181 lines
4.9 KiB
Bash
181 lines
4.9 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Copyright (c) 2021-2026 community-scripts ORG
|
|
# Author: MickLesk (CanbiZ)
|
|
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
|
|
# Source: https://bunkerai.dev/
|
|
|
|
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
|
|
color
|
|
verb_ip6
|
|
catch_errors
|
|
setting_up_container
|
|
network_check
|
|
update_os
|
|
|
|
msg_info "Installing Dependencies"
|
|
$STD apt install -y \
|
|
build-essential \
|
|
mosquitto \
|
|
mosquitto-clients \
|
|
libmosquitto-dev \
|
|
nginx \
|
|
supervisor \
|
|
python3 \
|
|
python3-dev \
|
|
python3-venv \
|
|
python3-pip \
|
|
libffi-dev \
|
|
libssl-dev \
|
|
gcc \
|
|
openssl
|
|
msg_ok "Installed Dependencies"
|
|
|
|
NODE_VERSION="20" setup_nodejs
|
|
|
|
fetch_and_deploy_gh_release "bunkerm" "bunkeriot/BunkerM" "tarball"
|
|
|
|
msg_info "Setting up Python Environment"
|
|
python3 -m venv /opt/venv
|
|
/opt/venv/bin/pip install --upgrade pip >/dev/null 2>&1
|
|
$STD /opt/venv/bin/pip install --no-cache-dir \
|
|
psutil \
|
|
paho-mqtt \
|
|
fastapi \
|
|
python-dotenv \
|
|
pydantic \
|
|
pydantic-settings \
|
|
"uvicorn[standard]" \
|
|
flask \
|
|
flask-cors \
|
|
pytz \
|
|
statistics \
|
|
python-multipart \
|
|
"passlib[bcrypt]" \
|
|
python-jwt \
|
|
PyJWT \
|
|
slowapi \
|
|
secure \
|
|
python-decouple \
|
|
starlette-context \
|
|
structlog \
|
|
python-json-logger \
|
|
aiofiles \
|
|
types-aiofiles \
|
|
typing-extensions \
|
|
"sqlalchemy[asyncio]>=2.0.30" \
|
|
"aiosqlite>=0.20.0" \
|
|
"alembic>=1.13.0" \
|
|
"httpx>=0.27.0" \
|
|
"numpy>=1.26.0" \
|
|
"websockets>=12.0" \
|
|
"apscheduler>=3.10.0" \
|
|
cryptography \
|
|
pyOpenSSL \
|
|
"python-jose[cryptography]" \
|
|
fastapi-jwt-auth \
|
|
fastapi-limiter
|
|
msg_ok "Set up Python Environment"
|
|
|
|
msg_info "Building Frontend"
|
|
cd /opt/bunkerm/frontend
|
|
rm -f package-lock.json
|
|
export NODE_OPTIONS="--max-old-space-size=4096"
|
|
$STD npm install
|
|
AUTH_SECRET="build-time-placeholder" NEXT_TELEMETRY_DISABLED=1 $STD npm run build
|
|
unset NODE_OPTIONS
|
|
mkdir -p /nextjs
|
|
cp -r /opt/bunkerm/frontend/.next/standalone/. /nextjs/
|
|
cp -r /opt/bunkerm/frontend/.next/static /nextjs/.next/static
|
|
cp -r /opt/bunkerm/frontend/public /nextjs/public
|
|
msg_ok "Built Frontend"
|
|
|
|
msg_info "Setting up Application"
|
|
mkdir -p /app
|
|
cp -r /opt/bunkerm/backend/app/. /app/
|
|
touch /app/monitor/__init__.py
|
|
msg_ok "Set up Application"
|
|
|
|
msg_info "Configuring Mosquitto"
|
|
mkdir -p /etc/mosquitto/conf.d /var/lib/mosquitto/db /var/log/mosquitto /tmp/mosquitto_backups /tmp/dynsec_backups
|
|
cp /opt/bunkerm/backend/mosquitto/config/mosquitto.conf /etc/mosquitto/mosquitto.conf
|
