Delete ct/headers/verdaccio

This reverts commit a7a6d5dd17.

CHANGELOG.md

@@ -442,22 +442,6 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
-## 2026-04-15
-
-### 🆕 New Scripts
-
-  - Revert "Remove low-install-count CT scripts and installers (#13570)" [@CrazyWolf13](https://github.com/CrazyWolf13) ([#13752](https://github.com/community-scripts/ProxmoxVE/pull/13752))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Domain Monitor: Fix file ownership after update [@tremor021](https://github.com/tremor021) ([#13759](https://github.com/community-scripts/ProxmoxVE/pull/13759))
-
-  - #### 💥 Breaking Changes
-
-    - Reitti: refactor scripts for v4 - remove RabbitMQ and Photon [@MickLesk](https://github.com/MickLesk) ([#13728](https://github.com/community-scripts/ProxmoxVE/pull/13728))
-
 ## 2026-04-14
 
 ### 🚀 Updated Scripts

ct/domain-monitor.sh

@@ -34,7 +34,7 @@ function update_script() {
   fi
 
   if ! grep -Fq "www-data /usr/bin/php /opt/domain-monitor/cron/check_domains.php" /etc/crontab; then
-    echo "0 0 * * * www-data /usr/bin/php /opt/domain-monitor/cron/check_domains.php" >>/etc/crontab
+    echo "0 0 * * * www-data /usr/bin/php /opt/domain-monitor/cron/check_domains.php" >> /etc/crontab
   fi
 
   if check_for_gh_release "domain-monitor" "Hosteroid/domain-monitor"; then
@@ -52,7 +52,6 @@ function update_script() {
     msg_info "Updating Domain Monitor"
     cd /opt/domain-monitor
     $STD composer install
-    chown -R www-data:www-data /opt/domain-monitor
     msg_ok "Updated Domain Monitor"
 
     msg_info "Restoring backup"

ct/github-runner.sh

@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/actions/runner
-
-APP="GitHub-Runner"
-var_tags="${var_tags:-ci}"
-var_cpu="${var_cpu:-2}"
-var_ram="${var_ram:-2048}"
-var_disk="${var_disk:-8}"
-var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
-var_unprivileged="${var_unprivileged:-1}"
-var_nesting="${var_nesting:-1}"
-var_keyctl="${var_keyctl:-1}"
-
-header_info "$APP"
-variables
-color
-catch_errors
-
-function update_script() {
-  header_info
-  check_container_storage
-  check_container_resources
-
-  if [[ ! -f /opt/actions-runner/run.sh ]]; then
-    msg_error "No ${APP} Installation Found!"
-    exit 1
-  fi
-
-  if check_for_gh_release "actions-runner" "actions/runner"; then
-    msg_info "Stopping Service"
-    systemctl stop actions-runner
-    msg_ok "Stopped Service"
-
-    msg_info "Backing up runner configuration"
-    BACKUP_DIR="/opt/actions-runner.backup"
-    mkdir -p "$BACKUP_DIR"
-    for f in .runner .credentials .credentials_rsaparams .env .path; do
-      [[ -f /opt/actions-runner/$f ]] && cp -a /opt/actions-runner/$f "$BACKUP_DIR/"
-    done
-    msg_ok "Backed up configuration"
-
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "actions-runner" "actions/runner" "prebuild" "latest" "/opt/actions-runner" "actions-runner-linux-x64-*.tar.gz"
-
-    msg_info "Restoring runner configuration"
-    for f in .runner .credentials .credentials_rsaparams .env .path; do
-      [[ -f "$BACKUP_DIR/$f" ]] && cp -a "$BACKUP_DIR/$f" /opt/actions-runner/
-    done
-    rm -rf "$BACKUP_DIR"
-    msg_ok "Restored configuration"
-
-    msg_info "Starting Service"
-    systemctl start actions-runner
-    msg_ok "Started Service"
-    msg_ok "Updated successfully!"
-  fi
-  exit
-}
-
-start
-build_container
-description
-
-msg_ok "Completed successfully!\n"
-echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
-echo -e "${INFO}${YW} After first boot, run config.sh with your token and start the service.${CL}"

