Compare commits

..

8 Commits

Author SHA1 Message Date
CanbiZ (MickLesk) 4a097d3655 Refactor localagi.sh for better readability
Removed unnecessary blank lines and improved script readability.
2026-07-10 20:03:22 +02:00
push-app-to-main[bot] de95940f53 Add localagi (ct) 2026-07-10 18:02:44 +00:00
community-scripts-pr-app[bot] f4e0111ac0 Update CHANGELOG.md (#15680)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-07-10 08:57:54 +00:00
push-app-to-main[bot] 2e4558e262 Squid (#15605)
* Add squid (ct)

* Update ct/squid.sh

* Simplify squid.sh by removing proxy user instructions

Removed instructions for adding a proxy user inside the container.

---------

Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
Co-authored-by: Sam Heinz <sam@samheinz.com>
Co-authored-by: CanbiZ (MickLesk) <47820557+MickLesk@users.noreply.github.com>
2026-07-10 10:57:27 +02:00
community-scripts-pr-app[bot] 11139aede7 Update CHANGELOG.md (#15679)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-07-10 08:54:13 +00:00
Slaviša Arežina 6716d8de84 Fireshare: Fix for install and upgrade to v1.7.3 (#15673)
* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Fix install and upgrade to v1.7.3

---------

Co-authored-by: community-scripts-pr-app[bot] <189241966+community-scripts-pr-app[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-07-10 10:53:51 +02:00
community-scripts-pr-app[bot] f1e952005e Update CHANGELOG.md (#15678)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-07-10 08:53:34 +00:00
Slaviša Arežina 89b671880a Endurain: Fix update procedure (#15674)
* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update CHANGELOG.md (#15631)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Fixed update procedure

