Proxmox/install/ghostfolio-install.sh

#!/usr/bin/env bash

# Copyright (c) 2021-2024 tteck
# Author: tteck (tteckster)
# Co-Author: jcantosz
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE

source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os

msg_info "Installing Dependencies"
$STD apt-get update
$STD apt-get install -y \
    curl \
    lsb-release \
    gpg
msg_ok "Installed Dependencies"

# POSTGRES =================================
msg_info "Setting up postgresql"

POSTGRES_HOST=localhost
POSTGRES_PORT=5432
POSTGRES_DB=ghostfolio-db
POSTGRES_USER='postgres'
POSTGRES_PASSWORD="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)"
ACCESS_TOKEN_SALT="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)"
DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer"
JWT_SECRET_KEY="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)"

$STD apt-get install -y postgresql-15

# Setup postgres
$STD su postgres <<EOSU
psql -c "create database \"$POSTGRES_DB\";"
psql -c "ALTER DATABASE \"$POSTGRES_DB\" OWNER TO \"$POSTGRES_USER\";"
psql -c "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \"$POSTGRES_USER\";"
psql -c "ALTER USER \"$POSTGRES_USER\" WITH PASSWORD '$POSTGRES_PASSWORD';"
EOSU

# Make sure postgres is working/reachable
$STD pg_isready -d "$POSTGRES_DB" -U "$POSTGRES_USER"
$STD psql -d "$DATABASE_URL" -c "select now()"

# Store creds
echo "" >~/ghostery.creds
echo "Ghostery Database Credentials" >>~/ghostery.creds
echo "" >>~/ghostery.creds
echo -e "ghostery Database User: \e[32m$POSTGRES_USER\e[0m" >>~/ghostery.creds
echo -e "ghostery Database Password: \e[32m$POSTGRES_PASSWORD\e[0m" >>~/ghostery.creds
echo -e "ghostery Database Name: \e[32m$POSTGRES_DB\e[0m" >>~/ghostery.creds
msg_ok "Set up postgresql"
#-- END POSTGRES

# REDIS CACHE =================================
msg_info "Setting up redis"
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)"

$STD apt-get install -y redis

## Configure Redis
$STD redis-cli CONFIG SET requirepass "$REDIS_PASSWORD"
$STD redis-cli  -a "$REDIS_PASSWORD" CONFIG REWRITE
$STD systemctl restart redis

# Test Redis with password auth
$STD redis-cli -a "$REDIS_PASSWORD" ping

echo "" >~/ghostery.creds
echo "Ghostery Redis Credentials" >>~/ghostery.creds
echo "" >>~/ghostery.creds
echo -e "ghostery Redis Password: \e[32m$REDIS_PASSWORD\e[0m" >>~/ghostery.creds

#-- END REDIS CACHE

# GHOSTFOLIO  =================================
## Setup Vars
NODE_VERSION=20
GHOSTFOLIO_VERSION='2.117.0'

cd /opt/

# Set up nodejs 20 (project requires this version)
$STD curl -fsSL https://deb.nodesource.com/setup_$NODE_VERSION.x -o nodesource_setup.sh
$STD bash nodesource_setup.sh
rm nodesource_setup.sh
$STD apt-get update

$STD apt-get install -y --no-install-suggests \
  nodejs \
  g++ \
  git \
  make \
  openssl \
  python3
 
# Determine the latest version if needed - find another way, this resolves correctly but throws: -bash: line 107: version=https://github.com/ghostfolio/ghostfolio/releases/tag/2.117.0: No such file or directory
# if [[ "$GHOSTFOLIO_VERSION" == "latest" ]]; then
#   $STD version=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/ghostfolio/ghostfolio/releases/latest)
#   $STD GHOSTFOLIO_VERSION=${version##*/}
# fi

# Get the realease
$STD curl -Ls -o ghostfolio-$GHOSTFOLIO_VERSION.tgz https://github.com/ghostfolio/ghostfolio/archive/refs/tags/$GHOSTFOLIO_VERSION.tar.gz
$STD tar xzf ghostfolio-$GHOSTFOLIO_VERSION.tgz
$STD rm ghostfolio-$GHOSTFOLIO_VERSION.tgz

cd /opt/ghostfolio-$GHOSTFOLIO_VERSION

# Build the project
$STD npm install
$STD npm run build:production

# package.json was generated by the build process, however the original
# package-lock.json needs to be used to ensure the same versions
# curl -o package-lock.json https://raw.githubusercontent.com/ghostfolio/ghostfolio/refs/tags/$GHOSTFOLIO_VERSION/package-lock.json
mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/package-lock.json /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/
#cp package-lock.json dist/apps/api/

cd /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/
$STD npm install
mv -r /opt/ghostfolio-$GHOSTFOLIO_VERSION/prisma .

