Merge branch 'main' of https://github.com/community-scripts/ProxmoxVED

ct/headers/hermesagent

@@ -0,0 +1,6 @@
+    __  __                                 ___                    __ 
+   / / / /__  _________ ___  ___  _____   /   | ____ ____  ____  / /_
+  / /_/ / _ \/ ___/ __ `__ \/ _ \/ ___/  / /| |/ __ `/ _ \/ __ \/ __/
+ / __  /  __/ /  / / / / / /  __(__  )  / ___ / /_/ /  __/ / / / /_  
+/_/ /_/\___/_/  /_/ /_/ /_/\___/____/  /_/  |_\__, /\___/_/ /_/\__/  
+                                             /____/                  

ct/headers/squid

@@ -0,0 +1,6 @@
+   _____             _     __
+  / ___/____ ___  __(_)___/ /
+  \__ \/ __ `/ / / / / __  / 
+ ___/ / /_/ / /_/ / / /_/ /  
+/____/\__, /\__,_/_/\__,_/   
+        /_/                  

ct/hermesagent.sh

@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Stephen Chin (steveonjava)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://hermes-agent.nousresearch.com/
+
+APP="Hermes Agent"
+var_tags="${var_tags:-ai;automation;agent}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-20}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -x /home/hermes/.local/bin/hermes ]]; then
+    msg_error "No Hermes Agent Installation Found!"
+    exit
+  fi
+
+  msg_warn "WARNING: This script will run an external installer from a third-party source (https://hermes-agent.nousresearch.com/)."
+  msg_warn "The following code is NOT maintained or audited by our repository."
+  msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+  msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  hermes update (https://hermes-agent.nousresearch.com/)"
+  echo
+  read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+  if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+    msg_error "Aborted by user. No changes have been made."
+    exit 10
+  fi
+
+  msg_info "Stopping Services"
+  systemctl stop hermes-dashboard
+  msg_ok "Stopped Services"
+
+  msg_info "Updating Hermes Agent"
+  $STD setsid --wait bash -c '
+    set -a; source /etc/default/hermes; set +a
+    /home/hermes/.local/bin/hermes update --yes
+  '
+  chown -R hermes:hermes /home/hermes
+  msg_ok "Updated Hermes Agent"
+
+  msg_info "Starting Services"
+  systemctl start hermes-dashboard
+  msg_ok "Started Services"
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}Hermes Agent setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Configure your model provider and gateway server inside the container:${CL}"
+echo -e "${TAB}${BGN}su - hermes${CL}"
+echo -e "${TAB}${BGN}hermes setup${CL}"
+echo -e "${INFO}${YW}Key for Hermes API Server stored in:${CL}"
+echo -e "${TAB}${BGN}/home/hermes/.hermes/.env${CL}"

ct/squid.sh

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: 007hacky007
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.squid-cache.org/
+
+APP="Squid"
+var_tags="${var_tags:-proxy}"
+var_cpu="${var_cpu:-1}"
+var_ram="${var_ram:-512}"
+var_disk="${var_disk:-4}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+  if [[ ! -f /etc/squid/squid.conf ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+  msg_info "Updating Squid"
+  $STD apt update
+  $STD apt upgrade -y
+  msg_ok "Updated Squid"
+
+  msg_info "Validating Squid Configuration"
+  $STD squid -k parse
+  msg_ok "Validated Squid Configuration"
+
+  msg_info "Restarting Squid"
+  systemctl restart squid
+  msg_ok "Restarted Squid"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Proxy endpoint:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}${IP}:3128${CL}"
+echo -e "${INFO}${YW} Add a proxy user inside the container with:${CL}"
+echo -e "${TAB}${BGN}htpasswd /etc/squid/passwords <username>${CL}"

