl \
|
||||
nginx
|
||||
msg_ok "Installed Dependencies"
|
||||
|
||||
PG_VERSION="17" PG_MODULES="postgis" setup_postgresql
|
||||
PG_DB_NAME="geopulse" PG_DB_USER="geopulse" PG_DB_EXTENSIONS="postgis,postgis_topology" setup_postgresql_db
|
||||
|
||||
msg_info "Generating Security Keys"
|
||||
mkdir -p /opt/geopulse/{backend,keys}
|
||||
mkdir -p /etc/geopulse /var/www/geopulse /var/lib/geopulse/dumps
|
||||
mkdir -p /var/log/geopulse/{backend,nginx}
|
||||
openssl genpkey -algorithm RSA -out /opt/geopulse/keys/jwt-private-key.pem 2>/dev/null
|
||||
openssl rsa -pubout -in /opt/geopulse/keys/jwt-private-key.pem -out /opt/geopulse/keys/jwt-public-key.pem 2>/dev/null
|
||||
openssl rand -base64 32 >/opt/geopulse/keys/ai-encryption-key.txt
|
||||
chmod 640 /opt/geopulse/keys/jwt-private-key.pem /opt/geopulse/keys/jwt-public-key.pem /opt/geopulse/keys/ai-encryption-key.txt
|
||||
msg_ok "Generated Security Keys"
|
||||
|
||||
if [[ "$(uname -m)" == "aarch64" ]]; then
|
||||
if grep -qi "raspberry\|bcm" /proc/cpuinfo 2>/dev/null; then
|
||||
BINARY_PATTERN="geopulse-backend-native-arm64-compat-*"
|
||||
else
|
||||
BINARY_PATTERN="geopulse-backend-native-arm64-[!c]*"
|
||||
fi
|
||||
else
|
||||
if grep -q avx2 /proc/cpuinfo && grep -q bmi2 /proc/cpuinfo && grep -q fma /proc/cpuinfo; then
|
||||
BINARY_PATTERN="geopulse-backend-native-amd64-[!c]*"
|
||||
else
|
||||
BINARY_PATTERN="geopulse-backend-native-amd64-compat-*"
|
||||
fi
|
||||
fi
|
||||
|
||||
fetch_and_deploy_gh_release "geopulse-backend" "tess1o/geopulse" "singlefile" "latest" "/opt/geopulse/backend" "${BINARY_PATTERN}"
|
||||
fetch_and_deploy_gh_release "geopulse-frontend" "tess1o/geopulse" "prebuild" "latest" "/var/www/geopulse" "geopulse-frontend-*.tar.gz"
|
||||
|
||||
msg_info "Configuring GeoPulse"
|
||||
cat <<EOF >/etc/geopulse/geopulse.env
|
||||
GEOPULSE_PUBLIC_BASE_URL=http://${LOCAL_IP}
|
||||
GEOPULSE_UI_URL=http://${LOCAL_IP}
|
||||
GEOPULSE_CORS_ENABLED=false
|
||||
GEOPULSE_CORS_ORIGINS=
|
||||
QUARKUS_HTTP_PORT=8080
|
||||
GEOPULSE_POSTGRES_URL=jdbc:postgresql://localhost:5432/${PG_DB_NAME}
|
||||
GEOPULSE_POSTGRES_HOST=localhost
|
||||
GEOPULSE_POSTGRES_PORT=5432
|
||||
GEOPULSE_POSTGRES_DB=${PG_DB_NAME}
|
||||
GEOPULSE_POSTGRES_USERNAME=${PG_DB_USER}
|
||||
GEOPULSE_POSTGRES_PASSWORD=${PG_DB_PASS}
|
||||
GEOPULSE_JWT_PRIVATE_KEY_LOCATION=file:/opt/geopulse/keys/jwt-private-key.pem
|
||||
GEOPULSE_JWT_PUBLIC_KEY_LOCATION=file:/opt/geopulse/keys/jwt-public-key.pem
|
||||
GEOPULSE_AI_ENCRYPTION_KEY_LOCATION=file:/opt/geopulse/keys/ai-encryption-key.txt
|
||||
QUARKUS_LOG_FILE_ENABLE=true
|
||||
QUARKUS_LOG_FILE_PATH=/var/log/geopulse/backend/geopulse.log
|
||||
QUARKUS_LOG_FILE_ROTATION_MAX_FILE_SIZE=10M
|
||||
QUARKUS_LOG_FILE_ROTATION_MAX_BACKUP_INDEX=5
|
||||
EOF
|
||||
chmod 640 /etc/geopulse/geopulse.env
|
||||
msg_ok "Configured GeoPulse"
|
||||
|
||||
msg_info "Creating Service"
|
||||
cat <<EOF >/etc/systemd/system/geopulse-backend.service
|
||||
[Unit]
|
||||
Description=GeoPulse Backend
|
||||
After=network.target postgresql.service
|
||||
Wants=postgresql.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=root
|
||||
WorkingDirectory=/opt/geopulse/backend
|
||||
EnvironmentFile=/etc/geopulse/geopulse.env
|
||||
ExecStart=/opt/geopulse/backend/geopulse-backend -Dquarkus.http.host=0.0.0.0 -XX:MaximumHeapSizePercent=70 -XX:MaximumYoungGenerationSizePercent=15
|
||||
Restart=on-failure
|
||||
RestartSec=10
|
||||
StandardOutput=append:/var/log/geopulse/backend/geopulse-stdout.log
|
||||