ct/headers/github-runner

@@ -1,6 +0,0 @@
-   _______ __  __  __      __          ____                             
-  / ____(_) /_/ / / /_  __/ /_        / __ \__  ______  ____  ___  _____
- / / __/ / __/ /_/ / / / / __ \______/ /_/ / / / / __ \/ __ \/ _ \/ ___/
-/ /_/ / / /_/ __  / /_/ / /_/ /_____/ _, _/ /_/ / / / / / / /  __/ /    
-\____/_/\__/_/ /_/\__,_/_.___/     /_/ |_|\__,_/_/ /_/_/ /_/\___/_/     
-                                                                        

ct/reitti.sh

@@ -37,136 +37,39 @@ function update_script() {
     fi
   fi
 
-  # Migrate v3 -> v4: Remove RabbitMQ (no longer required) / Photon / Spring Settings
-  if systemctl is-enabled --quiet rabbitmq-server 2>/dev/null; then
-    msg_info "Migrating to v4: Removing RabbitMQ"
-    systemctl stop rabbitmq-server
-    systemctl disable rabbitmq-server
-    $STD apt-get purge -y rabbitmq-server erlang-base
-    $STD apt-get autoremove -y
-    msg_ok "Removed RabbitMQ"
+  if [ ! -d /var/cache/nginx/tiles ]; then
+    msg_info "Installing Nginx Tile Cache"
+    mkdir -p /var/cache/nginx/tiles
+    $STD apt install -y nginx
+    cat <<EOF >/etc/nginx/nginx.conf
+user www-data;
+
+events {
+  worker_connections 1024;
+}
+http {
+  proxy_cache_path /var/cache/nginx/tiles levels=1:2 keys_zone=tiles:10m max_size=1g inactive=30d use_temp_path=off;
+  server {
+    listen 80;
+    location / {
+      proxy_pass https://tile.openstreetmap.org/;
+      proxy_set_header Host tile.openstreetmap.org;
+      proxy_set_header User-Agent "Reitti/1.0";
+      proxy_cache tiles;
+      proxy_cache_valid 200 30d;
+      proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+    }
+  }
+}
+EOF
+    chown -R www-data:www-data /var/cache/nginx
+    chmod -R 750 /var/cache/nginx
+    systemctl restart nginx
+    echo "reitti.ui.tiles.cache.url=http://127.0.0.1" >> /opt/reitti/application.properties
+    systemctl restart reitti
+    msg_info "Installed Nginx Tile Cache"
   fi
-
-  if systemctl is-enabled --quiet photon 2>/dev/null; then
-    msg_info "Migrating to v4: Removing Photon service"
-    systemctl stop photon
-    systemctl disable photon
-    rm -f /etc/systemd/system/photon.service
-    systemctl daemon-reload
-    msg_ok "Removed Photon service"
-  fi
-
-  if grep -q "spring.rabbitmq\|PHOTON_BASE_URL\|PROCESSING_WAIT_TIME\|DANGEROUS_LIFE" /opt/reitti/application.properties 2>/dev/null; then
-    msg_info "Migrating to v4: Rewriting application.properties"
-    local DB_URL DB_USER DB_PASS
-    DB_URL=$(grep '^spring.datasource.url=' /opt/reitti/application.properties | cut -d'=' -f2-)
-    DB_USER=$(grep '^spring.datasource.username=' /opt/reitti/application.properties | cut -d'=' -f2-)
-    DB_PASS=$(grep '^spring.datasource.password=' /opt/reitti/application.properties | cut -d'=' -f2-)
-    cp /opt/reitti/application.properties /opt/reitti/application.properties.bak
-    cat <<PROPEOF >/opt/reitti/application.properties
-# Server configuration
-server.port=8080
-server.servlet.context-path=/
-server.forward-headers-strategy=framework
-server.compression.enabled=true
-server.compression.min-response-size=1024
-server.compression.mime-types=text/plain,application/json
-
-# Logging configuration
-logging.level.root=INFO
-logging.level.org.hibernate.engine.jdbc.spi.SqlExceptionHelper=FATAL