* ups

---------

Co-authored-by: community-scripts-pr-app[bot] <189241966+community-scripts-pr-app[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-07-10 10:53:04 +02:00
11 changed files with 348 additions and 59 deletions
+13
View File
@@ -499,6 +499,19 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
</details> </details>
## 2026-07-10
### 🆕 New Scripts
- Squid ([#15605](https://github.com/community-scripts/ProxmoxVE/pull/15605))
### 🚀 Updated Scripts
- #### 🐞 Bug Fixes
- Fireshare: Fix for install and upgrade to v1.7.3 [@tremor021](https://github.com/tremor021) ([#15673](https://github.com/community-scripts/ProxmoxVE/pull/15673))
- Endurain: Fix update procedure [@tremor021](https://github.com/tremor021) ([#15674](https://github.com/community-scripts/ProxmoxVE/pull/15674))
## 2026-07-09 ## 2026-07-09
### 🚀 Updated Scripts ### 🚀 Updated Scripts
+4 -13
View File
@@ -34,31 +34,22 @@ function update_script() {
systemctl stop endurain systemctl stop endurain
msg_ok "Stopped Service" msg_ok "Stopped Service"
msg_info "Creating Backup" create_backup /opt/endurain/.env /opt/endurain/frontend/dist/env.js
cp /opt/endurain/.env /opt/endurain.env
cp /opt/endurain/frontend/dist/env.js /opt/endurain.env.js
msg_ok "Created Backup"
CLEAN_INSTALL=1 fetch_and_deploy_codeberg_release "endurain" "endurain-project/endurain" "tarball" "latest" "/opt/endurain" CLEAN_INSTALL=1 fetch_and_deploy_codeberg_release "endurain" "endurain-project/endurain" "tarball" "latest" "/opt/endurain"
msg_info "Preparing Update" msg_info "Preparing Update"
cd /opt/endurain cd /opt/endurain
rm -rf \ rm -rf /opt/endurain/{docs,example.env,screenshot_01.png} /opt/endurain/docker* /opt/endurain/*.yml
/opt/endurain/{docs,example.env,screenshot_01.png} \
/opt/endurain/docker* \
/opt/endurain/*.yml
cp /opt/endurain.env /opt/endurain/.env
rm /opt/endurain.env
msg_ok "Prepared Update" msg_ok "Prepared Update"
msg_info "Updating Frontend" msg_info "Updating Frontend"
cd /opt/endurain/frontend cd /opt/endurain/frontend
$STD npm ci $STD npm ci
$STD npm run build $STD npm run build
cp /opt/endurain.env.js /opt/endurain/frontend/dist/env.js
rm /opt/endurain.env.js
msg_ok "Updated Frontend" msg_ok "Updated Frontend"
restore_backup
msg_info "Updating Backend" msg_info "Updating Backend"
cd /opt/endurain/backend cd /opt/endurain/backend
UV_VERSION=$(grep -Po 'required-version\s*=\s*"\K[^"]+' pyproject.toml 2>/dev/null || echo "0.11.18") UV_VERSION=$(grep -Po 'required-version\s*=\s*"\K[^"]+' pyproject.toml 2>/dev/null || echo "0.11.18")
+14 -7
View File
@@ -35,12 +35,22 @@ function update_script() {
systemctl stop fireshare systemctl stop fireshare
msg_ok "Stopped Service" msg_ok "Stopped Service"
mv /opt/fireshare/fireshare.env /opt create_backup /opt/fireshare/fireshare.env
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "fireshare" "ShaneIsrael/fireshare" "tarball" CLEAN_INSTALL=1 fetch_and_deploy_gh_release "fireshare" "ShaneIsrael/fireshare" "tarball"
mv /opt/fireshare.env /opt/fireshare restore_backup
rm -f /usr/local/bin/fireshare rm -f /usr/local/bin/fireshare
msg_info "Updating Fireshare" if ! grep -q "__FIRESHARE_PORT__" /etc/nginx/nginx.conf; then
cp /opt/fireshare/app/nginx/prod.conf /etc/nginx/nginx.conf
sed -i 's|root /processed/|root /opt/fireshare-processed/|g' /etc/nginx/nginx.conf
sed -i 's/^user[[:space:]]\+nginx;/user root;/' /etc/nginx/nginx.conf
sed -i 's|root[[:space:]]\+/app/build;|root /opt/fireshare/app/client/build;|' /etc/nginx/nginx.conf
sed -i 's/__FIRESHARE_PORT__/80/g' /etc/nginx/nginx.conf
cp /opt/fireshare/app/nginx/error.html /etc/nginx/
cp /opt/fireshare/app/nginx/api_unavailable.html /etc/nginx/
fi
msg_info "Configuring Fireshare"
cd /opt/fireshare cd /opt/fireshare
$STD uv venv --clear $STD uv venv --clear
$STD .venv/bin/python -m ensurepip --upgrade $STD .venv/bin/python -m ensurepip --upgrade
@@ -53,13 +63,10 @@ function update_script() {
export VIDEO_DIRECTORY=/opt/fireshare-videos export VIDEO_DIRECTORY=/opt/fireshare-videos
export PROCESSED_DIRECTORY=/opt/fireshare-processed export PROCESSED_DIRECTORY=/opt/fireshare-processed
$STD uv run flask db upgrade $STD uv run flask db upgrade
msg_info "Building Fireshare Client"
cd /opt/fireshare/app/client cd /opt/fireshare/app/client
$STD npm install $STD npm install