install/hermesagent-install.sh

@@ -0,0 +1,106 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Stephen Chin (steveonjava)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://hermes-agent.nousresearch.com/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y git
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="22" setup_nodejs
+
+msg_info "Creating Hermes User"
+useradd -m -s /bin/bash hermes
+loginctl enable-linger hermes
+echo 'export XDG_RUNTIME_DIR="${XDG_RUNTIME_DIR:-/run/user/$(id -u)}"' >>/home/hermes/.profile
+msg_ok "Created Hermes User"
+
+msg_info "Configuring Service Environment"
+cat <<EOF >/etc/default/hermes
+HOME=/home/hermes
+PATH=/home/hermes/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+NODE_OPTIONS=${NODE_OPTIONS}
+EOF
+msg_ok "Configured Service Environment"
+
+msg_warn "WARNING: This script will run an external installer from a third-party source (https://hermes-agent.nousresearch.com/)."
+msg_warn "The following code is NOT maintained or audited by our repository."
+msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  https://hermes-agent.nousresearch.com/install.sh"
+echo
+read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  msg_error "Aborted by user. No changes have been made."
+  exit 10
+fi
+
+msg_info "Installing Hermes Agent"
+$STD setsid --wait bash -c '
+  set -a; source /etc/default/hermes; set +a
+  bash <(curl -fsSL https://hermes-agent.nousresearch.com/install.sh) --skip-setup --hermes-home /home/hermes/.hermes --dir /home/hermes/.hermes/hermes-agent
+'
+chown -R hermes:hermes /home/hermes
+chmod 750 /home/hermes
+chmod 700 /home/hermes/.hermes
+git config --system --add safe.directory /home/hermes/.hermes/hermes-agent 2>/dev/null || true
+msg_ok "Installed Hermes Agent"
+
+msg_info "Configuring API Server"
+API_SERVER_KEY=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)
+mkdir -p /home/hermes/.hermes
+cat <<EOF >/home/hermes/.hermes/.env
+API_SERVER_ENABLED=true
+API_SERVER_HOST=0.0.0.0
+API_SERVER_PORT=8642
+API_SERVER_KEY=${API_SERVER_KEY}
+EOF
+chmod 600 /home/hermes/.hermes/.env
+msg_ok "Configured API Server"
+
+msg_info "Creating Dashboard Service"
+cat <<EOF >/etc/systemd/system/hermes-dashboard.service
+[Unit]
+Description=Hermes Agent Web Dashboard
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=hermes
+Group=hermes
+UMask=0077
+WorkingDirectory=/home/hermes
+ExecStart=/home/hermes/.local/bin/hermes dashboard --host 127.0.0.1 --port 9119 --no-open
+EnvironmentFile=/etc/default/hermes
+Restart=on-failure
+RestartSec=5
+ProtectProc=invisible
+ProcSubset=pid
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now hermes-dashboard
+msg_ok "Created Dashboard Service"
+
+msg_info "Configuring Login Hints"
+cat <<'HINT' >/etc/profile.d/hermes-hint.sh
+if [[ "$(id -u)" -eq 0 ]]; then
+  echo "  Use 'su - hermes' to switch to the hermes user for running Hermes Agent."
+fi
+HINT
+msg_ok "Configured Login Hints"
+
+motd_ssh
+customize
+cleanup_lxc

