diff --git a/ct/wallabag.sh b/ct/wallabag.sh index 9325189a..de8b9f85 100644 --- a/ct/wallabag.sh +++ b/ct/wallabag.sh @@ -2,15 +2,15 @@ source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/build.func) # Copyright (c) 2021-2025 community-scripts ORG # Author: MickLesk (CanbiZ) -# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE # Source: https://wallabag.org/ # App Default Values APP="Wallabag" -var_tags="${var_tags:-ai;document}" +var_tags="${var_tags:-productivity;read-it-later}" var_cpu="${var_cpu:-2}" var_ram="${var_ram:-2048}" -var_disk="${var_disk:-7}" +var_disk="${var_disk:-6}" var_os="${var_os:-debian}" var_version="${var_version:-12}" var_unprivileged="${var_unprivileged:-1}" @@ -25,36 +25,63 @@ color catch_errors function update_script() { - header_info - check_container_storage - check_container_resources - if [[ ! -d /opt/wallabag ]]; then - msg_error "No ${APP} Installation Found!" - exit - fi - RELEASE=$(curl -fsSL https://api.github.com/repos/wallabag/wallabag/releases/latest | grep "tag_name" | awk '{print substr($2, 3, length($2)-4) }') - if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]] || [[ ! -f /opt/${APP}_version.txt ]]; then - msg_info "Stopping $APP" - - msg_ok "Stopped $APP" - - msg_info "Updating $APP to v${RELEASE}" - - msg_ok "Updated $APP to v${RELEASE}" - - msg_info "Starting $APP" - - msg_ok "Started $APP" - - msg_info "Cleaning Up" - rm -rf /opt/v${RELEASE}.zip - rm -rf /opt/paperless-ai_bak - msg_ok "Cleanup Completed" - msg_ok "Update Successful" - else - msg_ok "No update required. ${APP} is already at v${RELEASE}" - fi + header_info + check_container_storage + check_container_resources + if [[ ! -d /opt/wallabag ]]; then + msg_error "No ${APP} Installation Found!" exit + fi + + RELEASE=$(curl -fsSL https://api.github.com/repos/wallabag/wallabag/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') + if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt 2>/dev/null)" ]] || [[ ! -f /opt/${APP}_version.txt ]]; then + msg_info "Stopping Services" + systemctl stop nginx + systemctl stop php8.3-fpm + msg_ok "Stopped Services" + + msg_info "Backing up Wallabag" + cp /opt/wallabag/app/config/parameters.yml /tmp/wallabag_parameters.yml.bak + msg_ok "Backed up Configuration" + + msg_info "Updating $APP to v${RELEASE}" + cd /tmp + wget -q "https://github.com/wallabag/wallabag/releases/download/${RELEASE}/wallabag-${RELEASE#v}.tar.gz" + tar -xzf "wallabag-${RELEASE#v}.tar.gz" + + rm -rf /opt/wallabag/vendor /opt/wallabag/var/cache/* + cp -rf wallabag-${RELEASE#v}/* /opt/wallabag/ + + cp /tmp/wallabag_parameters.yml.bak /opt/wallabag/app/config/parameters.yml + + cd /opt/wallabag + export COMPOSER_ALLOW_SUPERUSER=1 + $STD composer install --no-dev --prefer-dist --optimize-autoloader --no-interaction + $STD php bin/console cache:clear --env=prod + $STD php bin/console doctrine:migrations:migrate --env=prod --no-interaction + + chown -R wallabag:wallabag /opt/wallabag + chmod -R 755 /opt/wallabag/var + chmod -R 755 /opt/wallabag/web/assets + + echo "${RELEASE}" >/opt/${APP}_version.txt + msg_ok "Updated $APP to v${RELEASE}" + + msg_info "Cleaning Up" + rm -rf /tmp/wallabag-${RELEASE#v}* + rm -f /tmp/wallabag_parameters.yml.bak + msg_ok "Cleanup Completed" + + msg_info "Starting Services" + systemctl start php8.3-fpm + systemctl start nginx + msg_ok "Started Services" + + msg_ok "Update Successful" + else + msg_ok "No update required. ${APP} is already at v${RELEASE}" + fi + exit } start build_container @@ -63,4 +90,4 @@ description msg_ok "Completed Successfully!\n" echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" echo -e "${INFO}${YW} Access it using the following URL:${CL}" -echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8000${CL}" diff --git a/frontend/public/json/wallabag.json b/frontend/public/json/wallabag.json index 203595a1..bd2d3182 100644 --- a/frontend/public/json/wallabag.json +++ b/frontend/public/json/wallabag.json @@ -1,35 +1,44 @@ { - "name": "Wallabag", - "slug": "wallabag", - "categories": [ - 12 - ], - "date_created": "2025-07-02", - "type": "ct", - "updateable": true, - "privileged": false, - "config_path": "/opt/wallabag/.env", - "interface_port": 