$STD npm run build $STD npm run build
msg_ok "Built Fireshare Client" msg_ok "Configured Fireshare"
msg_ok "Updated Fireshare"
msg_info "Starting Service" msg_info "Starting Service"
systemctl start fireshare systemctl start fireshare
+6
View File
@@ -0,0 +1,6 @@
__ _____ __________
/ / ____ _________ _/ / | / ____/ _/
/ / / __ \/ ___/ __ `/ / /| |/ / __ / /
/ /___/ /_/ / /__/ /_/ / / ___ / /_/ // /
/_____/\____/\___/\__,_/_/_/ |_\____/___/
+6
View File
@@ -0,0 +1,6 @@
_____ _ __
/ ___/____ ___ __(_)___/ /
\__ \/ __ `/ / / / / __ /
___/ / /_/ / /_/ / / /_/ /
/____/\__, /\__,_/_/\__,_/
/_/
+67
View File
@@ -0,0 +1,67 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: BillyOutlast
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/mudler/LocalAGI
APP="LocalAGI"
var_tags="${var_tags:-ai}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-4096}"
var_disk="${var_disk:-20}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_arm64="${var_arm64:-no}"
var_unprivileged="${var_unprivileged:-1}"
var_gpu="${var_gpu:-no}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -d /opt/localagi ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
if check_for_gh_release "localagi" "mudler/LocalAGI"; then
msg_info "Stopping Service"
systemctl stop localagi
msg_ok "Stopped Service"
create_backup /opt/localagi/.env
CLEAN_INSTALL=1 fetch_and_deploy_gh_release "localagi" "mudler/LocalAGI" "tarball" "latest" "/opt/localagi"
restore_backup
msg_info "Building LocalAGI"
cd /opt/localagi/webui/react-ui
$STD bun install
$STD bun run build
cd /opt/localagi
$STD go build -o /usr/local/bin/localagi
msg_ok "Updated LocalAGI successfully"
msg_info "Starting Service"
systemctl start localagi
msg_ok "Started Service"
msg_ok "Updated successfully!"
exit
fi
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW}Access it using the following URL:${CL}"
echo -e "${GATEWAY}${BGN}http://${IP}:3000${CL}"
+53
View File
@@ -0,0 +1,53 @@
#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: 007hacky007
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://www.squid-cache.org/
APP="Squid"
var_tags="${var_tags:-proxy}"
var_cpu="${var_cpu:-1}"
var_ram="${var_ram:-512}"
var_disk="${var_disk:-4}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_arm64="${var_arm64:-yes}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -f /etc/squid/squid.conf ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
msg_info "Updating Squid"
$STD apt update
$STD apt upgrade -y
msg_ok "Updated Squid"
msg_info "Validating Squid Configuration"
$STD squid -k parse
msg_ok "Validated Squid Configuration"
msg_info "Restarting Squid"
systemctl restart squid
msg_ok "Restarted Squid"
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Proxy endpoint:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}${IP}:3128${CL}"
+3
View File
@@ -141,6 +141,9 @@ cp /opt/fireshare/app/nginx/prod.conf /etc/nginx/nginx.conf
sed -i 's|root /processed/|root /opt/fireshare-processed/|g' /etc/nginx/nginx.conf sed -i 's|root /processed/|root /opt/fireshare-processed/|g' /etc/nginx/nginx.conf
sed -i 's/^user[[:space:]]\+nginx;/user root;/' /etc/nginx/nginx.conf sed -i 's/^user[[:space:]]\+nginx;/user root;/' /etc/nginx/nginx.conf
sed -i 's|root[[:space:]]\+/app/build;|root /opt/fireshare/app/client/build;|' /etc/nginx/nginx.conf sed -i 's|root[[:space:]]\+/app/build;|root /opt/fireshare/app/client/build;|' /etc/nginx/nginx.conf
sed -i 's/__FIRESHARE_PORT__/80/g' /etc/nginx/nginx.conf
cp /opt/fireshare/app/nginx/error.html /etc/nginx/
cp /opt/fireshare/app/nginx/api_unavailable.html /etc/nginx/
systemctl start nginx systemctl start nginx
cat <<EOF >~/fireshare.creds cat <<EOF >~/fireshare.creds
+75
View File
@@ -0,0 +1,75 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: BillyOutlast
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/mudler/LocalAGI
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
APP="LocalAGI"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y build-essential
msg_ok "Installed Dependencies"
NODE_VERSION="24" setup_nodejs
setup_go
msg_info "Installing Bun"
export BUN_INSTALL="/root/.bun"
curl -fsSL https://bun.sh/install | $STD bash
ln -sf /root/.bun/bin/bun /usr/local/bin/bun
ln -sf /root/.bun/bin/bunx /usr/local/bin/bunx
msg_ok "Installed Bun"
