From 50aa00109a77c804d5737ab765dc50273b02b7a2 Mon Sep 17 00:00:00 2001 From: "push-app-to-main[bot]" <203845782+push-app-to-main[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 12:39:06 +0200 Subject: [PATCH] documenso (#4080) * 'Add new script' * little fixes * Update documenso.sh * add config path * Update documenso.json * Update documenso.json * Update documenso-install.sh * Update documenso.sh --------- Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --- ct/documenso.sh | 72 ++++++++++++++++ frontend/public/json/documenso.json | 35 ++++++++ install/documenso-install.sh | 123 ++++++++++++++++++++++++++++ 3 files changed, 230 insertions(+) create mode 100644 ct/documenso.sh create mode 100644 frontend/public/json/documenso.json create mode 100644 install/documenso-install.sh diff --git a/ct/documenso.sh b/ct/documenso.sh new file mode 100644 index 000000000..708767784 --- /dev/null +++ b/ct/documenso.sh @@ -0,0 +1,72 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: MickLesk (CanbiZ) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/documenso/documenso + +APP="Documenso" +var_tags="${var_tags:-document}" +var_disk="${var_disk:-12}" +var_cpu="${var_cpu:-6}" +var_ram="${var_ram:-6144}" +var_os="${var_os:-debian}" +var_version="${var_version:-12}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + if [[ ! -d /opt/documenso ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + RELEASE=$(curl -fsSL https://api.github.com/repos/documenso/documenso/releases/latest | grep "tag_name" | awk '{print substr($2, 3, length($2)-4) }') + if [[ ! -f /opt/${APP}_version.txt ]] || [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]]; then + msg_info "Stopping ${APP}" + systemctl stop documenso + msg_ok "${APP} Stopped" + + msg_info "Updating ${APP} to ${RELEASE}" + cp /opt/documenso/.env /opt/ + rm -rf /opt/documenso + cd /opt + curl -fsSL "https://github.com/documenso/documenso/archive/refs/tags/v${RELEASE}.zip" -o v${RELEASE}.zip + unzip -q v${RELEASE}.zip + mv documenso-${RELEASE} /opt/documenso + cd /opt/documenso + mv /opt/.env /opt/documenso/.env + $STD npm install + $STD npm run build:web + $STD npm run prisma:migrate-deploy + echo "${RELEASE}" >/opt/${APP}_version.txt + msg_ok "Updated ${APP}" + + msg_info "Starting ${APP}" + systemctl start documenso + msg_ok "Started ${APP}" + + msg_info "Cleaning Up" + rm -rf /opt/v${RELEASE}.zip + msg_ok "Cleaned" + msg_ok "Updated Successfully" + else + msg_ok "No update required. ${APP} is already at ${RELEASE}" + fi + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}" diff --git a/frontend/public/json/documenso.json b/frontend/public/json/documenso.json new file mode 100644 index 000000000..535db2dd5 --- /dev/null +++ b/frontend/public/json/documenso.json @@ -0,0 +1,35 @@ +{ + "name": "Documenso", + "slug": "documenso", + "categories": [ + 12 + ], + "date_created": "2025-04-28", + "type": "ct", + "updateable": true, + "privileged": false, + "interface_port": 3000, + "documentation": "https://documenso.com/", + "website": "https://documenso.com/", + "logo": "https://raw.githubusercontent.com/selfhst/icons/refs/heads/main/svg/documenso.svg", + "config_path": "/opt/documenso/.env", + "description": "Signing documents digitally should be fast and easy and should be the best practice for every document signed worldwide. This is technically quite easy today, but it also introduces a new party to every signature: The signing tool providers. While this is not a problem in itself, it should make us think about how we want these providers of trust to work. Documenso aims to be the world's most trusted document-signing tool. This trust is built by empowering you to self-host Documenso and review how it works under the hood.", + "install_methods": [ + { + "type": "default", + "script": "ct/documenso.sh", + "resources": { + "cpu": 4, + "ram": 6144, + "hdd": 10, + "os": "Debian", + "version": "12" + } + } + ], + "default_credentials": { + "username": "helper-scripts@local.com", + "password": "helper-scripts" + }, + "notes": [] +} diff --git a/install/documenso-install.sh b/install/documenso-install.sh new file mode 100644 index 000000000..456c6f972 --- /dev/null +++ b/install/documenso-install.sh @@ -0,0 +1,123 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: MickLesk (Canbiz) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/documenso/documenso + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Setup Functions" +setup_local_ip_helper +import_local_ip +msg_ok "Setup Functions" + +msg_info "Installing Dependencies" +$STD apt-get install -y \ + gpg \ + libc6 \ + make \ + cmake \ + jq \ + postgresql \ + python3 \ + python3-bcrypt +msg_ok "Installed Dependencies" + +msg_info "Setting up Node.js Repository" +mkdir -p /etc/apt/keyrings +curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg +echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_22.x nodistro main" >/etc/apt/sources.list.d/nodesource.list +msg_ok "Set up Node.js Repository" + +msg_info "Installing Node.js" +$STD apt-get update +$STD apt-get install -y nodejs +$STD npm install -g turbo@1.9.3 +msg_ok "Installed Node.js" + +msg_info "Setting up PostgreSQL" +DB_NAME="documenso_db" +DB_USER="documenso_user" +DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)" +$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';" +$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;" +$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';" +$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';" +$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC'" +{ + echo "Documenso-Credentials" + echo "Database Name: $DB_NAME" + echo "Database User: $DB_USER" + echo "Database Password: $DB_PASS" +} >>~/documenso.creds +msg_ok "Set up PostgreSQL" + +msg_info "Installing Documenso (Patience)" +cd /opt +RELEASE=$(curl -fsSL https://api.github.com/repos/documenso/documenso/releases/latest | grep "tag_name" | awk '{print substr($2, 3, length($2)-4) }') +curl -fsSL "https://github.com/documenso/documenso/archive/refs/tags/v${RELEASE}.zip" -o v${RELEASE}.zip +unzip -q v${RELEASE}.zip +mv documenso-${RELEASE} /opt/documenso +cd /opt/documenso +mv .env.example /opt/documenso/.env +sed -i \ + -e "s|^NEXTAUTH_SECRET=.*|NEXTAUTH_SECRET='$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)'|" \ + -e "s|^NEXT_PRIVATE_ENCRYPTION_KEY=.*|NEXT_PRIVATE_ENCRYPTION_KEY='$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)'|" \ + -e "s|^NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY=.*|NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY='$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)'|" \ + -e "s|^DOCUMENSO_ENCRYPTION_KEY=.*|DOCUMENSO_ENCRYPTION_KEY='$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)'|" \ + -e "s|^DOCUMENSO_ENCRYPTION_SECONDARY_KEY=.*|DOCUMENSO_ENCRYPTION_SECONDARY_KEY='$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | cut -c1-32)'|" \ + -e "s|^NEXTAUTH_URL=.*|NEXTAUTH_URL=\"http://${LOCAL_IP}:3000\"|" \ + -e "s|^NEXT_PUBLIC_WEBAPP_URL=.*|NEXT_PUBLIC_WEBAPP_URL='http://${LOCAL_IP}:9000'|" \ + -e "s|^NEXT_PUBLIC_MARKETING_URL=.*|NEXT_PUBLIC_MARKETING_URL=\"http://${LOCAL_IP}:3001\"|" \ + -e "s|^NEXT_PRIVATE_INTERNAL_WEBAPP_URL=.*|NEXT_PRIVATE_INTERNAL_WEBAPP_URL=\"http://${LOCAL_IP}:3000\"|" \ + -e "s|^NEXT_PRIVATE_DATABASE_URL=.*|NEXT_PRIVATE_DATABASE_URL=\"postgres://$DB_USER:$DB_PASS@localhost:5432/$DB_NAME\"|" \ + -e "s|^NEXT_PRIVATE_DIRECT_DATABASE_URL=.*|NEXT_PRIVATE_DIRECT_DATABASE_URL=\"postgres://$DB_USER:$DB_PASS@localhost:5432/$DB_NAME\"|" \ + /opt/documenso/.env +export TURBO_CACHE=1 +export NEXT_TELEMETRY_DISABLED=1 +export CYPRESS_INSTALL_BINARY=0 +export NODE_OPTIONS="--max-old-space-size=4096" +$STD npm ci +$STD npm run build:web +$STD npm run prisma:migrate-deploy +echo "${RELEASE}" >"/opt/${APPLICATION}_version.txt" +msg_ok "Installed Documenso" + +msg_info "Create User" +PASSWORD_HASH=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b'helper-scripts', bcrypt.gensalt(rounds=12)).decode())") +sudo -u postgres psql -d documenso_db -c "INSERT INTO \"User\" (name, email, \"emailVerified\", password, \"identityProvider\", roles, \"createdAt\", \"lastSignedIn\", \"updatedAt\", \"customerId\") VALUES ('helper-scripts', 'helper-scripts@local.com', '2025-01-20 17:14:45.058', '$PASSWORD_HASH', 'DOCUMENSO', ARRAY['USER', 'ADMIN']::\"Role\"[], '2025-01-20 16:04:05.543', '2025-01-20 16:14:55.249', '2025-01-20 16:14:55.25', NULL) RETURNING id;" +$STD npm run prisma:migrate-deploy +msg_ok "User created" + +msg_info "Creating Service" +cat </etc/systemd/system/documenso.service +[Unit] +Description=Documenso Service +After=network.target postgresql.service + +[Service] +WorkingDirectory=/opt/documenso/apps/web +ExecStart=/usr/bin/npm start +Restart=always +EnvironmentFile=/opt/documenso/.env + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable -q --now documenso +msg_ok "Created Service" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned"