install/ots-install.sh

#!/usr/bin/env bash

# Copyright (c) 2021-2025 community-scripts ORG
# Author: bvberg01
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/Luzifer/ots

source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os

msg_info "Installing Dependencies"
$STD apt-get install -y \
    redis-server \
    nginx \
    openssl
msg_ok "Installed Dependencies"

fetch_and_deploy_gh_release "ots" "Luzifer/ots" "prebuild" "latest" "/opt/ots" "ots_linux_amd64.tgz"

msg_info "Setup OTS"
cat <<EOF >/opt/ots/.env
LISTEN=127.0.0.1:3000
REDIS_URL=redis://127.0.0.1:6379
SECRET_EXPIRY=604800
STORAGE_TYPE=redis
EOF
msg_ok "Setup OTS"

msg_info "Generating Universal SSL Certificate"
mkdir -p /etc/ssl/ots
$STD openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
    -keyout /etc/ssl/ots/key.pem \
    -out /etc/ssl/ots/cert.pem \
    -subj "/CN=ots"
msg_ok "Certificate Generated"

msg_info "Setting up nginx"
cat <<EOF >/etc/nginx/sites-available/ots.conf
server {
    listen 80;
    listen [::]:80;
    server_name ots;
    return 301 https://\$host\$request_uri;
}
server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name ots;

  ssl_certificate /etc/ssl/ots/cert.pem;
  ssl_certificate_key /etc/ssl/ots/key.pem;

  location / {
    add_header X-Robots-Tag noindex;

    proxy_set_header Upgrade \$http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host \$host;
    proxy_set_header X-Real-IP \$remote_addr;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto \$scheme;
    client_max_body_size 64M;
    proxy_pass http://127.0.0.1:3000/;
  }
}
EOF

ln -s /etc/nginx/sites-available/ots.conf /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default
$STD systemctl reload nginx
msg_ok "Configured nginx"

msg_info "Creating Services"
cat <<EOF >/etc/systemd/system/ots.service
[Unit]
Description=One-Time-Secret Service
After=network-online.target
Requires=network-online.target

[Service]
EnvironmentFile=/opt/ots/.env
ExecStart=/opt/ots/ots
Restart=Always
RestartSecs=5

[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now ots
msg_ok "Created Services"

motd_ssh
customize

msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"
ots (#6532) * 'Add new script' * curl --------- Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-08-04 10:16:50 +02:00			`#!/usr/bin/env bash`

			`# Copyright (c) 2021-2025 community-scripts ORG`
			`# Author: bvberg01`
			`# License: MIT \| https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE`
			`# Source: https://github.com/Luzifer/ots`

			`source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"`
			`color`
			`verb_ip6`
			`catch_errors`
			`setting_up_container`
			`network_check`
			`update_os`

			`msg_info "Installing Dependencies"`
			`$STD apt-get install -y \`
			`redis-server \`
			`nginx \`
			`openssl`
			`msg_ok "Installed Dependencies"`

			`fetch_and_deploy_gh_release "ots" "Luzifer/ots" "prebuild" "latest" "/opt/ots" "ots_linux_amd64.tgz"`

			`msg_info "Setup OTS"`
			`cat <<EOF >/opt/ots/.env`
			`LISTEN=127.0.0.1:3000`
			`REDIS_URL=redis://127.0.0.1:6379`
			`SECRET_EXPIRY=604800`
			`STORAGE_TYPE=redis`
			`EOF`
			`msg_ok "Setup OTS"`

			`msg_info "Generating Universal SSL Certificate"`
			`mkdir -p /etc/ssl/ots`
			`$STD openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \`
			`-keyout /etc/ssl/ots/key.pem \`
			`-out /etc/ssl/ots/cert.pem \`
			`-subj "/CN=ots"`
			`msg_ok "Certificate Generated"`

			`msg_info "Setting up nginx"`
			`cat <<EOF >/etc/nginx/sites-available/ots.conf`
			`server {`
			`listen 80;`
			`listen [::]:80;`
			`server_name ots;`
			`return 301 https://\$host\$request_uri;`
			`}`
			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`
			`server_name ots;`

			`ssl_certificate /etc/ssl/ots/cert.pem;`
			`ssl_certificate_key /etc/ssl/ots/key.pem;`

			`location / {`
			`add_header X-Robots-Tag noindex;`

			`proxy_set_header Upgrade \$http_upgrade;`
			`proxy_set_header Connection "Upgrade";`
			`proxy_set_header Host \$host;`
			`proxy_set_header X-Real-IP \$remote_addr;`
			`proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto \$scheme;`
			`client_max_body_size 64M;`
			`proxy_pass http://127.0.0.1:3000/;`
			`}`
			`}`
			`EOF`

			`ln -s /etc/nginx/sites-available/ots.conf /etc/nginx/sites-enabled/`
			`rm -f /etc/nginx/sites-enabled/default`
			`$STD systemctl reload nginx`
			`msg_ok "Configured nginx"`

			`msg_info "Creating Services"`
			`cat <<EOF >/etc/systemd/system/ots.service`
			`[Unit]`
			`Description=One-Time-Secret Service`
			`After=network-online.target`
			`Requires=network-online.target`

			`[Service]`
			`EnvironmentFile=/opt/ots/.env`
			`ExecStart=/opt/ots/ots`
			`Restart=Always`
			`RestartSecs=5`

			`[Install]`
			`WantedBy=multi-user.target`
			`EOF`
			`systemctl enable -q --now ots`
			`msg_ok "Created Services"`

			`motd_ssh`
			`customize`

			`msg_info "Cleaning up"`
			`$STD apt-get -y autoremove`
			`$STD apt-get -y autoclean`
			`msg_ok "Cleaned"`