fetch_and_deploy_gh_release "localagi" "mudler/LocalAGI" "tarball" "latest" "/opt/localagi"
msg_info "Configuring LocalAGI"
mkdir -p /opt/localagi/pool
cat <<'EOF' >/opt/localagi/.env
LOCALAGI_MODEL=gemma-3-4b-it-qat
LOCALAGI_MULTIMODAL_MODEL=moondream2-20250414
LOCALAGI_IMAGE_MODEL=sd-1.5-ggml
LOCALAGI_LLM_API_URL=http://127.0.0.1:11434/v1
LOCALAGI_STATE_DIR=/opt/localagi/pool
EOF
msg_ok "Configured LocalAGI"
msg_info "Setting up LocalAGI"
cd /opt/localagi/webui/react-ui
$STD bun install
$STD bun run build
cd /opt/localagi
$STD go build -o /usr/local/bin/localagi
msg_ok "Set up LocalAGI"
msg_info "Creating LocalAGI systemd service"
cat <<EOF >/etc/systemd/system/localagi.service
[Unit]
Description=LocalAGI
After=network.target
[Service]
User=root
Type=simple
EnvironmentFile=/opt/localagi/.env
WorkingDirectory=/opt/localagi
ExecStart=/usr/local/bin/localagi
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now localagi
msg_ok "Created LocalAGI systemd service"
motd_ssh
customize
cleanup_lxc
+88
View File
@@ -0,0 +1,88 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: 007hacky007
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://www.squid-cache.org/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Configuring Squid"
mkdir -p /etc/squid
cat <<EOF >/etc/squid/squid.conf
acl localnet src 0.0.0.1-0.255.255.255
acl localnet src 10.0.0.0/8
acl localnet src 100.64.0.0/10
acl localnet src 169.254.0.0/16
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl localnet src fc00::/7
acl localnet src fe80::/10
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\\?) 0 0% 0
refresh_pattern . 0 20% 4320
# Privacy / hardening
httpd_suppress_version_string on
visible_hostname $(hostname)
forwarded_for delete
request_header_access X-Forwarded-For deny all
EOF
msg_ok "Configured Squid"
msg_info "Installing Dependencies"
$STD apt install -y \
squid \
apache2-utils
msg_ok "Installed Dependencies"
msg_info "Configuring Squid Authentication"
touch /etc/squid/passwords
chown proxy:proxy /etc/squid/passwords
chmod 640 /etc/squid/passwords
$STD squid -k parse
msg_ok "Configured Squid Authentication"
msg_info "Starting Service"
systemctl enable -q --now squid
msg_ok "Started Service"
motd_ssh
customize
cleanup_lxc
+19 -39
View File
@@ -36,10 +36,6 @@
# #
# ============================================================================== # ==============================================================================
# Guard against double-sourcing (core.func uses the same pattern)
[[ -n "${_TOOLS_FUNC_LOADED:-}" ]] && return 0
_TOOLS_FUNC_LOADED=1
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Debug helper - outputs to stderr when TOOLS_DEBUG is enabled # Debug helper - outputs to stderr when TOOLS_DEBUG is enabled
# Usage: debug_log "message" # Usage: debug_log "message"
@@ -95,17 +91,16 @@ curl_with_retry() {
while [[ $attempt -le $retries ]]; do while [[ $attempt -le $retries ]]; do
debug_log "curl attempt $attempt/$retries: $url" debug_log "curl attempt $attempt/$retries: $url"
# Build curl command as array to avoid command injection via extra_opts local curl_cmd="curl -fsSL --connect-timeout $connect_timeout --max-time $timeout"
local -a curl_args=(curl -fsSL --connect-timeout "$connect_timeout" --max-time "$timeout") [[ -n "$extra_opts" ]] && curl_cmd="$curl_cmd $extra_opts"
[[ -n "$extra_opts" ]] && read -ra _extra <<<"$extra_opts" && curl_args+=("${_extra[@]}")
if [[ "$output" == "-" ]]; then if [[ "$output" == "-" ]]; then
if "${curl_args[@]}" "$url"; then if $curl_cmd "$url"; then
success=true success=true
break break
fi fi
else else
if "${curl_args[@]}" -o "$output" "$url"; then if $curl_cmd -o "$output" "$url"; then
success=true success=true
break break
fi fi
@@ -158,16 +153,15 @@ curl_api_with_retry() {
while [[ $attempt -le $retries ]]; do while [[ $attempt -le $retries ]]; do
debug_log "curl API attempt $attempt/$retries: $url" debug_log "curl API attempt $attempt/$retries: $url"
# Build curl command as array to avoid command injection via extra_opts local curl_cmd="curl -fsSL --connect-timeout $connect_timeout --max-time $timeout -w '%{http_code}'"
local -a curl_args=(curl -fsSL --connect-timeout "$connect_timeout" --max-time "$timeout" -w '%{http_code}') [[ -n "$extra_opts" ]] && curl_cmd="$curl_cmd $extra_opts"