3000, - "documentation": "https://wallabag.io/", - "website": "https://wallabag.io/", - "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/wallabag.svg", - "description": "Wallabag is an open-source self-hosted application.", - "install_methods": [ - { - "type": "default", - "script": "ct/wallabag.sh", - "resources": { - "cpu": 1, - "ram": 1024, - "hdd": 2, - "os": "Debian", - "version": "12" - } - } - ], - "default_credentials": { - "username": null, - "password": null - }, - "notes": [] -} \ No newline at end of file + "name": "Wallabag", + "slug": "wallabag", + "categories": [ + 12 + ], + "date_created": "2025-07-02", + "type": "ct", + "updateable": true, + "privileged": false, + "config_path": "/opt/wallabag/app/config/parameters.yml", + "interface_port": 8000, + "documentation": "https://doc.wallabag.org/", + "website": "https://wallabag.org/", + "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons/svg/wallabag.svg", + "description": "Wallabag is a self-hosted read-it-later application. Save web articles to read them later, offline, in a clean and distraction-free interface. Features tagging, full-text search, and browser/mobile app integrations.", + "install_methods": [ + { + "type": "default", + "script": "ct/wallabag.sh", + "resources": { + "cpu": 2, + "ram": 2048, + "hdd": 6, + "os": "Debian", + "version": "12" + } + } + ], + "default_credentials": { + "username": "wallabag", + "password": "wallabag" + }, + "notes": [ + { + "text": "Default login: wallabag / wallabag - change immediately after first login!", + "type": "warning" + }, + { + "text": "Database credentials are stored in ~/wallabag.creds", + "type": "info" + } + ] +} diff --git a/install/wallabag-install.sh b/install/wallabag-install.sh index 53c54ab8..ccd8be0e 100644 --- a/install/wallabag-install.sh +++ b/install/wallabag-install.sh @@ -1,8 +1,9 @@ #!/usr/bin/env bash # Copyright (c) 2021-2025 community-scripts ORG -# Author: MickLesk (Canbiz) -# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Author: MickLesk (CanbiZ) +# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE +# Source: https://wallabag.org/ source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" color @@ -12,116 +13,145 @@ setting_up_container network_check update_os -msg_info "Installing Dependencies (Patience)" +msg_info "Installing Dependencies" $STD apt-get install -y \ - make \ - apache2 \ - libapache2-mod-php \ - redis + nginx \ + redis-server \ + imagemagick msg_ok "Installed Dependencies" setup_mariadb -PHP_VERSION="8.3" PHP_APACHE="YES" PHP_FPM="YES" PHP_MODULE="bcmath,bz2,cli,exif,common,curl,tidy,fpm,gd,intl,mbstring,xml,mysql,zip" setup_php -setup_composer +MARIADB_DB_NAME="wallabag" MARIADB_DB_USER="wallabag" setup_mariadb_db -msg_info "Setting up Database" -DB_NAME=wallabag_db -DB_USER=wallabag -DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13) -SECRET_KEY="$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)" -$STD mariadb -u root -e "CREATE DATABASE $DB_NAME;" -$STD mariadb -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';" -$STD mariadb -u root -e "GRANT ALL PRIVILEGES ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;" -{ - echo "Wallabag Credentials" - echo "Database User: $DB_USER" - echo "Database Password: $DB_PASS" - echo "Database Name: $DB_NAME" -} >>~/wallabag.creds -msg_ok "Set up Database" +PHP_VERSION="8.3" PHP_FPM="YES" PHP_MODULE="bcmath,bz2,curl,gd,imagick,intl,mbstring,mysql,redis,tidy,xml,zip" setup_php +setup_composer +NODE_VERSION="22" setup_nodejs fetch_and_deploy_gh_release "wallabag" "wallabag/wallabag" "prebuild" "latest" "/opt/wallabag" "wallabag-*.tar.gz" -msg_info "Installing Wallabag (Patience)" +msg_info "Configuring Wallabag" cd /opt/wallabag -useradd -d /opt/wallabag -s /bin/bash -M wallabag + +useradd -d /opt/wallabag -s /usr/sbin/nologin -M wallabag 2>/dev/null || true + +SECRET_KEY="$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)" +CONTAINER_IP=$(hostname -I | awk '{print $1}') + +cat </opt/wallabag/app/config/parameters.yml +parameters: + database_driver: pdo_mysql + database_host: 127.0.0.1 + database_port: 3306 + database_name: ${MARIADB_DB_NAME} + database_user: ${MARIADB_DB_USER} + database_password: ${MARIADB_DB_PASS} + database_path: null + database_table_prefix: wallabag_ + database_socket: null + database_charset: utf8mb4 + + domain_name: http://${CONTAINER_IP}:8000 + server_name: Wallabag + + mailer_dsn: null + + locale: en + + secret: ${SECRET_KEY} + + twofactor_auth: true + twofactor_sender: no-reply@wallabag.org + + fosuser_registration: true + fosuser_confirmation: true + + fos_oauth_server_access_token_lifetime: 3600 + fos_oauth_server_refresh_token_lifetime: 1209600 + + from_email: no-reply@wallabag.org + + rss_limit: 50 + + rabbitmq_host: localhost + rabbitmq_port: 5672 + rabbitmq_user: guest + rabbitmq_password: guest + rabbitmq_prefetch_count: 10 + + redis_scheme: tcp + redis_host: localhost + redis_port: 6379 + redis_path: null + redis_password: null + + sentry_dsn: null +EOF + chown -R wallabag:wallabag /opt/wallabag -mv /opt/wallabag/app/config/parameters.yml.dist /opt/wallabag/app/config/parameters.yml -sed -i \ - -e 's|database_name: wallabag|database_name: wallabag_db|' \ - -e 's|database_port: ~|database_port: 3306|' \ - -e 's|database_user: root|database_user: wallabag|' \ - -e 's|database_password: ~|database_password: '"$DB_PASS"'|' \ - -e 's|secret: .*|secret: '"$SECRET_KEY"'|' \ - /opt/wallabag/app/config/parameters.yml +msg_ok "Configured Wallabag" +msg_info "Installing Wallabag (Patience)" export COMPOSER_ALLOW_SUPERUSER=1 -sudo -u wallabag make install --no-interaction -export COMPOSER_ALLOW_SUPERUSER=1 -composer install --no-dev --prefer-dist --optimize-autoloader --no-interaction +$STD sudo -u wallabag composer install --no-dev --prefer-dist --optimize-autoloader --no-interaction + +$STD sudo -u wallabag php bin/console wallabag:install --env=prod --no-interaction + +chown -R wallabag:wallabag /opt/wallabag +chmod -R 755 /opt/wallabag/var +chmod -R 755 /opt/wallabag/web/assets msg_ok "Installed Wallabag" -msg_info "Setting up Virtual Host" -cat </etc/nginx/conf.d/wallabag.conf +msg_info "Configuring Nginx" +cat <<'EOF' >/etc/nginx/sites-available/wallabag server { + listen 8000; + server_name _; root /opt/wallabag/web; - server_name $IPADDRESS; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; + + index app.php; + charset utf-8; location / { - # try to serve file directly, fallback to app.php try_files $uri /app.php$is_args$args; } + location ~ ^/app\.php(/|$) { - # if, for some reason, you are still using PHP 5, - # then replace /run/php/php7.0 by /var/run/php5 - fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_pass unix:/run/php/php8.3-fpm.sock; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; - # When you are using symlinks to link the document root to the - # current version of your application, you should pass the real - # application path instead of the path to the symlink to PHP - # FPM. - # Otherwise, PHP's OPcache may not properly detect changes to - # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 - # for more information). - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; - # Prevents URIs that include the front controller. This will 404: - # http://domain.tld/app.php/some-path - # Remove the internal directive to allow URIs like this internal; } - # return 404 for all other php files not matching the front controller - # this prevents access to other php files you don't want to be accessible. location ~ \.php$ { return 404; } + location ~ /\.(?!well-known).* { + deny all; + } + error_log /var/log/nginx/wallabag_error.log; access_log /var/log/nginx/wallabag_access.log; } EOF -$STD a2enmod rewrite -$STD a2ensite wallabag.conf -$STD a2dissite 000-default.conf -systemctl reload apache2 -msg_ok "Configured Virtual Host" +ln -sf /etc/nginx/sites-available/wallabag /etc/nginx/sites-enabled/ +rm -f /etc/nginx/sites-enabled/default +$STD systemctl reload nginx +msg_ok "Configured Nginx" -msg_info "Setting Permissions" -chown -R www-data:www-data /opt/wallabag/{bin,app/config,vendor,data,var,web} -msg_ok "Set Permissions" - -msg_info "Running Wallabag Installation" -php bin/console wallabag:install --env=prod -msg_ok "Wallabag Installed" +msg_info "Enabling Services" +systemctl enable -q --now redis-server +systemctl enable -q --now php8.3-fpm +systemctl enable -q --now nginx +msg_ok "Enabled Services" motd_ssh customize - -msg_info "Cleaning up" -$STD apt-get autoremove -$STD apt-get autoclean -msg_ok "Cleaned" +cleanup_lxc