mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-04-30 14:05:59 +00:00
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 push-app-to-main[bot]
|
646d83d987 | ||
|
community-scripts-pr-app[bot]
|
b4e0bb0686 |
+2
-1
@@ -452,7 +452,8 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
|
||||
|
||||
### 🆕 New Scripts
|
||||
|
||||
- Neko ([#14121](https://github.com/community-scripts/ProxmoxVE/pull/14121))
|
||||
- Nagios ([#14126](https://github.com/community-scripts/ProxmoxVE/pull/14126))
|
||||
- Neko ([#14121](https://github.com/community-scripts/ProxmoxVE/pull/14121))
|
||||
|
||||
### 💾 Core
|
||||
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
____ __ __ ___ _ __ ____ _ __
|
||||
/ __ \_________ / /_____ ____ / |/ /___ _(_) / / __ )_____(_)___/ /___ ____
|
||||
/ /_/ / ___/ __ \/ __/ __ \/ __ \/ /|_/ / __ `/ / /_____/ __ / ___/ / __ / __ `/ _ \
|
||||
/ ____/ / / /_/ / /_/ /_/ / / / / / / / /_/ / / /_____/ /_/ / / / / /_/ / /_/ / __/
|
||||
/_/ /_/ \____/\__/\____/_/ /_/_/ /_/\__,_/_/_/ /_____/_/ /_/\__,_/\__, /\___/
|
||||
/____/
|
||||
@@ -0,0 +1,79 @@
|
||||
#!/usr/bin/env bash
|
||||
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
|
||||
# Copyright (c) 2021-2026 community-scripts ORG
|
||||
# Author: Stephen Chin (steveonjava)
|
||||
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
||||
# Source: https://github.com/ProtonMail/proton-bridge
|
||||
|
||||
APP="ProtonMail-Bridge"
|
||||
var_tags="${var_tags:-mail;proton}"
|
||||
var_cpu="${var_cpu:-2}"
|
||||
var_ram="${var_ram:-1024}"
|
||||
var_disk="${var_disk:-8}"
|
||||
var_os="${var_os:-debian}"
|
||||
var_version="${var_version:-13}"
|
||||
var_unprivileged="${var_unprivileged:-1}"
|
||||
|
||||
header_info "$APP"
|
||||
variables
|
||||
color
|
||||
catch_errors
|
||||
|
||||
function update_script() {
|
||||
header_info
|
||||
check_container_storage
|
||||
check_container_resources
|
||||
|
||||
if [[ ! -x /usr/bin/protonmail-bridge ]]; then
|
||||
msg_error "No ${APP} Installation Found!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if check_for_gh_release "protonmail-bridge" "ProtonMail/proton-bridge"; then
|
||||
local -a bridge_units=(
|
||||
protonmail-bridge
|
||||
protonmail-bridge-imap.socket
|
||||
protonmail-bridge-smtp.socket
|
||||
protonmail-bridge-imap-proxy
|
||||
protonmail-bridge-smtp-proxy
|
||||
)
|
||||
local unit
|
||||
declare -A was_active
|
||||
for unit in "${bridge_units[@]}"; do
|
||||
if systemctl is-active --quiet "$unit" 2>/dev/null; then
|
||||
was_active["$unit"]=1
|
||||
else
|
||||
was_active["$unit"]=0
|
||||
fi
|
||||
done
|
||||
|
||||
msg_info "Stopping Services"
|
||||
systemctl stop protonmail-bridge-imap.socket protonmail-bridge-smtp.socket protonmail-bridge-imap-proxy protonmail-bridge-smtp-proxy protonmail-bridge
|
||||
msg_ok "Stopped Services"
|
||||
|
||||
fetch_and_deploy_gh_release "protonmail-bridge" "ProtonMail/proton-bridge" "binary"
|
||||
|
||||
if [[ -f /home/protonbridge/.protonmailbridge-initialized ]]; then
|
||||
msg_info "Starting Services"
|
||||
for unit in "${bridge_units[@]}"; do
|
||||
if [[ "${was_active[$unit]:-0}" == "1" ]]; then
|
||||
systemctl start "$unit"
|
||||
fi
|
||||
done
|
||||
msg_ok "Started Services"
|
||||
else
|
||||
msg_ok "Initialization not completed. Services remain disabled."
|
||||
fi
|
||||
msg_ok "Updated successfully!"