# Overwrite the generated package.json with the original one to ensure having
# all the scripts
# curl -o package.json https://raw.githubusercontent.com/ghostfolio/ghostfolio/refs/tags/$GHOSTFOLIO_VERSION/package.json
mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/package.json /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/
$STD npm run database:generate-typings

# Move the built project to /opt/ghostfolio
cd /opt
mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps /opt/ghostfolio
mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/docker/entrypoint.sh /opt/ghostfolio/

rm -rf /opt/ghostfolio-$GHOSTFOLIO_VERSION

# --- END GHOSTFOLIO

# SERVICE  =================================
# Create env file
msg_info "Creating Environment File"
cat <<EOF >/opt/ghostfolio/api/.env
# Node
NODE_OPTIONS=--max_old_space_size=2048
# CACHE
REDIS_HOST=$REDIS_HOST
REDIS_PORT=$REDIS_PORT
REDIS_PASSWORD=$REDIS_PASSWORD
# POSTGRES
POSTGRES_DB=$POSTGRES_DB
POSTGRES_USER=$POSTGRES_USER
POSTGRES_PASSWORD=$POSTGRES_PASSWORD
# VARIOUS
ACCESS_TOKEN_SALT=$ACCESS_TOKEN_SALT
DATABASE_URL="$DATABASE_URL"
JWT_SECRET_KEY=$JWT_SECRET_KEY
EOF

msg_info "Creating Startup Script"
# Create startup script
cat <<EOF >/opt/ghostfolio/start.sh
#!/bin/bash
# Source the environment vars and export them otherwise it wont get them properly
set -a
. /opt/ghostfolio/api/.env
set +a
# Run the docker entrypoint
/opt/ghostfolio/entrypoint.sh
EOF

chmod +x /opt/ghostfolio/start.sh

msg_info "Creating Systemd Service Definition"
# Create Systemd Service
cat <<EOF >/etc/systemd/system/ghostfolio.service
[Unit]
Description=ghostfolio
[Service]
After=postgresql.servicei redis.service
Require=postgresql.servicei redis.service
# Start Service
ExecStart=/opt/ghostfolio/start.sh
WorkingDirectory=/opt/ghostfolio/api/
# Restart service after 10 seconds if node service crashes
RestartSec=10
Restart=always
# Output to syslog
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=ghostfolio
[Install]
WantedBy=multi-user.target
EOF

# Make the service run on container startup
systemctl enable ghostfolio
systemctl start ghostfolio
msg_ok "Created Service"
# -- END SERVICE

motd_ssh
customize

msg_info "Cleaning up"
apt remove -y make git g++
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"
initial commit (untested) 2024-10-21 23:46:00 +02:00			`#!/usr/bin/env bash`

			`# Copyright (c) 2021-2024 tteck`
			`# Author: tteck (tteckster)`
			`# Co-Author: jcantosz`
			`# License: MIT`
			`# https://github.com/tteck/Proxmox/raw/main/LICENSE`

			`source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"`
			`color`
			`verb_ip6`
			`catch_errors`
			`setting_up_container`
			`network_check`
			`update_os`

			`msg_info "Installing Dependencies"`
apt-get update before install, remove trailing whitespace 2024-10-22 16:12:58 +02:00			`$STD apt-get update`
initial commit (untested) 2024-10-21 23:46:00 +02:00			`$STD apt-get install -y \`
apt-get update before install, remove trailing whitespace 2024-10-22 16:12:58 +02:00			`curl \`
initial commit (untested) 2024-10-21 23:46:00 +02:00			`lsb-release \`
			`gpg`
			`msg_ok "Installed Dependencies"`

			`# POSTGRES =================================`
			`msg_info "Setting up postgresql"`

			`POSTGRES_HOST=localhost`
			`POSTGRES_PORT=5432`
			`POSTGRES_DB=ghostfolio-db`
			`POSTGRES_USER='postgres'`
Change pw creation method to match existing script 2024-10-22 16:48:38 +02:00			`POSTGRES_PASSWORD="$(head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 32)"`
			`ACCESS_TOKEN_SALT="$(head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 32)"`
initial commit (untested) 2024-10-21 23:46:00 +02:00			`DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer"`
Change pw creation method to match existing script 2024-10-22 16:48:38 +02:00			`JWT_SECRET_KEY="$(head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 32)"`
initial commit (untested) 2024-10-21 23:46:00 +02:00
			`$STD apt-get install -y postgresql-15`

			`# Setup postgres`
			`$STD su postgres <<EOSU`
			`psql -c "create database \"$POSTGRES_DB\";"`
			`psql -c "ALTER DATABASE \"$POSTGRES_DB\" OWNER TO \"$POSTGRES_USER\";"`
			`psql -c "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \"$POSTGRES_USER\";"`
			`psql -c "ALTER USER \"$POSTGRES_USER\" WITH PASSWORD '$POSTGRES_PASSWORD';"`
			`EOSU`

			`# Make sure postgres is working/reachable`
			`$STD pg_isready -d "$POSTGRES_DB" -U "$POSTGRES_USER"`
			`$STD psql -d "$DATABASE_URL" -c "select now()"`

			`# Store creds`
			`echo "" >~/ghostery.creds`
			`echo "Ghostery Database Credentials" >>~/ghostery.creds`
			`echo "" >>~/ghostery.creds`
			`echo -e "ghostery Database User: \e[32m$POSTGRES_USER\e[0m" >>~/ghostery.creds`
			`echo -e "ghostery Database Password: \e[32m$POSTGRES_PASSWORD\e[0m" >>~/ghostery.creds`
			`echo -e "ghostery Database Name: \e[32m$POSTGRES_DB\e[0m" >>~/ghostery.creds`
			`msg_ok "Set up postgresql"`
			`#-- END POSTGRES`

			`# REDIS CACHE =================================`
			`msg_info "Setting up redis"`
			`REDIS_HOST=localhost`
			`REDIS_PORT=6379`
Change pw creation method to match existing script 2024-10-22 16:48:38 +02:00			`REDIS_PASSWORD="$(head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 32)"`
initial commit (untested) 2024-10-21 23:46:00 +02:00
			`$STD apt-get install -y redis`

			`## Configure Redis`
			`$STD redis-cli CONFIG SET requirepass "$REDIS_PASSWORD"`
			`$STD redis-cli -a "$REDIS_PASSWORD" CONFIG REWRITE`
			`$STD systemctl restart redis`

			`# Test Redis with password auth`
			`$STD redis-cli -a "$REDIS_PASSWORD" ping`

			`echo "" >~/ghostery.creds`
			`echo "Ghostery Redis Credentials" >>~/ghostery.creds`
			`echo "" >>~/ghostery.creds`
			`echo -e "ghostery Redis Password: \e[32m$REDIS_PASSWORD\e[0m" >>~/ghostery.creds`

			`#-- END REDIS CACHE`

			`# GHOSTFOLIO =================================`
			`## Setup Vars`
			`NODE_VERSION=20`
ping ghostfolio version 2024-10-22 17:21:44 +02:00			`GHOSTFOLIO_VERSION='2.117.0'`
initial commit (untested) 2024-10-21 23:46:00 +02:00
			`cd /opt/`

			`# Set up nodejs 20 (project requires this version)`
			`$STD curl -fsSL https://deb.nodesource.com/setup_$NODE_VERSION.x -o nodesource_setup.sh`
			`$STD bash nodesource_setup.sh`
			`rm nodesource_setup.sh`
			`$STD apt-get update`

			`$STD apt-get install -y --no-install-suggests \`
			`nodejs \`
			`g++ \`
			`git \`
			`make \`
			`openssl \`
			`python3`

ping ghostfolio version 2024-10-22 17:21:44 +02:00			`# Determine the latest version if needed - find another way, this resolves correctly but throws: -bash: line 107: version=https://github.com/ghostfolio/ghostfolio/releases/tag/2.117.0: No such file or directory`
			`# if [[ "$GHOSTFOLIO_VERSION" == "latest" ]]; then`
			`# $STD version=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/ghostfolio/ghostfolio/releases/latest)`
			`# $STD GHOSTFOLIO_VERSION=${version##*/}`
			`# fi`
initial commit (untested) 2024-10-21 23:46:00 +02:00
			`# Get the realease`
			`$STD curl -Ls -o ghostfolio-$GHOSTFOLIO_VERSION.tgz https://github.com/ghostfolio/ghostfolio/archive/refs/tags/$GHOSTFOLIO_VERSION.tar.gz`
			`$STD tar xzf ghostfolio-$GHOSTFOLIO_VERSION.tgz`
			`$STD rm ghostfolio-$GHOSTFOLIO_VERSION.tgz`