[[ -n "$extra_opts" ]] && read -ra _extra <<<"$extra_opts" && curl_args+=("${_extra[@]}")
if [[ -n "$body_file" ]]; then if [[ -n "$body_file" ]]; then
http_code=$("${curl_args[@]}" -o "$body_file" "$url" 2>/dev/null) || true http_code=$($curl_cmd -o "$body_file" "$url" 2>/dev/null) || true
else else
# Capture body and http_code separately # Capture body and http_code separately
local tmp_body="/tmp/curl_api_body_$$" local tmp_body="/tmp/curl_api_body_$$"
http_code=$("${curl_args[@]}" -o "$tmp_body" "$url" 2>/dev/null) || true http_code=$($curl_cmd -o "$tmp_body" "$url" 2>/dev/null) || true
if [[ -f "$tmp_body" ]]; then if [[ -f "$tmp_body" ]]; then
cat "$tmp_body" cat "$tmp_body"
rm -f "$tmp_body" rm -f "$tmp_body"
@@ -310,10 +304,7 @@ edit_yaml_config() {
return 1 return 1
fi fi
# Escape sed metacharacters in value (| and &) to prevent injection sed -i "s|^\([[:space:]]*${key}[[:space:]]*:\).*|\1 ${value}|" "$file"
local escaped_value="${value//|/\\|}"
escaped_value="${escaped_value//&/\\&}"
sed -i "s|^\([[:space:]]*${key}[[:space:]]*:\).*|\1 ${escaped_value}|" "$file"
} }
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
@@ -1696,6 +1687,10 @@ is_ubuntu() {
[[ "$(get_os_info id)" == "ubuntu" ]] [[ "$(get_os_info id)" == "ubuntu" ]]
} }
is_alpine() {
[[ "$(get_os_info id)" == "alpine" ]]
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Get Debian/Ubuntu major version # Get Debian/Ubuntu major version
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
@@ -2459,10 +2454,8 @@ start_timer() {
end_timer() { end_timer() {
local start_time="$1" local start_time="$1"
local label="${2:-Operation}" local label="${2:-Operation}"
local end_time local end_time=$(date +%s)
end_time=$(date +%s)
local duration=$((end_time - start_time)) local duration=$((end_time - start_time))
echo "${label} took ${duration}s"
} }
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
@@ -6753,16 +6746,9 @@ setup_mariadb_db() {
msg_info "Setting up MariaDB Database" msg_info "Setting up MariaDB Database"
# Use --defaults-extra-file to pass credentials safely and escape identifiers $STD mariadb -u root -e "CREATE DATABASE \`$MARIADB_DB_NAME\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
# to prevent SQL injection via DB name / user / password $STD mariadb -u root -e "CREATE USER '$MARIADB_DB_USER'@'localhost' IDENTIFIED BY '$MARIADB_DB_PASS';"
local _db_escaped _user_escaped _pass_escaped $STD mariadb -u root -e "GRANT ALL ON \`$MARIADB_DB_NAME\`.* TO '$MARIADB_DB_USER'@'localhost';"
_db_escaped="${MARIADB_DB_NAME//\'/\'\'}"
_user_escaped="${MARIADB_DB_USER//\'/\'\'}"
_pass_escaped="${MARIADB_DB_PASS//\'/\'\'}"
$STD mariadb -u root -e "CREATE DATABASE \`$_db_escaped\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
$STD mariadb -u root -e "CREATE USER '$_user_escaped'@'localhost' IDENTIFIED BY '$_pass_escaped';"
$STD mariadb -u root -e "GRANT ALL ON \`$_db_escaped\`.* TO '$_user_escaped'@'localhost';"
# Optional extra grants # Optional extra grants
if [[ -n "${MARIADB_DB_EXTRA_GRANTS:-}" ]]; then if [[ -n "${MARIADB_DB_EXTRA_GRANTS:-}" ]]; then
@@ -8392,14 +8378,8 @@ setup_postgresql_db() {
fi fi
msg_info "Setting up PostgreSQL Database" msg_info "Setting up PostgreSQL Database"
# Escape single quotes in identifiers to prevent SQL injection $STD sudo -u postgres psql -c "CREATE ROLE $PG_DB_USER WITH LOGIN PASSWORD '$PG_DB_PASS';"
local _pg_user_escaped _pg_pass_escaped _pg_db_escaped $STD sudo -u postgres psql -c "CREATE DATABASE $PG_DB_NAME WITH OWNER $PG_DB_USER ENCODING 'UTF8' TEMPLATE template0;"
_pg_user_escaped="${PG_DB_USER//\'/\'\'}"
_pg_pass_escaped="${PG_DB_PASS//\'/\'\'}"
_pg_db_escaped="${PG_DB_NAME//\'/\'\'}"
$STD sudo -u postgres psql -c "CREATE ROLE $_pg_user_escaped WITH LOGIN PASSWORD '$_pg_pass_escaped';"
$STD sudo -u postgres psql -c "CREATE DATABASE $_pg_db_escaped WITH OWNER $_pg_user_escaped ENCODING 'UTF8' TEMPLATE template0;"
# Configure pg_cron database BEFORE creating the extension (must be set before pg_cron loads) # Configure pg_cron database BEFORE creating the extension (must be set before pg_cron loads)
if [[ -n "${PG_DB_EXTENSIONS:-}" ]] && [[ ",${PG_DB_EXTENSIONS//[[:space:]]/}," == *",pg_cron,"* ]]; then if [[ -n "${PG_DB_EXTENSIONS:-}" ]] && [[ ",${PG_DB_EXTENSIONS//[[:space:]]/}," == *",pg_cron,"* ]]; then