Merge pull request #1865 from epiHATR/main

Add OneTimeSecret
2026-06-01 08:23:38 +02:00
parent d3c37ae91a e87465c5d1
commit bc4b938114
4 changed files with 331 additions and 0 deletions
--- a/ct/headers/onetimesecret
+++ b/ct/headers/onetimesecret
@@ -0,0 +1,6 @@
+   ____              __  _                    _____                          __
+  / __ \____  ___   / /_(_)___ ___  ___     / ___/___  _____________  ____  / /_
+ / / / / __ \/ _ \ / __/ / __ `__ \/ _ \    \__ \/ _ \/ ___/ ___/ _ \/ __ \/ __/
+/ /_/ / / / /  __// /_/ / / / / / /  __/   ___/ /  __/ /__/ /  /  __/ /_/ / /_
+\____/_/ /_/\___/ \__/_/_/ /_/ /_/\___/   /____/\___/\___/_/   \___/\____/\__/
+
--- a/ct/onetimesecret.sh
+++ b/ct/onetimesecret.sh
@@ -0,0 +1,136 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Hai Tran (epiHATR)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://onetimesecret.com/ | Github: https://github.com/onetimesecret/onetimesecret
+
+APP="OneTimeSecret"
+var_tags="${var_tags:-security;privacy;secrets}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-10}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  SSL_VALUE="${OTS_SSL:-}"
+  if [[ -n "${SSL_VALUE}" ]]; then
+    case "${SSL_VALUE,,}" in
+    1 | true | yes | on) SSL_VALUE="true" ;;
+    0 | false | no | off) SSL_VALUE="false" ;;
+    *)
+      msg_error "Invalid OTS_SSL value '${OTS_SSL}' (use true/false)"
+      exit 1
+      ;;
+    esac
+  fi
+
+  if [[ ! -d /opt/onetimesecret ]] || [[ ! -f /opt/onetimesecret/.env ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "onetimesecret" "onetimesecret/onetimesecret"; then
+    msg_info "Stopping Service"
+    systemctl stop onetimesecret
+    msg_ok "Stopped Service"
+
+    msg_info "Backing up Configuration"
+    cp /opt/onetimesecret/.env /opt/onetimesecret.env.bak
+    mkdir -p /opt/onetimesecret_etc_backup
+    for FILE in auth.yaml config.yaml logging.yaml puma.rb; do
+      [[ -f /opt/onetimesecret/etc/${FILE} ]] && cp "/opt/onetimesecret/etc/${FILE}" "/opt/onetimesecret_etc_backup/${FILE}"
+    done
+    msg_ok "Backed up Configuration"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "onetimesecret" "onetimesecret/onetimesecret" "tarball"
+
+    RUBY_VERSION=$(sed -n "s/^ruby '>= \([0-9.]*\)'.*/\1/p" /opt/onetimesecret/Gemfile)
+    RUBY_VERSION="${RUBY_VERSION:-3.4.7}" setup_ruby
+
+    PNPM_VERSION=$(sed -n 's/.*"packageManager": "pnpm@\([^"]*\)".*/\1/p' /opt/onetimesecret/package.json)
+    NODE_VERSION=$(tr -d ' \n' </opt/onetimesecret/.nvmrc 2>/dev/null)
+    NODE_VERSION="${NODE_VERSION:-25}" NODE_MODULE="pnpm@${PNPM_VERSION:-11.1.2}" setup_nodejs
+
+    msg_info "Restoring Configuration"
+    cp /opt/onetimesecret.env.bak /opt/onetimesecret/.env
+    mkdir -p /opt/onetimesecret/etc
+    for FILE in auth.yaml config.yaml logging.yaml puma.rb; do
+      [[ -f /opt/onetimesecret_etc_backup/${FILE} ]] && cp "/opt/onetimesecret_etc_backup/${FILE}" "/opt/onetimesecret/etc/${FILE}"
+    done
+    if [[ -n "${OTS_HOST:-}" ]]; then
+      sed -i "s|^HOST=.*|HOST=${OTS_HOST//&/\\&}|" /opt/onetimesecret/.env
+    fi
+    if [[ -n "${SSL_VALUE}" ]]; then
+      sed -i "s|^SSL=.*|SSL=${SSL_VALUE}|" /opt/onetimesecret/.env
+    fi
+    if grep -q '^RACK_ENV=' /opt/onetimesecret/.env; then
+      sed -i 's|^RACK_ENV=.*|RACK_ENV=production|' /opt/onetimesecret/.env
+    else
+      echo "RACK_ENV=production" >>/opt/onetimesecret/.env
+    fi
+    if grep -q '^AUTHENTICATION_MODE=' /opt/onetimesecret/.env; then
+      sed -i 's|^AUTHENTICATION_MODE=.*|AUTHENTICATION_MODE=simple|' /opt/onetimesecret/.env
+    else
+      echo "AUTHENTICATION_MODE=simple" >>/opt/onetimesecret/.env
+    fi
+    if ! grep -q '^PORT=' /opt/onetimesecret/.env; then
+      echo "PORT=3000" >>/opt/onetimesecret/.env
+    fi
+    chmod 600 /opt/onetimesecret/.env
+    rm -f /opt/onetimesecret.env.bak
+    rm -rf /opt/onetimesecret_etc_backup
+    msg_ok "Restored Configuration"
+
+    msg_info "Reconciling Application"
+    systemctl enable -q --now redis-server
+    cd /opt/onetimesecret
+    mkdir -p tmp/pids log
+    $STD bash ./install.sh reconcile
+    msg_ok "Reconciled Application"
+
+    msg_info "Building Frontend"
+    cd /opt/onetimesecret
+    $STD pnpm run build
+    msg_ok "Built Frontend"
+
+    msg_info "Starting Service"
+    systemctl start onetimesecret
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+DISPLAY_HOST="${OTS_HOST:-$IP}"
+case "${OTS_SSL:-false,,}" in
+1 | true | yes | on)
+  DISPLAY_SCHEME="https"
+  ;;
+*)
+  DISPLAY_SCHEME="http"
+  ;;
+esac
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}${DISPLAY_SCHEME}://${DISPLAY_HOST}${CL}"
+echo -e "${INFO}${YW} Configure hostname, TLS, and SMTP settings in:${CL}"
+echo -e "${TAB}${BGN}/opt/onetimesecret/.env${CL}"