Add golink LXC

[SimplyMinimal]

🛑 New scripts must first be submitted to ProxmoxVED for testing.
PRs for new scripts that skip this process will be closed.

---

✍️ Description

Added golink from Tailscale as LXC container

🔗 Related PR / Issue

Link: #N/A

✅ Prerequisites (X in brackets)

• Self-review completed – Code follows project standards.
• Tested thoroughly – Changes work as expected.
• No breaking changes – Existing functionality remains intact.
• No security risks – No hardcoded secrets, unnecessary privilege escalations, or permission issues.

---

🛠️ Type of Change (X in brackets)

• 🐞 Bug fix – Resolves an issue without breaking functionality.
• ✨ New feature – Adds new, non-breaking functionality.
• 💥 Breaking change – Alters existing functionality in a way that may require updates.
• 🆕 New script – A fully functional and tested script or script set.
• 🌍 Website update – Changes to website-related JSON files or metadata.
• 🔧 Refactoring / Code Cleanup – Improves readability or maintainability without changing functionality.
• 📝 Documentation update – Changes to README, AppName.md, CONTRIBUTING.md, or other docs.

---

🔍 Code & Security Review (X in brackets)

• Follows Code_Audit.md & CONTRIBUTING.md guidelines
• Uses correct script structure (AppName.sh, AppName-install.sh, AppName.json)
• No hardcoded credentials

📋 Additional Information (optional)

[tremor021]

We don't use git pull to deploy releases. If the application has no releases on github, then we opt out of making a script for it.

git pull way of deploying app is very risky as you will pull possibly unstable code and this would result in people possibly losing their data or w/e.

[SimplyMinimal]

Hi @tremor021,

Usually I would agree to stick with tagged releases but the codebase that the script pulls from is maintained by Tailscale themselves so there's a high degree of confidence that the main branch will be stable.

Setting it up this way allows the go build system to build the latest version on each run straight from the source which would be more trusted/open than relying on a pre-built binary.

[CrazyWolf13]

@SimplyMinimal No matter what Compandy is behind it, we don't do git pull, only latest tagged release via our fetch_and_deploy_gh_release func.

[CrazyWolf13]

block

[SimplyMinimal]

I've swapped it with a curl to a tagged release instead.

[tremor021]

Hi @tremor021,

Usually I would agree to stick with tagged releases but the codebase that the script pulls from is maintained by Tailscale themselves so there's a high degree of confidence that the main branch will be stable.

Setting it up this way allows the go build system to build the latest version on each run straight from the source which would be more trusted/open than relying on a pre-built binary.

@SimplyMinimal the point i'm making is that we need to have something to "latch" on as we deploy this. We decided that it would be a tagged release. Pulling code from a "live" repo is risky, no matter whos maintaining it.
A repo without a release system can break every second, while release system solves that. If a release breaks we can just pin the working release in our scripts until the fix for the broken one is released. You cant really do that with a like "git pull" and we dont want to make workarounds

[CrazyWolf13]

@SimplyMinimal I saw they have a 1.0.0 Tag, you should be able to use that.

[SimplyMinimal]

I attempted to use variations of fetch_and_deploy_gh_release but it's unable to locate the tags as it's not actually a release. Just a tag.

Do you have any suggestions on how to best pull the tarball? Is using curl to fetch the tagged archive ok or does it need to be within the fetch_and_deploy_gh_release function?

For clarity, here is the last example I've tried:
fetch_and_deploy_gh_release "golink" "tailscale/golink"

Error:

curl: (22) The requested URL returned error: 404
curl: (22) The requested URL returned error: 404
curl: (22) The requested URL returned error: 404
   ✖️   Failed to fetch release metadata from https://api.github.com/repos/tailscale/golink/releases/tags/1.0.0 after 3 attempts

[MickLesk]

In the meantime, I would postpone the PR. If necessary, release the correct tarballs. Then the problem will be solved.

tailscale/golink#199

[CrazyWolf13]

some things to match our standards, thanks!

[CrazyWolf13]

remove

[CrazyWolf13]

remove

[CrazyWolf13]

remove

[CrazyWolf13]

remove

[CrazyWolf13]

remove

[CrazyWolf13]

don't use a var here

[SimplyMinimal]

Just asking as a learning experience here as this is my first contribution to this project. Based on the other scripts in the repo, almost all of them makes use of the $APP variable which makes sense. You'd have one single place to update the app name across the whole script and it makes it more obvious for readability.

I see several comments here not to use the $APP variable and suggests instead to hardcode the app name. Could I ask why?

[CrazyWolf13]

It's something we have started doing recently, there were some using a var some without, to make it easier to read and more simple to debug we chose to rather not use a var here as it doesn't really add any value here. More stylistic we know, but this ensures all scripts are line.

[CrazyWolf13]

same here

[CrazyWolf13]

Suggested change

	msg_info "Starting $APP"
	msg_info "Starting Service"

[CrazyWolf13]

same here

[CrazyWolf13]

same here