nexus/ProxmoxVE
2
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-04-24 19:30:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fbf73b6e23cc56dacb43e272fc52a04ecb763702
ProxmoxVE/install/bentopdf-install.sh
T
CanbiZ (MickLesk) fbf73b6e23 fix(bentopdf): enforce https for SharedArrayBuffer on LAN 
LibreOffice WASM requires crossOriginIsolated + secure context.
LAN HTTP origins (http://192.168.x.x) are not trustworthy, so Office
conversion fails with DataCloneError on SharedArrayBuffer transfer.

- generate self-signed TLS cert (idempotent)
- add HTTPS server on :8443
- redirect HTTP :8080 to HTTPS :8443
- keep WASM gzip/mime handling
- update post-install URL hint to https://IP:8443
2026-04-10 08:22:31 +02:00

121 lines
3.3 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: vhsdream
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/alam00000/bentopdf
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
ensure_dependencies nginx openssl
NODE_VERSION="24" setup_nodejs
fetch_and_deploy_gh_release "bentopdf" "alam00000/bentopdf" "tarball" "latest" "/opt/bentopdf"
msg_info "Setup BentoPDF"
cd /opt/bentopdf
$STD npm ci --no-audit --no-fund
cp ./.env.example ./.env.production
export NODE_OPTIONS="--max-old-space-size=3072"
export SIMPLE_MODE=true
export VITE_USE_CDN=true
$STD npm run build:all
msg_ok "Setup BentoPDF"
msg_info "Creating Service"
if [[ ! -f /etc/ssl/private/bentopdf-selfsigned.key || ! -f /etc/ssl/certs/bentopdf-selfsigned.crt ]]; then
CERT_CN="$(hostname -I | awk '{print $1}')"
$STD openssl req -x509 -nodes -newkey rsa:2048 -days 3650 \
-keyout /etc/ssl/private/bentopdf-selfsigned.key \
-out /etc/ssl/certs/bentopdf-selfsigned.crt \
-subj "/CN=${CERT_CN}"
fi
cat <<'EOF' >/etc/nginx/sites-available/bentopdf
server {
listen 8080;
server_name _;
return 301 https://$host:8443$request_uri;
}
server {
listen 8443 ssl;
server_name _;
ssl_certificate /etc/ssl/certs/bentopdf-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/bentopdf-selfsigned.key;
root /opt/bentopdf/dist;
index index.html;
# Required for LibreOffice WASM (Word/Excel/PowerPoint to PDF via SharedArrayBuffer)
add_header Cross-Origin-Opener-Policy "same-origin" always;
add_header Cross-Origin-Embedder-Policy "require-corp" always;
add_header Cross-Origin-Resource-Policy "cross-origin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
gzip_static on;
location ~* /libreoffice-wasm/soffice\.wasm\.gz$ {
gzip off;
types {} default_type application/wasm;
add_header Content-Encoding gzip;
add_header Vary "Accept-Encoding";
add_header Cache-Control "public, immutable";
}
location ~* /libreoffice-wasm/soffice\.data\.gz$ {
gzip off;
types {} default_type application/octet-stream;
add_header Content-Encoding gzip;
add_header Vary "Accept-Encoding";
add_header Cache-Control "public, immutable";
}
location ~* \.wasm$ {
types {} default_type application/wasm;
expires 1y;
add_header Cache-Control "public, immutable";
}
location ~* \.(wasm\.gz|data\.gz|data)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
location / {
try_files $uri $uri/ $uri.html =404;
}
error_page 404 /404.html;
}
EOF
rm -f /etc/nginx/sites-enabled/default
ln -sf /etc/nginx/sites-available/bentopdf /etc/nginx/sites-enabled/bentopdf
cat <<'EOF' >/etc/systemd/system/bentopdf.service
[Unit]
Description=BentoPDF Service
After=network.target
[Service]
Type=simple
ExecStart=/usr/sbin/nginx -g "daemon off;"
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now bentopdf
msg_ok "Created & started service"
motd_ssh
customize
cleanup_lxc
Reference in New Issue View Git Blame Copy Permalink