install/squid-install.sh

@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: 007hacky007
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.squid-cache.org/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Configuring Squid"
+mkdir -p /etc/squid
+cat <<EOF >/etc/squid/squid.conf
+acl localnet src 0.0.0.1-0.255.255.255
+acl localnet src 10.0.0.0/8
+acl localnet src 100.64.0.0/10
+acl localnet src 169.254.0.0/16
+acl localnet src 172.16.0.0/12
+acl localnet src 192.168.0.0/16
+acl localnet src fc00::/7
+acl localnet src fe80::/10
+
+acl SSL_ports port 443
+acl Safe_ports port 80
+acl Safe_ports port 21
+acl Safe_ports port 443
+acl Safe_ports port 70
+acl Safe_ports port 210
+acl Safe_ports port 1025-65535
+acl Safe_ports port 280
+acl Safe_ports port 488
+acl Safe_ports port 591
+acl Safe_ports port 777
+acl CONNECT method CONNECT
+
+http_access deny !Safe_ports
+http_access deny CONNECT !SSL_ports
+http_access allow localhost manager
+http_access deny manager
+
+auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
+auth_param basic realm proxy
+acl authenticated proxy_auth REQUIRED
+http_access allow authenticated
+http_access deny all
+
+http_port 3128
+
+coredump_dir /var/spool/squid
+
+refresh_pattern ^ftp:        1440    20%    10080
+refresh_pattern ^gopher:     1440    0%     1440
+refresh_pattern -i (/cgi-bin/|\\?) 0  0%     0
+refresh_pattern .            0       20%    4320
+
+# Privacy / hardening
+httpd_suppress_version_string on
+visible_hostname $(hostname)
+forwarded_for delete
+request_header_access X-Forwarded-For deny all
+EOF
+msg_ok "Configured Squid"
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  squid \
+  apache2-utils
+msg_ok "Installed Dependencies"
+
+msg_info "Configuring Squid Authentication"
+touch /etc/squid/passwords
+chown proxy:proxy /etc/squid/passwords
+chmod 640 /etc/squid/passwords
+$STD squid -k parse
+msg_ok "Configured Squid Authentication"
+
+msg_info "Starting Service"
+systemctl enable -q --now squid
+msg_ok "Started Service"
+
+motd_ssh
+customize
+cleanup_lxc

json/hermesagent.json

@@ -0,0 +1,56 @@
+{
+    "name": "Hermes Agent",
+    "slug": "hermesagent",
+    "categories": [
+        20
+    ],
+    "date_created": "2026-05-02",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": null,
+    "documentation": "https://hermes-agent.nousresearch.com/docs",
+    "website": "https://hermes-agent.nousresearch.com",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/hermes.webp",
+    "description": "Self-improving AI agent by Nous Research. Connects to 15+ LLM providers, executes terminal commands, browses the web, and learns from experience. Supports 16 messaging platforms (Telegram, Discord, Slack, WhatsApp, Signal, Matrix, and more) with persistent memory and autonomous skill creation.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/hermesagent.sh",
+            "config_path": "/home/hermes/.hermes/.env",
+            "resources": {
+                "cpu": 2,
+                "ram": 4096,
+                "hdd": 20,
+                "os": "debian",
+                "version": "13"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "Installation sources scripts outside of Community Scripts repo. Please check the source before installing.",
+            "type": "warning"
+        },
+        {
+            "text": "Hermes can execute terminal commands. The agent runs as a dedicated 'hermes' service user for isolation.",
+            "type": "warning"
+        },
+        {
+            "text": "After container startup, login, switch to the hermes user (su - hermes) and run 'hermes setup' to configure your model provider and gateway server.",
+            "type": "info"
+        },
+        {
+            "text": "OpenAI-compatible API server available at http://<container-ip>:8642/v1. API key is stored in /home/hermes/.hermes/.env.",
+            "type": "info"
+        },
+        {
+            "text": "Access the web dashboard via SSH tunnel: ssh -fNL 9119:localhost:9119 root@<container-ip>, then open http://localhost:9119",
+            "type": "info"
+        }
+    ]
+}

json/squid.json

@@ -0,0 +1,40 @@
+{
+  "name": "Squid",
+  "slug": "squid",
+  "categories": [
+    4
+  ],
+  "date_created": "2026-04-13",
+  "type": "ct",
+  "updateable": true,
+  "privileged": false,
+  "interface_port": 3128,
+  "documentation": "https://wiki.squid-cache.org/SquidFaq",
+  "website": "https://www.squid-cache.org/",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/squid.webp",
+  "config_path": "/etc/squid/squid.conf",
+  "description": "Squid is a mature caching and forwarding proxy server that can operate as an authenticated HTTP forward proxy for outbound web traffic. This container deploys Squid with basic authentication, generated initial credentials, and a guided MOTD for simple user management.",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/squid.sh",
+      "resources": {
+        "cpu": 1,
+        "ram": 512,
+        "hdd": 4,
+        "os": "debian",
+        "version": "13"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": [
+    {
+      "type": "info",
+      "text": "Create a proxy user after installation with `htpasswd /etc/squid/passwords <username>`."
+    }
+  ]
+}