asset_backups/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2025-11-21 04:55:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

infisical (#8926)

Browse Source 
* 'Add new script'

* Update infisical.sh

* Update Infisical installation script with dynamic keys

* Remove cleanup commands from install script

Removed cleanup commands from the Infisical installation script.

* Refactor Infisical repository setup process

* Update date_created to 2025-11-07

---------

Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
Co-authored-by: Slaviša Arežina <58952836+tremor021@users.noreply.github.com>
Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>
This commit is contained in:
push-app-to-main[bot]
2025-11-07 09:40:08 +01:00
committed by Michel Roegl-Brunner
parent 4990162ed5
commit abe7dc631d
4 changed files with 169 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
install/infisical-install.sh Normal file
View File

@@ -0,0 +1,68 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2025 community-scripts ORG
# Author: Slaviša Arežina (tremor021)
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://infisical.com/
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os
msg_info "Installing Dependencies"
$STD apt install -y \
apt-transport-https \
ca-certificates \
redis
msg_ok "Installed Dependencies"
PG_VERSION="17" setup_postgresql
msg_info "Setting up Infisical Repository"
setup_deb822_repo \
"infisical" \
"https://artifacts-infisical-core.infisical.com/infisical.gpg" \
"https://artifacts-infisical-core.infisical.com/deb" \
"stable"
msg_ok "Setup Infisical repository"
msg_info "Configuring PostgreSQL"
DB_NAME="infisical_db"
DB_USER="infisical"
DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC';"
{
echo "Infiscal Credentials"
echo "Database Name: $DB_NAME"
echo "Database User: $DB_USER"
echo "Database Password: $DB_PASS"
} >>~/infisical.creds
msg_ok "Configured PostgreSQL"
msg_info "Setting up Infisical"
AUTH_SECRET="$(openssl rand -base64 32 | tr -d '\n')"
ENC_KEY="$(openssl rand -hex 16 | tr -d '\n')"
IP_ADDR=$(hostname -I | awk '{print $1}')
$STD apt install -y infisical-core
mkdir -p /etc/infisical
cat <<EOF >/etc/infisical/infisical.rb
infisical_core['ENCRYPTION_KEY'] = '$ENC_KEY'
infisical_core['AUTH_SECRET'] = '$AUTH_SECRET'
infisical_core['HOST'] = '$IP_ADDR'
infisical_core['DB_CONNECTION_URI'] = 'postgres://${DB_USER}:${DB_PASS}@localhost:5432/${DB_NAME}'
infisical_core['REDIS_URL'] = 'redis://localhost:6379'
EOF
$STD infisical-ctl reconfigure
msg_ok "Setup Infisical"
motd_ssh
customize
cleanup_lxc