-logging.level.com.dedicatedcode.reitti=INFO
-
-# Internationalization
-spring.messages.basename=messages
-spring.messages.encoding=UTF-8
-spring.messages.cache-duration=3600
-spring.messages.fallback-to-system-locale=false
-
-# PostgreSQL configuration
-spring.datasource.url=${DB_URL}
-spring.datasource.username=${DB_USER}
-spring.datasource.password=${DB_PASS}
-spring.datasource.hikari.maximum-pool-size=20
-
-# Redis configuration
-spring.data.redis.host=127.0.0.1
-spring.data.redis.port=6379
-spring.data.redis.username=
-spring.data.redis.password=
-spring.data.redis.database=0
-spring.cache.redis.key-prefix=
-
-spring.cache.cache-names=processed-visits,significant-places,users,magic-links,configurations,transport-mode-configs,avatarThumbnails,avatarData,user-settings
-spring.cache.redis.time-to-live=1d
-
-# Upload configuration
-spring.servlet.multipart.max-file-size=5GB
-spring.servlet.multipart.max-request-size=5GB
-server.tomcat.max-part-count=100
-
-# Rqueue configuration
-rqueue.web.enable=false
-rqueue.job.enabled=false
-rqueue.message.durability.in-terminal-state=0
-rqueue.key.prefix=\${spring.cache.redis.key-prefix}
-rqueue.message.converter.provider.class=com.dedicatedcode.reitti.config.RQueueCustomMessageConverter
-
-# Application-specific settings
-reitti.server.advertise-uri=
-
-reitti.security.local-login.disable=false
-
-# OIDC / Security Settings
-reitti.security.oidc.enabled=false
-reitti.security.oidc.registration.enabled=false
-
-reitti.import.batch-size=10000
-reitti.import.processing-idle-start-time=10
-
-reitti.geo-point-filter.max-speed-kmh=1000
-reitti.geo-point-filter.max-accuracy-meters=100
-reitti.geo-point-filter.history-lookback-hours=24
-reitti.geo-point-filter.window-size=50
-
-reitti.process-data.schedule=0 */10 * * * *
-reitti.process-data.refresh-views.schedule=0 0 4 * * *
-reitti.imports.schedule=0 5/10 * * * *
-reitti.imports.owntracks-recorder.schedule=\${reitti.imports.schedule}
-
-# Geocoding service configuration
-reitti.geocoding.max-errors=10
-reitti.geocoding.photon.base-url=
-
-# Tiles Configuration
-reitti.ui.tiles.cache.url=http://127.0.0.1
-reitti.ui.tiles.default.service=https://tile.openstreetmap.org/{z}/{x}/{y}.png
-reitti.ui.tiles.default.attribution=&copy; <a href="https://www.openstreetmap.org/copyright">OpenStreetMap</a> contributors
-
-# Data management configuration
-reitti.data-management.enabled=false
-reitti.data-management.preview-cleanup.cron=0 0 4 * * *
-
-reitti.storage.path=data/
-reitti.storage.cleanup.cron=0 0 4 * * *
-
-# Location data density normalization
-reitti.location.density.target-points-per-minute=4
-
-# Logging buffer
-reitti.logging.buffer-size=1000
-reitti.logging.max-buffer-size=10000
-
-spring.config.import=optional:oidc.properties
-PROPEOF
-    # Update reitti.service dependencies
-    if [[ -f /etc/systemd/system/reitti.service ]]; then
-      sed -i 's/ rabbitmq-server\.service//g; s/ photon\.service//g' /etc/systemd/system/reitti.service
-      systemctl daemon-reload
-    fi
-    msg_ok "Rewrote application.properties (backup: application.properties.bak)"
-  fi
-
+  
   if check_for_gh_release "reitti" "dedicatedcode/reitti"; then
     msg_info "Stopping Service"
     systemctl stop reitti
@@ -180,6 +83,55 @@ PROPEOF
 