|
||||
fi
|
||||
exit
|
||||
}
|
||||
|
||||
start
|
||||
build_container
|
||||
description
|
||||
|
||||
msg_ok "Completed successfully!\n"
|
||||
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
|
||||
echo -e "${INFO}${YW}One-time configuration is required before Bridge services are enabled.${CL}"
|
||||
echo -e "${INFO}${YW}Run this command in the container: protonmailbridge-configure${CL}"
|
||||
@@ -0,0 +1,192 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Copyright (c) 2021-2026 community-scripts ORG
|
||||
# Author: Stephen Chin (steveonjava)
|
||||
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
||||
# Source: https://github.com/ProtonMail/proton-bridge
|
||||
|
||||
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
|
||||
color
|
||||
verb_ip6
|
||||
catch_errors
|
||||
setting_up_container
|
||||
network_check
|
||||
update_os
|
||||
|
||||
msg_info "Installing Dependencies"
|
||||
$STD apt install -y pass
|
||||
msg_ok "Installed Dependencies"
|
||||
|
||||
msg_info "Creating Service User"
|
||||
useradd -r -m -d /home/protonbridge -s /usr/sbin/nologin protonbridge
|
||||
install -d -m 0750 -o protonbridge -g protonbridge /home/protonbridge
|
||||
msg_ok "Created Service User"
|
||||
|
||||
fetch_and_deploy_gh_release "protonmail-bridge" "ProtonMail/proton-bridge" "binary"
|
||||
|
||||
msg_info "Creating Services"
|
||||
cat <<EOF >/etc/systemd/system/protonmail-bridge.service
|
||||
[Unit]
|
||||
Description=Proton Mail Bridge (noninteractive)
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
ConditionPathExists=/home/protonbridge/.protonmailbridge-initialized
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=protonbridge
|
||||
Group=protonbridge
|
||||
WorkingDirectory=/home/protonbridge
|
||||
Environment=HOME=/home/protonbridge
|
||||
ExecStart=/usr/bin/protonmail-bridge --noninteractive
|
||||
Restart=always
|
||||
RestartSec=3
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
ProtectSystem=full
|
||||
ProtectKernelTunables=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectControlGroups=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
cat <<'EOF' >/etc/systemd/system/protonmail-bridge-imap.socket
|
||||
[Unit]
|
||||
Description=Proton Mail Bridge IMAP Socket (143)
|
||||
ConditionPathExists=/home/protonbridge/.protonmailbridge-initialized
|
||||
|
||||
[Socket]
|
||||
ListenStream=143
|
||||
Accept=no
|
||||
Service=protonmail-bridge-imap-proxy.service
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
EOF
|
||||
cat <<'EOF' >/etc/systemd/system/protonmail-bridge-imap-proxy.service
|
||||
[Unit]
|
||||
Description=Proton Mail Bridge IMAP Proxy (143 -> 127.0.0.1:1143)
|
||||
After=protonmail-bridge.service
|
||||
Requires=protonmail-bridge.service
|
||||
ConditionPathExists=/home/protonbridge/.protonmailbridge-initialized
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Sockets=protonmail-bridge-imap.socket
|
||||
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:1143
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
EOF
|
||||
cat <<'EOF' >/etc/systemd/system/protonmail-bridge-smtp.socket
|
||||
[Unit]
|
||||
Description=Proton Mail Bridge SMTP Socket (587)
|
||||
ConditionPathExists=/home/protonbridge/.protonmailbridge-initialized
|
||||
|
||||
[Socket]
|
||||
ListenStream=587
|
||||
Accept=no
|
||||
Service=protonmail-bridge-smtp-proxy.service
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
EOF
|
||||
cat <<'EOF' >/etc/systemd/system/protonmail-bridge-smtp-proxy.service
|
||||
[Unit]
|
||||
Description=Proton Mail Bridge SMTP Proxy (587 -> 127.0.0.1:1025)
|
||||
After=protonmail-bridge.service
|
||||
Requires=protonmail-bridge.service
|
||||
ConditionPathExists=/home/protonbridge/.protonmailbridge-initialized
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Sockets=protonmail-bridge-smtp.socket
|
||||
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:1025
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
EOF
|
||||
msg_ok "Created Services"
|
||||
|
||||
msg_info "Creating Helper Commands"
|
||||
|
||||
cat <<'EOF' >/usr/local/bin/protonmailbridge-configure
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
BRIDGE_USER="protonbridge"
|
||||
BRIDGE_HOME="/home/${BRIDGE_USER}"
|
||||
GNUPG_HOME="${BRIDGE_HOME}/.gnupg"
|
||||
MARKER="${BRIDGE_HOME}/.protonmailbridge-initialized"
|
||||
|
||||
FIRST_TIME=0
|
||||
if [[ ! -f "${MARKER}" ]]; then
|
||||
FIRST_TIME=1
|
||||
fi
|
||||
|
||||
# Stop sockets/proxies/bridge daemon before configuration
|
||||
systemctl stop protonmail-bridge-imap.socket protonmail-bridge-smtp.socket
|
||||
systemctl stop protonmail-bridge-imap-proxy protonmail-bridge-smtp-proxy protonmail-bridge
|
||||
|
||||
if [[ "${FIRST_TIME}" == "1" ]]; then
|
||||
echo "First-time setup: initializing pass keychain for ${BRIDGE_USER} (required by Proton Mail Bridge on Linux)."