|
cp -r /opt/bunkerm/backend/etc/mosquitto/conf.d/. /etc/mosquitto/conf.d/
|
|
cp /opt/bunkerm/backend/mosquitto/dynsec/dynamic-security.json /var/lib/mosquitto/dynamic-security.json
|
|
touch /etc/mosquitto/mosquitto_passwd
|
|
id -u mosquitto &>/dev/null || useradd -r -s /usr/sbin/nologin mosquitto
|
|
chown -R mosquitto:mosquitto /var/lib/mosquitto /var/log/mosquitto /etc/mosquitto
|
|
chmod 664 /etc/mosquitto/mosquitto_passwd
|
|
msg_ok "Configured Mosquitto"
|
|
|
|
msg_info "Configuring Nginx"
|
|
mkdir -p /run/nginx /etc/nginx/conf.d /var/log/nginx /var/lib/history
|
|
cp /opt/bunkerm/nginx.conf /etc/nginx/nginx.conf
|
|
cp /opt/bunkerm/default-next.conf /etc/nginx/conf.d/default.conf
|
|
msg_ok "Configured Nginx"
|
|
|
|
msg_info "Configuring Supervisor"
|
|
mkdir -p /var/log/supervisor /var/log/api /etc/bunkerm /nextjs/data
|
|
cp /opt/bunkerm/supervisord-next.conf /etc/supervisor/conf.d/bunkerm.conf
|
|
msg_ok "Configured Supervisor"
|
|
|
|
msg_info "Creating Environment"
|
|
MQTT_USERNAME="bunker"
|
|
MQTT_PASSWORD="bunker"
|
|
JWT_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
|
|
API_KEY=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
|
|
AUTH_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-48)
|
|
cat <<EOF >/etc/bunkerm/bunkerm.env
|
|
MQTT_BROKER=localhost
|
|
MQTT_PORT=1900
|
|
MQTT_USERNAME=${MQTT_USERNAME}
|
|
MQTT_PASSWORD=${MQTT_PASSWORD}
|
|
JWT_SECRET=${JWT_SECRET}
|
|
API_KEY=${API_KEY}
|
|
AUTH_SECRET=${AUTH_SECRET}
|
|
HOST_ADDRESS=${LOCAL_IP}
|
|
FRONTEND_URL=http://${LOCAL_IP}:2000
|
|
ALLOWED_ORIGINS=*
|
|
ALLOWED_HOSTS=*
|
|
RATE_LIMIT_PER_MINUTE=100
|
|
LOG_LEVEL=INFO
|
|
API_LOG_FILE=/var/log/api/api_activity.log
|
|
BROKER_LOG_PATH=/var/log/mosquitto/mosquitto.log
|
|
CLIENT_LOG_PATH=/var/log/api/api_activity.log
|
|
MOSQUITTO_PASSWD_PATH=/etc/mosquitto/mosquitto_passwd
|
|
MOSQUITTO_CONF_PATH=/etc/mosquitto/mosquitto.conf
|
|
MOSQUITTO_BACKUP_DIR=/tmp/mosquitto_backups
|
|
CONFIG_API_PORT=1005
|
|
DYNSEC_PATH=/var/lib/mosquitto/dynamic-security.json
|
|
DYNSEC_BACKUP_DIR=/tmp/dynsec_backups
|
|
MAX_UPLOAD_SIZE=10485760
|
|
PYTHONPATH=/app/monitor
|
|
NODE_ENV=production
|
|
BUNKERAI_API_KEY=
|
|
BUNKERAI_WS_URL=wss://api.bunkerai.dev/connect
|
|
EOF
|
|
msg_ok "Created Environment"
|
|
|
|
msg_info "Creating Service"
|
|
cat <<EOF >/etc/systemd/system/bunkerm.service
|
|
[Unit]
|
|
Description=BunkerM MQTT Management Platform
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=root
|
|
EnvironmentFile=/etc/bunkerm/bunkerm.env
|
|
ExecStart=/usr/bin/supervisord -c /etc/supervisor/conf.d/bunkerm.conf -n
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
systemctl enable -q --now bunkerm
|
|
msg_ok "Created Service"
|
|
|
|
motd_ssh
|
|
customize
|
|
cleanup_lxc
|