New Script: Privatebin (#1925)

* Create privatebin-install.sh

* Create privatebin.sh

* Create privatebin.json

* Update ct/privatebin.sh

Co-authored-by: Michel Roegl-Brunner <[email protected]>

* Update install/privatebin-install.sh

Co-authored-by: Michel Roegl-Brunner <[email protected]>

* Update install/privatebin-install.sh

Co-authored-by: Michel Roegl-Brunner <[email protected]>

* Update install/privatebin-install.sh

Co-authored-by: Michel Roegl-Brunner <[email protected]>

* Update ct/privatebin.sh

Co-authored-by: Michel Roegl-Brunner <[email protected]>

---------

Co-authored-by: Michel Roegl-Brunner <[email protected]>

Author: opastorello

ct/privatebin.sh

@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: Nícolas Pastorello (opastorello)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+
+# App Default Values
+APP="PrivateBin"
+var_tags="paste;secure"
+var_cpu="1"
+var_ram="1024"
+var_disk="4"
+var_os="debian"
+var_version="12"
+var_unprivileged="1"
+
+# App Output & Base Settings
+header_info "$APP"
+base_settings
+
+# Core
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+  if [[ ! -d /opt/privatebin ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+  RELEASE=$(curl -s https://api.github.com/repos/PrivateBin/PrivateBin/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
+  if [[ ! -f /opt/${APP}_version.txt ]] || [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]]; then
+    msg_info "Updating ${APP} to v${RELEASE}"
+    echo "${RELEASE}" >/opt/${APP}_version.txt
+    cp -f /opt/privatebin/cfg/conf.php /tmp/privatebin_conf.bak
+    wget -q "https://github.com/PrivateBin/PrivateBin/archive/refs/tags/${RELEASE}.zip"
+    unzip -q ${RELEASE}.zip
+    rm -rf /opt/privatebin/*
+    mv PrivateBin-${RELEASE}/* /opt/privatebin/
+    mv /tmp/privatebin_conf.bak /opt/privatebin/cfg/conf.php
+    chown -R www-data:www-data /opt/privatebin
+    chmod -R 0755 /opt/privatebin/data
+    echo "${RELEASE}" >/opt/${APP}_version.txt
+    rm -rf ${RELEASE}.zip PrivateBin-${RELEASE}
+    systemctl reload nginx php8.2-fpm
+    msg_ok "Updated ${APP} to v${RELEASE}"
+  else
+    msg_ok "No update required. ${APP} is already at v${RELEASE}"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}https://${IP}${CL}"

install/privatebin-install.sh

@@ -0,0 +1,110 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: Nícolas Pastorello (opastorello)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt-get install -y \
+    curl \
+    sudo \
+    mc \
+    nginx \
+    php8.2-fpm \
+    php8.2-{common,cli,gd,mbstring,xml,fpm,curl,zip} \
+    unzip \
+    openssl
+msg_ok "Installed Dependencies"
+
+msg_info "Installing PrivateBin"
+RELEASE=$(curl -s https://api.github.com/repos/PrivateBin/PrivateBin/releases/latest | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
+echo "${RELEASE}" >/opt/${APPLICATION}_version.txt
+mkdir -p /opt/privatebin
+cd /opt/privatebin
+wget -q "https://github.com/PrivateBin/PrivateBin/archive/refs/tags/${RELEASE}.zip"
+$STD unzip -q ${RELEASE}.zip
+mv PrivateBin-${RELEASE}/* .
+msg_ok "Installed PrivateBin"
+
+msg_info "Generating Universal SSL Certificate"
+mkdir -p /etc/ssl/privatebin
+$STD openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+    -keyout /etc/ssl/privatebin/key.pem \
+    -out /etc/ssl/privatebin/cert.pem \
+    -subj "/CN=PrivateBin"
+msg_ok "Certificate Generated"
+
+msg_info "Configuring Environment"
+mkdir -p /opt/privatebin/data
+cp cfg/conf.sample.php /opt/privatebin/cfg/conf.php
+sed -i "s|// 'traffic'|'traffic'|g" /opt/privatebin/cfg/conf.php
+chown -R www-data:www-data /opt/privatebin
+chmod -R 0755 /opt/privatebin/data
+msg_ok "Configured Environment"
+
+msg_info "Configuring PHP"
+sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/' /etc/php/8.2/fpm/php.ini
+systemctl restart php8.2-fpm
+msg_ok "Configured PHP"
+
+msg_info "Configuring Universal Nginx"
+cat <<EOF >/etc/nginx/sites-available/privatebin.conf
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    return 301 https://\$host\$request_uri;
+}
+
+server {
+    listen 443 ssl default_server;
+    listen [::]:443 ssl default_server;
+    
+    ssl_certificate /etc/ssl/privatebin/cert.pem;
+    ssl_certificate_key /etc/ssl/privatebin/key.pem;
+    
+    root /opt/privatebin;
+    index index.php;
+
+    location / {
+        try_files \$uri \$uri/ /index.php\$is_args\$args;
+    }
+
+    location ~ \.php\$ {
+        include snippets/fastcgi-php.conf;
+        fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
+        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
+        include fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+
+    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+    add_header X-Content-Type-Options nosniff;
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+}
+EOF
+ln -s /etc/nginx/sites-available/privatebin.conf /etc/nginx/sites-enabled/
+rm -f /etc/nginx/sites-enabled/default
+systemctl reload nginx
+msg_ok "Nginx Configured"
+
+msg_info "Cleaning up"
+rm -rf /opt/privatebin/${RELEASE}.zip 
+rm -rf /opt/privatebin/PrivateBin-${RELEASE}
+$STD apt-get -y autoremove
+$STD apt-get -y autoclean
+msg_ok "Cleaned"
+
+motd_ssh
+customize

json/privatebin.json

@@ -0,0 +1,34 @@
+{
+    "name": "PrivateBin",
+    "slug": "privatebin",
+    "categories": [
+        12
+    ],
+    "date_created": "2025-01-29",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 80,
+    "documentation": "https://github.com/PrivateBin/PrivateBin/wiki",
+    "website": "https://github.com/PrivateBin/PrivateBin",
+    "logo": "https://raw.githubusercontent.com/PrivateBin/PrivateBin/refs/heads/master/img/icon.svg",
+    "description": "PrivateBin is a minimalist, open-source pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/privatebin.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 1024,
+                "hdd": 4,
+                "os": "debian",
+                "version": "12"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": []
+}