StandardError=append:/var/log/geopulse/backend/geopulse-stderr.log
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
systemctl enable -q --now geopulse-backend
|
||||
msg_ok "Created Service"
|
||||
|
||||
msg_info "Configuring Nginx"
|
||||
mkdir -p /var/cache/nginx/osm_tiles
|
||||
cat <<'EOF' >/etc/nginx/sites-available/geopulse.conf
|
||||
proxy_cache_path /var/cache/nginx/osm_tiles levels=1:2 keys_zone=osm_cache:100m max_size=10g inactive=30d use_temp_path=off;
|
||||
|
||||
map $uri $osm_subdomain {
|
||||
~^/osm/tiles/a/ "a";
|
||||
~^/osm/tiles/b/ "b";
|
||||
~^/osm/tiles/c/ "c";
|
||||
default "a";
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name _;
|
||||
|
||||
root /var/www/geopulse;
|
||||
index index.html;
|
||||
|
||||
client_max_body_size 100M;
|
||||
|
||||
gzip on;
|
||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||
gzip_comp_level 6;
|
||||
gzip_min_length 1000;
|
||||
|
||||
location ~* ^/(?!osm/).*\.(jpg|jpeg|png|gif|ico|css|js)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, max-age=31536000";
|
||||
}
|
||||
|
||||
location ^~ /osm/tiles/ {
|
||||
resolver 8.8.8.8 valid=300s;
|
||||
resolver_timeout 10s;
|
||||
rewrite ^/osm/tiles/[abc]/(.*)$ /$1 break;
|
||||
proxy_pass https://$osm_subdomain.tile.openstreetmap.org;
|
||||
proxy_cache osm_cache;
|
||||
proxy_cache_key "$scheme$proxy_host$uri";
|
||||
proxy_cache_valid 200 30d;
|
||||
proxy_cache_valid 404 1m;
|
||||
proxy_cache_valid 502 503 504 1m;
|
||||
proxy_ignore_headers Cache-Control Expires Set-Cookie;
|
||||
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
||||
proxy_cache_background_update on;
|
||||
proxy_cache_lock on;
|
||||
proxy_set_header Cookie "";
|
||||
proxy_set_header Authorization "";
|
||||
proxy_set_header User-Agent "GeoPulse/1.0";
|
||||
proxy_set_header Host $osm_subdomain.tile.openstreetmap.org;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
proxy_connect_timeout 10s;
|
||||
proxy_read_timeout 10s;
|
||||
expires 30d;
|
||||
add_header Cache-Control "public, immutable";
|
||||
add_header X-Cache-Status $upstream_cache_status always;
|
||||
}
|
||||
|
||||
location /api/ {
|
||||
proxy_pass http://localhost:8080/api/;
|
||||
proxy_connect_timeout 3600s;
|
||||
proxy_send_timeout 3600s;
|
||||
proxy_read_timeout 3600s;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.html;
|
||||
}
|
||||
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
access_log /var/log/geopulse/nginx/access.log;
|
||||
error_log /var/log/geopulse/nginx/error.log;
|
||||
}
|
||||
EOF
|
||||
ln -sf /etc/nginx/sites-available/geopulse.conf /etc/nginx/sites-enabled/
|
||||
rm -f /etc/nginx/sites-enabled/default
|
||||
systemctl enable -q --now nginx
|
||||
systemctl reload nginx
|
||||
msg_ok "Configured Nginx"
|
||||
|
||||
msg_info "Creating Admin Helper"
|
||||
cat <<'EOF' >/usr/local/bin/create-geopulse-admin
|
||||
#!/usr/bin/env bash
|
||||
read -rp "Enter admin email address: " ADMIN_EMAIL
|
||||
if [[ -z "$ADMIN_EMAIL" ]]; then
|
||||
echo "No email provided. Aborting."
|
||||
exit 1
|
||||
fi
|
||||
sed -i '/^GEOPULSE_ADMIN_EMAIL=/d' /etc/geopulse/geopulse.env
|
||||
echo "GEOPULSE_ADMIN_EMAIL=${ADMIN_EMAIL}" >>/etc/geopulse/geopulse.env
|
||||
systemctl restart geopulse-backend
|
||||
echo "Admin email set to '${ADMIN_EMAIL}'. Register with this email in the GeoPulse UI to receive admin privileges."
|
||||
EOF
|
||||
chmod +x /usr/local/bin/create-geopulse-admin
|
||||
msg_ok "Created Admin Helper"
|
||||
|
||||
motd_ssh
|
||||
customize
|
||||
cleanup_lxc
|
||||
Reference in New Issue
Block a user