Add Padlock Cloud

data/services/padlockcloud/containers.sh

@@ -0,0 +1,15 @@
+padlockcloud_service_dockerbunker() {
+	docker run -d \
+		--name=${FUNCNAME[0]//_/-} \
+		--restart=always \
+		--network ${NETWORK} \
+		--env-file "${SERVICE_ENV}" \
+		--env-file "${ENV_DIR}"/${SERVICE_SPECIFIC_MX}mx.env \
+		--env BASE_URL=https://${SERVICE_DOMAIN} \
+		--env EMAIL_SERVER=${MX_HOSTNAME} \
+		--env EMAIL_USER=${MX_EMAIL} \
+		--env EMAIL_PASSWORD=${MX_PASSWORD} \
+		--env EMAIL_FROM="mailbot@rodewyk.net" \
+		-v ${SERVICE_NAME}-data-vol-1:${volumes[${SERVICE_NAME}-data-vol-1]} \
+	${IMAGES[service]} >/dev/null
+}

data/services/padlockcloud/nginx/padlockcloud.conf

@@ -0,0 +1,55 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+upstream padlockcloud {
+ server padlockcloud-service-dockerbunker:5555;
+}
+
+server {
+    listen 80;
+	server_name ${SERVICE_DOMAIN};
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443;
+	server_name ${SERVICE_DOMAIN};
+    ssl on;
+	ssl_certificate /etc/nginx/ssl/${SERVICE_DOMAIN}/cert.pem;
+	ssl_certificate_key /etc/nginx/ssl/${SERVICE_DOMAIN}/key.pem;
+	include /etc/nginx/includes/ssl.conf;
+
+    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
+	add_header X-Frame-Options DENY;
+	add_header X-Content-Type-Options nosniff;
+
+	include /etc/nginx/includes/gzip.conf;
+
+    location / {
+        proxy_pass http://padlockcloud/;
+		proxy_set_header  Host              $http_host;   # required for docker client's sake
+		proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
+		proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header  X-Forwarded-Proto $scheme;
+		proxy_read_timeout                  900;
+    }
+
+	location ~ /.well-known {
+        allow all;
+		root /var/www/html;
+	}
+}
+
+

data/services/padlockcloud/padlockcloud.sh

@@ -0,0 +1,80 @@
+#!/usr/bin/env bash
+
+while true;do ls | grep -q dockerbunker.sh;if [[ $? == 0 ]];then BASE_DIR=$PWD;break;else cd ../;fi;done
+
+PROPER_NAME="Padlock Cloud"
+SERVICE_NAME="$(echo -e "${PROPER_NAME,,}" | tr -d '[:space:]')"
+PROMPT_SSL=1
+
+declare -a environment=( "data/env/dockerbunker.env" "data/include/init.sh" )
+
+for env in "${environment[@]}";do
+	[[ -f "${BASE_DIR}"/$env ]] && source "${BASE_DIR}"/$env
+done
+
+declare -A WEB_SERVICES
+declare -a containers=( "${SERVICE_NAME}-service-dockerbunker" )
+declare -a add_to_network=( "${SERVICE_NAME}-service-dockerbunker" )
+declare -a networks=( )
+declare -A volumes=( [${SERVICE_NAME}-data-vol-1]="/padlock/db"  )
+declare -A IMAGES=( [service]="moritzheiber/padlock-cloud" )
+
+[[ -z $1 ]] && options_menu
+
+configure() {
+	pre_configure_routine
+
+	echo -e "# \e[4mPadlock Cloud Settings\e[0m"
+
+	set_domain
+
+	echo ""
+
+	configure_mx
+
+	# avoid tr illegal byte sequence in macOS when generating random strings
+	if [[ $OSTYPE =~ "darwin" ]];then
+		if [[ $LC_ALL ]];then
+			oldLC_ALL=$LC_ALL
+			export LC_ALL=C
+		else
+			export LC_ALL=C
+		fi
+	fi
+	cat <<-EOF >> "${SERVICE_ENV}"
+	PROPER_NAME="${PROPER_NAME}"
+	SERVICE_NAME=${SERVICE_NAME}
+	SSL_CHOICE=${SSL_CHOICE}
+	LE_EMAIL=${LE_EMAIL}
+
+	# ------------------------------
+	# General Settings
+	# ------------------------------
+	
+	SERVICE_DOMAIN=${SERVICE_DOMAIN}
+	
+	## ------------------------------
+	SERVICE_SPECIFIC_MX=${SERVICE_SPECIFIC_MX}
+	EOF
+	if [[ $OSTYPE =~ "darwin" ]];then
+		[[ $oldLC_ALL ]] && export LC_ALL=$oldLC_ALL || unset LC_ALL
+	fi
+
+	post_configure_routine
+}
+setup() {
+	initial_setup_routine
+
+	SUBSTITUTE=( "\${SERVICE_DOMAIN}" )
+	basic_nginx
+
+	docker_run_all
+
+	post_setup_routine
+}
+
+if [[ $1 == "letsencrypt" ]];then
+	$1 $*
+else
+	$1
+fi

dockerbunker.sh

@@ -39,6 +39,7 @@ declare -a ALL_SERVICES=( \
 	"Mastodon" \
 	"Nextcloud" \
 	"Open Project" \
+	"Padlock Cloud" \
 	"Piwik" \
 	"Seafile Pro" \
 	"Searx" \