     msg_info "Starting Service"
     systemctl start reitti
+    chown -R www-data:www-data /var/cache/nginx
+    chmod -R 750 /var/cache/nginx
+    systemctl restart nginx
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  
+  if check_for_gh_release "photon" "komoot/photon"; then
+    if [[ -f "$HOME/.photon" ]] && [[ "$(cat "$HOME/.photon")" == 0.7 ]]; then
+      CURRENT_VERSION="$(<"$HOME/.photon")"
+      echo
+      echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+      echo "Photon v1 upgrade detected (breaking change)"
+      echo
+      echo "Your current version: $CURRENT_VERSION"
+      echo
+      echo "Photon v1 requires a manual migration before updating."
+      echo
+      echo "You need to:"
+      echo "  1. Remove existing geocoding data (not actual reitti data):"
+      echo "     rm -rf /opt/photon_data"
+      echo
+      echo "  2. Follow the inial setup guide again:"
+      echo "     https://github.com/community-scripts/ProxmoxVE/discussions/8737"
+      echo
+      echo "  3. Re-download and import Photon data for v1"
+      echo
+      read -rp "Do you want to continue anyway? (y/N): " CONTINUE
+      echo
+        
+      if [[ ! "$CONTINUE" =~ ^[Yy]$ ]]; then
+        msg_info "Migration required. Update cancelled."
+        exit 0
+      fi
+        
+      msg_warn "Continuing without migration may break Photon in the future!"
+    fi
+  
+    msg_info "Stopping Service"
+    systemctl stop photon
+    msg_ok "Stopped Service"
+
+    rm -f /opt/photon/photon.jar
+    USE_ORIGINAL_FILENAME="true" fetch_and_deploy_gh_release "photon" "komoot/photon" "singlefile" "latest" "/opt/photon" "photon-*.jar"
+    mv /opt/photon/photon-*.jar /opt/photon/photon.jar
+
+    msg_info "Starting Service"
+    systemctl start photon
+    systemctl restart nginx
     msg_ok "Started Service"
     msg_ok "Updated successfully!"
   fi

install/github-runner-install.sh

@@ -1,58 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://docs.github.com/en/actions/hosting-your-own-runners
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt install -y \
-  git \
-  gh
-msg_ok "Installed Dependencies"
-
-NODE_VERSION="24" setup_nodejs
-
-msg_info "Creating runner user (no sudo)"
-useradd -m -s /bin/bash runner
-msg_ok "Runner user ready"
-
-fetch_and_deploy_gh_release "actions-runner" "actions/runner" "prebuild" "latest" "/opt/actions-runner" "actions-runner-linux-x64-*.tar.gz"
-
-msg_info "Setting ownership for runner user"
-chown -R runner:runner /opt/actions-runner
-msg_ok "Ownership set"
-
-msg_info "Creating Service"
-cat <<EOF >/etc/systemd/system/actions-runner.service
-[Unit]
-Description=GitHub Actions self-hosted runner
-Documentation=https://docs.github.com/en/actions/hosting-your-own-runners
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-Type=simple
-User=runner
-WorkingDirectory=/opt/actions-runner
-ExecStart=/opt/actions-runner/run.sh
-Restart=on-failure
-RestartSec=10
-
-[Install]
-WantedBy=multi-user.target
-EOF
-systemctl enable -q actions-runner
-msg_ok "Created Service"
-
-motd_ssh
-customize
-cleanup_lxc

install/reitti-install.sh

@@ -16,6 +16,7 @@ update_os
 msg_info "Installing Dependencies"
 $STD apt install -y \
   redis-server \
+  rabbitmq-server \
   libpq-dev \
   zstd \
   nginx
@@ -25,8 +26,26 @@ JAVA_VERSION="25" setup_java
 PG_VERSION="17" PG_MODULES="postgis" setup_postgresql
 PG_DB_NAME="reitti_db" PG_DB_USER="reitti" PG_DB_EXTENSIONS="postgis" setup_postgresql_db
 
+msg_info "Configuring RabbitMQ"
+RABBIT_USER="reitti"
+RABBIT_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
+RABBIT_VHOST="/"
+$STD rabbitmqctl add_user "$RABBIT_USER" "$RABBIT_PASS"
+$STD rabbitmqctl add_vhost "$RABBIT_VHOST"
+$STD rabbitmqctl set_permissions -p "$RABBIT_VHOST" "$RABBIT_USER" ".*" ".*" ".*"
+$STD rabbitmqctl set_user_tags "$RABBIT_USER" administrator
+{
+  echo ""
+  echo "Reitti Credentials"
+  echo "RabbitMQ User: $RABBIT_USER"
+  echo "RabbitMQ Password: $RABBIT_PASS"
+} >>~/reitti.creds
+msg_ok "Configured RabbitMQ"
+
 USE_ORIGINAL_FILENAME="true" fetch_and_deploy_gh_release "reitti" "dedicatedcode/reitti" "singlefile" "latest" "/opt/reitti" "reitti-app.jar"
 mv /opt/reitti/reitti-*.jar /opt/reitti/reitti.jar
+USE_ORIGINAL_FILENAME="true" fetch_and_deploy_gh_release "photon" "komoot/photon" "singlefile" "latest" "/opt/photon" "photon-*.jar"
+mv /opt/photon/photon-*.jar /opt/photon/photon.jar
 
 msg_info "Installing Nginx Tile Cache"
 mkdir -p /var/cache/nginx/tiles
@@ -54,105 +73,57 @@ EOF
 chown -R www-data:www-data /var/cache/nginx
 chmod -R 750 /var/cache/nginx
 systemctl restart nginx
-msg_ok "Installed Nginx Tile Cache"
+msg_info "Installed Nginx Tile Cache"
 
 msg_info "Creating Reitti Configuration-File"
 mkdir -p /opt/reitti/data
 cat <<EOF >/opt/reitti/application.properties
-# Server configuration
-server.port=8080
-server.servlet.context-path=/
-server.forward-headers-strategy=framework
-server.compression.enabled=true
-server.compression.min-response-size=1024
-server.compression.mime-types=text/plain,application/json
+# Reitti Server Base URI
+reitti.server.advertise-uri=http://127.0.0.1:8080
 
-# Logging configuration
-logging.level.root=INFO
-logging.level.org.hibernate.engine.jdbc.spi.SqlExceptionHelper=FATAL
-logging.level.com.dedicatedcode.reitti=INFO
-
-# Internationalization
-spring.messages.basename=messages
-spring.messages.encoding=UTF-8
-spring.messages.cache-duration=3600
-spring.messages.fallback-to-system-locale=false
-
-# PostgreSQL configuration
+# PostgreSQL Database Connection
 spring.datasource.url=jdbc:postgresql://127.0.0.1:5432/$PG_DB_NAME
 spring.datasource.username=$PG_DB_USER
 spring.datasource.password=$PG_DB_PASS
-spring.datasource.hikari.maximum-pool-size=20
+spring.datasource.driver-class-name=org.postgresql.Driver
 
-# Redis configuration
+# Flyway Database Migrations
+spring.flyway.enabled=true
+spring.flyway.locations=classpath:db/migration
+spring.flyway.baseline-on-migrate=true
+
+# RabbitMQ (Message Queue)
+spring.rabbitmq.host=127.0.0.1
+spring.rabbitmq.port=5672
+spring.rabbitmq.username=$RABBIT_USER
+spring.rabbitmq.password=$RABBIT_PASS
+
+# Redis (Cache)
 spring.data.redis.host=127.0.0.1
 spring.data.redis.port=6379
-spring.data.redis.username=
-spring.data.redis.password=
-spring.data.redis.database=0
-spring.cache.redis.key-prefix=
 
-spring.cache.cache-names=processed-visits,significant-places,users,magic-links,configurations,transport-mode-configs,avatarThumbnails,avatarData,user-settings
-spring.cache.redis.time-to-live=1d
+# Server Port
+server.port=8080
 
-# Upload configuration
-spring.servlet.multipart.max-file-size=5GB
-spring.servlet.multipart.max-request-size=5GB
-server.tomcat.max-part-count=100
-
-# Rqueue configuration
-rqueue.web.enable=false
-rqueue.job.enabled=false
-rqueue.message.durability.in-terminal-state=0
-rqueue.key.prefix=\${spring.cache.redis.key-prefix}
-rqueue.message.converter.provider.class=com.dedicatedcode.reitti.config.RQueueCustomMessageConverter
-
-# Application-specific settings
-reitti.server.advertise-uri=
-
-reitti.security.local-login.disable=false
+# Optional: Logging & Performance
+logging.level.root=INFO
+spring.jpa.hibernate.ddl-auto=none
+spring.datasource.hikari.maximum-pool-size=10
 
 # OIDC / Security Settings
-reitti.security.oidc.enabled=false
 reitti.security.oidc.registration.enabled=false
 
-reitti.import.batch-size=10000
-reitti.import.processing-idle-start-time=10
+# Photon (Geocoding)
+PHOTON_BASE_URL=http://127.0.0.1:2322
+PROCESSING_WAIT_TIME=15
+PROCESSING_BATCH_SIZE=1000
+PROCESSING_WORKERS_PER_QUEUE=4-16
 
-reitti.geo-point-filter.max-speed-kmh=1000
-reitti.geo-point-filter.max-accuracy-meters=100
-reitti.geo-point-filter.history-lookback-hours=24
-reitti.geo-point-filter.window-size=50
+# Disable potentially dangerous features unless needed
+DANGEROUS_LIFE=false
 
-reitti.process-data.schedule=0 */10 * * * *
-reitti.process-data.refresh-views.schedule=0 0 4 * * *
-reitti.imports.schedule=0 5/10 * * * *
-reitti.imports.owntracks-recorder.schedule=\${reitti.imports.schedule}
-
-# Geocoding service configuration
-reitti.geocoding.max-errors=10
-reitti.geocoding.photon.base-url=
-
-# Tiles Configuration
+# Tiles Cache
 reitti.ui.tiles.cache.url=http://127.0.0.1
-reitti.ui.tiles.default.service=https://tile.openstreetmap.org/{z}/{x}/{y}.png
-reitti.ui.tiles.default.attribution=&copy; <a href="https://www.openstreetmap.org/copyright">OpenStreetMap</a> contributors
-
-# Data management configuration
-reitti.data-management.enabled=false
-reitti.data-management.preview-cleanup.cron=0 0 4 * * *
-
-reitti.storage.path=data/
-reitti.storage.cleanup.cron=0 0 4 * * *
-
-# Location data density normalization
-reitti.location.density.target-points-per-minute=4
-
-# Logging buffer
-reitti.logging.buffer-size=1000
-reitti.logging.max-buffer-size=10000
-
-spring.config.import=optional:oidc.properties
 EOF
 msg_ok "Created Configuration-File for Reitti"
 
@@ -160,8 +131,8 @@ msg_info "Creating Services"
 cat <<EOF >/etc/systemd/system/reitti.service
 [Unit]
 Description=Reitti
-After=network.target postgresql.service redis-server.service
-Wants=postgresql.service redis-server.service
+After=network.target postgresql.service redis-server.service rabbitmq-server.service photon.service
+Wants=postgresql.service redis-server.service rabbitmq-server.service photon.service
 
 [Service]
 Type=simple
@@ -175,6 +146,26 @@ Restart=on-failure
 WantedBy=multi-user.target
 EOF
 
+cat <<EOF >/etc/systemd/system/photon.service
+[Unit]
+Description=Photon Geocoding Service (Germany, OpenSearch)
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/photon
+ExecStart=/usr/bin/java -Xmx4g -jar photon.jar \
+  -data-dir /opt/photon \
+  -listen-port 2322 \
+  -listen-ip 0.0.0.0 \
+  -cors-any
+Restart=on-failure
+TimeoutStopSec=20
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now photon
 systemctl enable -q --now reitti
 msg_ok "Created Services"
 

install/vaultwarden-install.sh

@@ -1,105 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2026 tteck
-# Author: tteck (tteckster)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/dani-garcia/vaultwarden
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt install -y \
-  build-essential \
-  pkgconf \
-  libssl-dev \
-  libmariadb-dev-compat \
-  libpq-dev \
-  argon2 \
-  ssl-cert
-msg_ok "Installed Dependencies"
-
-setup_rust
-fetch_and_deploy_gh_release "vaultwarden" "dani-garcia/vaultwarden" "tarball" "latest" "/tmp/vaultwarden-src"
-
-msg_info "Building Vaultwarden (Patience)"
-cd /tmp/vaultwarden-src
-VW_VERSION=$(get_latest_github_release "dani-garcia/vaultwarden")
-export VW_VERSION
-$STD cargo build --features "sqlite,mysql,postgresql" --release
-msg_ok "Built Vaultwarden"
-
-msg_info "Setting up Vaultwarden"
-$STD addgroup --system vaultwarden
-$STD adduser --system --home /opt/vaultwarden --shell /usr/sbin/nologin --no-create-home --gecos 'vaultwarden' --ingroup vaultwarden --disabled-login --disabled-password vaultwarden
-mkdir -p /opt/vaultwarden/{bin,data,web-vault}
-cp target/release/vaultwarden /opt/vaultwarden/bin/
-cd ~ && rm -rf /tmp/vaultwarden-src
-msg_ok "Set up Vaultwarden"
-
-fetch_and_deploy_gh_release "vaultwarden_webvault" "dani-garcia/bw_web_builds" "prebuild" "latest" "/opt/vaultwarden/web-vault" "bw_web_*.tar.gz"
-
-msg_info "Configuring Vaultwarden"
-cat <<EOF >/opt/vaultwarden/.env
-ADMIN_TOKEN=''
-ROCKET_ADDRESS=0.0.0.0
-ROCKET_TLS='{certs="/opt/vaultwarden/ssl-cert-snakeoil.pem",key="/opt/vaultwarden/ssl-cert-snakeoil.key"}'
-DATA_FOLDER=/opt/vaultwarden/data
-DATABASE_MAX_CONNS=10
-WEB_VAULT_FOLDER=/opt/vaultwarden/web-vault
-WEB_VAULT_ENABLED=true
-EOF
-mv /etc/ssl/certs/ssl-cert-snakeoil.pem /opt/vaultwarden/
-mv /etc/ssl/private/ssl-cert-snakeoil.key /opt/vaultwarden/
-
-chown -R vaultwarden:vaultwarden /opt/vaultwarden/
-chown root:root /opt/vaultwarden/bin/vaultwarden
-chmod +x /opt/vaultwarden/bin/vaultwarden
-chown -R root:root /opt/vaultwarden/web-vault/
-chmod +r /opt/vaultwarden/.env
-msg_ok "Configured Vaultwarden"
-
-msg_info "Creating Service"
-cat <<EOF >/etc/systemd/system/vaultwarden.service
-[Unit]
-Description=Bitwarden Server (Powered by Vaultwarden)
-Documentation=https://github.com/dani-garcia/vaultwarden
-After=network.target
-
-[Service]
-User=vaultwarden
-Group=vaultwarden
-EnvironmentFile=-/opt/vaultwarden/.env
-ExecStart=/opt/vaultwarden/bin/vaultwarden
-LimitNOFILE=65535
-LimitNPROC=4096
-PrivateTmp=true
-PrivateDevices=true
-ProtectHome=true
-ProtectSystem=strict
-DevicePolicy=closed
-ProtectControlGroups=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-RestrictNamespaces=yes
-RestrictRealtime=yes
-MemoryDenyWriteExecute=yes
-LockPersonality=yes
-WorkingDirectory=/opt/vaultwarden
-ReadWriteDirectories=/opt/vaultwarden/data
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-
-[Install]
-WantedBy=multi-user.target
-EOF
-systemctl enable -q --now vaultwarden
-msg_ok "Created Service"
-
-motd_ssh
-customize
-cleanup_lxc