			`cd /opt/ghostfolio-$GHOSTFOLIO_VERSION`

			`# Build the project`
			`$STD npm install`
			`$STD npm run build:production`

			`# package.json was generated by the build process, however the original`
			`# package-lock.json needs to be used to ensure the same versions`
			`# curl -o package-lock.json https://raw.githubusercontent.com/ghostfolio/ghostfolio/refs/tags/$GHOSTFOLIO_VERSION/package-lock.json`
			`mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/package-lock.json /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/`
			`#cp package-lock.json dist/apps/api/`

			`cd /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/`
			`$STD npm install`
			`mv -r /opt/ghostfolio-$GHOSTFOLIO_VERSION/prisma .`

			`# Overwrite the generated package.json with the original one to ensure having`
			`# all the scripts`
			`# curl -o package.json https://raw.githubusercontent.com/ghostfolio/ghostfolio/refs/tags/$GHOSTFOLIO_VERSION/package.json`
			`mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/package.json /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps/api/`
			`$STD npm run database:generate-typings`

			`# Move the built project to /opt/ghostfolio`
			`cd /opt`
			`mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/dist/apps /opt/ghostfolio`
			`mv /opt/ghostfolio-$GHOSTFOLIO_VERSION/docker/entrypoint.sh /opt/ghostfolio/`

			`rm -rf /opt/ghostfolio-$GHOSTFOLIO_VERSION`

			`# --- END GHOSTFOLIO`

			`# SERVICE =================================`
			`# Create env file`
			`msg_info "Creating Environment File"`
			`cat <<EOF >/opt/ghostfolio/api/.env`
			`# Node`
			`NODE_OPTIONS=--max_old_space_size=2048`
			`# CACHE`
			`REDIS_HOST=$REDIS_HOST`
			`REDIS_PORT=$REDIS_PORT`
			`REDIS_PASSWORD=$REDIS_PASSWORD`
			`# POSTGRES`
			`POSTGRES_DB=$POSTGRES_DB`
			`POSTGRES_USER=$POSTGRES_USER`
			`POSTGRES_PASSWORD=$POSTGRES_PASSWORD`
			`# VARIOUS`
			`ACCESS_TOKEN_SALT=$ACCESS_TOKEN_SALT`
			`DATABASE_URL="$DATABASE_URL"`
			`JWT_SECRET_KEY=$JWT_SECRET_KEY`
			`EOF`

			`msg_info "Creating Startup Script"`
			`# Create startup script`
			`cat <<EOF >/opt/ghostfolio/start.sh`
			`#!/bin/bash`
			`# Source the environment vars and export them otherwise it wont get them properly`
			`set -a`
			`. /opt/ghostfolio/api/.env`
			`set +a`
			`# Run the docker entrypoint`
			`/opt/ghostfolio/entrypoint.sh`
			`EOF`

			`chmod +x /opt/ghostfolio/start.sh`

			`msg_info "Creating Systemd Service Definition"`
			`# Create Systemd Service`
			`cat <<EOF >/etc/systemd/system/ghostfolio.service`
			`[Unit]`
			`Description=ghostfolio`
			`[Service]`
			`After=postgresql.servicei redis.service`
			`Require=postgresql.servicei redis.service`
			`# Start Service`
			`ExecStart=/opt/ghostfolio/start.sh`
			`WorkingDirectory=/opt/ghostfolio/api/`
			`# Restart service after 10 seconds if node service crashes`
			`RestartSec=10`
			`Restart=always`
			`# Output to syslog`
			`StandardOutput=syslog`
			`StandardError=syslog`
			`SyslogIdentifier=ghostfolio`
			`[Install]`
			`WantedBy=multi-user.target`
			`EOF`

			`# Make the service run on container startup`
			`systemctl enable ghostfolio`
			`systemctl start ghostfolio`
			`msg_ok "Created Service"`
			`# -- END SERVICE`

			`motd_ssh`
			`customize`

			`msg_info "Cleaning up"`
			`apt remove -y make git g++`
			`$STD apt-get -y autoremove`
			`$STD apt-get -y autoclean`
			`msg_ok "Cleaned"`