|
||||
|
||||
install -d -m 0700 -o "${BRIDGE_USER}" -g "${BRIDGE_USER}" "${GNUPG_HOME}"
|
||||
|
||||
FPR="$(runuser -u "${BRIDGE_USER}" -- env HOME="${BRIDGE_HOME}" GNUPGHOME="${GNUPG_HOME}" \
|
||||
gpg --list-secret-keys --with-colons 2>/dev/null | awk -F: '$1=="fpr"{print $10; exit}')"
|
||||
|
||||
if [[ -z "${FPR}" ]]; then
|
||||
runuser -u "${BRIDGE_USER}" -- env HOME="${BRIDGE_HOME}" GNUPGHOME="${GNUPG_HOME}" \
|
||||
gpg --batch --pinentry-mode loopback --passphrase '' \
|
||||
--quick-gen-key 'ProtonMail Bridge' default default never
|
||||
|
||||
FPR="$(runuser -u "${BRIDGE_USER}" -- env HOME="${BRIDGE_HOME}" GNUPGHOME="${GNUPG_HOME}" \
|
||||
gpg --list-secret-keys --with-colons 2>/dev/null | awk -F: '$1=="fpr"{print $10; exit}')"
|
||||
fi
|
||||
|
||||
if [[ -z "${FPR}" ]]; then
|
||||
echo "Failed to detect a GPG key fingerprint for ${BRIDGE_USER}." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
runuser -u "${BRIDGE_USER}" -- env HOME="${BRIDGE_HOME}" GNUPGHOME="${GNUPG_HOME}" \
|
||||
pass init "${FPR}"
|
||||
|
||||
echo
|
||||
echo "To do initial configuration of the Proton Mail Bridge:"
|
||||
echo "Run: login"
|
||||
echo "Run: info"
|
||||
echo "Run: exit"
|
||||
echo
|
||||
else
|
||||
echo
|
||||
echo "Launching Proton Mail Bridge CLI for configuration."
|
||||
echo "External access is disabled until you exit."
|
||||
echo "Run: exit"
|
||||
echo
|
||||
fi
|
||||
|
||||
runuser -u "${BRIDGE_USER}" -- env HOME="${BRIDGE_HOME}" \
|
||||
protonmail-bridge -c
|
||||
|
||||
if [[ "${FIRST_TIME}" == "1" ]]; then
|
||||
touch "${MARKER}"
|
||||
chown "${BRIDGE_USER}:${BRIDGE_USER}" "${MARKER}"
|
||||
chmod 0644 "${MARKER}"
|
||||
fi
|
||||
|
||||
systemctl enable -q --now protonmail-bridge.service protonmail-bridge-imap.socket protonmail-bridge-smtp.socket
|
||||
|
||||
if [[ "${FIRST_TIME}" == "1" ]]; then
|
||||
echo "Initialization complete. Services enabled and started."
|
||||
else
|
||||
echo "Configuration complete. Services enabled and started."
|
||||
fi
|
||||
EOF
|
||||
chmod +x /usr/local/bin/protonmailbridge-configure
|
||||
ln -sf /usr/local/bin/protonmailbridge-configure /usr/bin/protonmailbridge-configure
|
||||
msg_ok "Created Helper Commands"
|
||||
|
||||
motd_ssh
|
||||
customize
|
||||
cleanup_lxc
|
||||
Reference in New Issue
Block a user