Add installers and CT templates for four apps

Add container templates (ct/) and install scripts (install/) plus metadata JSON entries for BunkerM, Colanode, Edit-Mind, and ExcaliDash. Each app includes an LXC template script with update routines, a corresponding installer that provisions dependencies, builds the app, configures services (systemd/nginx/supervisor), and example default environment/config. JSON metadata files register interface ports, recommended resources, documentation/website links, and notes for each app.

install/bunkerm-install.sh

@@ -0,0 +1,177 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
+# Source: https://bunkerai.dev/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  build-essential \
+  mosquitto \
+  mosquitto-clients \
+  libmosquitto-dev \
+  nginx \
+  supervisor \
+  python3 \
+  python3-dev \
+  python3-venv \
+  python3-pip \
+  libffi-dev \
+  libssl-dev \
+  gcc \
+  openssl
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="20" setup_nodejs
+
+fetch_and_deploy_gh_release "bunkerm" "bunkeriot/BunkerM" "tarball"
+
+msg_info "Setting up Python Environment"
+python3 -m venv /opt/venv
+/opt/venv/bin/pip install --upgrade pip >/dev/null 2>&1
+$STD /opt/venv/bin/pip install --no-cache-dir \
+  psutil \
+  paho-mqtt \
+  fastapi \
+  python-dotenv \
+  pydantic \
+  pydantic-settings \
+  "uvicorn[standard]" \
+  flask \
+  flask-cors \
+  pytz \
+  statistics \
+  python-multipart \
+  "passlib[bcrypt]" \
+  python-jwt \
+  PyJWT \
+  slowapi \
+  secure \
+  python-decouple \
+  starlette-context \
+  structlog \
+  python-json-logger \
+  aiofiles \
+  types-aiofiles \
+  typing-extensions \
+  "sqlalchemy[asyncio]>=2.0.30" \
+  "aiosqlite>=0.20.0" \
+  "alembic>=1.13.0" \
+  "httpx>=0.27.0" \
+  "numpy>=1.26.0" \
+  "websockets>=12.0" \
+  "apscheduler>=3.10.0" \
+  cryptography \
+  pyOpenSSL \
+  "python-jose[cryptography]" \
+  fastapi-jwt-auth \
+  fastapi-limiter
+msg_ok "Set up Python Environment"
+
+msg_info "Building Frontend"
+cd /opt/bunkerm/frontend
+AUTH_SECRET="build-time-placeholder" NEXT_TELEMETRY_DISABLED=1 $STD npm ci
+AUTH_SECRET="build-time-placeholder" NEXT_TELEMETRY_DISABLED=1 $STD npm run build
+mkdir -p /nextjs
+cp -r /opt/bunkerm/frontend/.next/standalone/. /nextjs/
+cp -r /opt/bunkerm/frontend/.next/static /nextjs/.next/static
+cp -r /opt/bunkerm/frontend/public /nextjs/public
+msg_ok "Built Frontend"
+
+msg_info "Setting up Application"
+mkdir -p /app
+cp -r /opt/bunkerm/backend/app/. /app/
+touch /app/monitor/__init__.py
+msg_ok "Set up Application"
+
+msg_info "Configuring Mosquitto"
+mkdir -p /etc/mosquitto/conf.d /var/lib/mosquitto/db /var/log/mosquitto /tmp/mosquitto_backups /tmp/dynsec_backups
+cp /opt/bunkerm/backend/mosquitto/config/mosquitto.conf /etc/mosquitto/mosquitto.conf
+cp -r /opt/bunkerm/backend/etc/mosquitto/conf.d/. /etc/mosquitto/conf.d/
+cp /opt/bunkerm/backend/mosquitto/dynsec/dynamic-security.json /var/lib/mosquitto/dynamic-security.json
+touch /etc/mosquitto/mosquitto_passwd
+id -u mosquitto &>/dev/null || useradd -r -s /usr/sbin/nologin mosquitto
+chown -R mosquitto:mosquitto /var/lib/mosquitto /var/log/mosquitto /etc/mosquitto
+chmod 664 /etc/mosquitto/mosquitto_passwd
+msg_ok "Configured Mosquitto"
+
+msg_info "Configuring Nginx"
+mkdir -p /run/nginx /etc/nginx/conf.d /var/log/nginx /var/lib/history
+cp /opt/bunkerm/nginx.conf /etc/nginx/nginx.conf
+cp /opt/bunkerm/default-next.conf /etc/nginx/conf.d/default.conf
+msg_ok "Configured Nginx"
+
+msg_info "Configuring Supervisor"
+mkdir -p /var/log/supervisor /var/log/api /etc/bunkerm /nextjs/data
+cp /opt/bunkerm/supervisord-next.conf /etc/supervisor/conf.d/bunkerm.conf
+msg_ok "Configured Supervisor"
+
+msg_info "Creating Environment"
+MQTT_USERNAME="bunker"
+MQTT_PASSWORD="bunker"
+JWT_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
+API_KEY=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
+AUTH_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
+cat <<EOF >/etc/bunkerm/bunkerm.env
+MQTT_BROKER=localhost
+MQTT_PORT=1900
+MQTT_USERNAME=${MQTT_USERNAME}
+MQTT_PASSWORD=${MQTT_PASSWORD}
+JWT_SECRET=${JWT_SECRET}
+API_KEY=${API_KEY}
+AUTH_SECRET=${AUTH_SECRET}
+HOST_ADDRESS=${LOCAL_IP}
+FRONTEND_URL=http://${LOCAL_IP}:2000
+ALLOWED_ORIGINS=*
+ALLOWED_HOSTS=*
+RATE_LIMIT_PER_MINUTE=100
+LOG_LEVEL=INFO
+API_LOG_FILE=/var/log/api/api_activity.log
+BROKER_LOG_PATH=/var/log/mosquitto/mosquitto.log
+CLIENT_LOG_PATH=/var/log/api/api_activity.log
+MOSQUITTO_PASSWD_PATH=/etc/mosquitto/mosquitto_passwd
+MOSQUITTO_CONF_PATH=/etc/mosquitto/mosquitto.conf
+MOSQUITTO_BACKUP_DIR=/tmp/mosquitto_backups
+CONFIG_API_PORT=1005
+DYNSEC_PATH=/var/lib/mosquitto/dynamic-security.json
+DYNSEC_BACKUP_DIR=/tmp/dynsec_backups
+MAX_UPLOAD_SIZE=10485760
+PYTHONPATH=/app/monitor
+NODE_ENV=production
+BUNKERAI_API_KEY=
+BUNKERAI_WS_URL=wss://api.bunkerai.dev/connect
+EOF
+msg_ok "Created Environment"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/bunkerm.service
+[Unit]
+Description=BunkerM MQTT Management Platform
+After=network.target
+
+[Service]
+Type=simple
+User=root
+EnvironmentFile=/etc/bunkerm/bunkerm.env
+ExecStart=/usr/bin/supervisord -c /etc/supervisor/conf.d/bunkerm.conf -n
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now bunkerm
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc