From 9b93d6898b8fdd6d3f894bce06f0ee8aed9b6af2 Mon Sep 17 00:00:00 2001
From: lolwierd <lolwierd@outlook.com>
Date: Fri, 27 Mar 2026 19:32:47 +0530
Subject: [PATCH] feat: add domain and install scripts for apps

---
 ghost/domain.sh        | 57 ++++++++++++++++++++++++++++++++++++++
 ghost/install.sh       | 28 +++++++++++++++++++
 gitea/domain.sh        | 28 +++++++++++++++++++
 gitea/install.sh       | 45 ++++++++++++++++++++++++++++++
 jellyfin/domain.sh     | 28 +++++++++++++++++++
 jellyfin/install.sh    | 42 ++++++++++++++++++++++++++++
 metabase/domain.sh     | 28 +++++++++++++++++++
 metabase/install.sh    | 41 +++++++++++++++++++++++++++
 n8n/domain.sh          | 28 +++++++++++++++++++
 n8n/install.sh         | 47 +++++++++++++++++++++++++++++++
 nocodb/domain.sh       | 28 +++++++++++++++++++
 nocodb/install.sh      | 38 +++++++++++++++++++++++++
 open-webui/domain.sh   | 28 +++++++++++++++++++
 open-webui/install.sh  | 42 ++++++++++++++++++++++++++++
 openclaw/domain.sh     | 63 ++++++++++++++++++++++++++++++++++++++++++
 openclaw/install.sh    | 27 ++++++++++++++++++
 picoclaw/domain.sh     | 47 +++++++++++++++++++++++++++++++
 picoclaw/install.sh    | 27 ++++++++++++++++++
 plausible/domain.sh    | 49 ++++++++++++++++++++++++++++++++
 plausible/install.sh   | 29 +++++++++++++++++++
 signoz/domain.sh       | 12 ++++----
 signoz/install.sh      | 16 ++++++-----
 uptime-kuma/domain.sh  | 28 +++++++++++++++++++
 uptime-kuma/install.sh | 38 +++++++++++++++++++++++++
 vaultwarden/domain.sh  | 28 +++++++++++++++++++
 vaultwarden/install.sh | 41 +++++++++++++++++++++++++++
 26 files changed, 900 insertions(+), 13 deletions(-)
 create mode 100644 ghost/domain.sh
 create mode 100644 ghost/install.sh
 create mode 100644 gitea/domain.sh
 create mode 100644 gitea/install.sh
 create mode 100644 jellyfin/domain.sh
 create mode 100644 jellyfin/install.sh
 create mode 100644 metabase/domain.sh
 create mode 100644 metabase/install.sh
 create mode 100644 n8n/domain.sh
 create mode 100644 n8n/install.sh
 create mode 100644 nocodb/domain.sh
 create mode 100644 nocodb/install.sh
 create mode 100644 open-webui/domain.sh
 create mode 100644 open-webui/install.sh
 create mode 100644 openclaw/domain.sh
 create mode 100644 openclaw/install.sh
 create mode 100644 picoclaw/domain.sh
 create mode 100644 picoclaw/install.sh
 create mode 100644 plausible/domain.sh
 create mode 100644 plausible/install.sh
 create mode 100644 uptime-kuma/domain.sh
 create mode 100644 uptime-kuma/install.sh
 create mode 100644 vaultwarden/domain.sh
 create mode 100644 vaultwarden/install.sh

diff --git a/ghost/domain.sh b/ghost/domain.sh
new file mode 100644
index 0000000..4caaf63
--- /dev/null
+++ b/ghost/domain.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+
+APP_NAME="ghost"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-2368}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+GHOST_DIR="${APP_DIR}/${APP_NAME}"
+ENV_FILE="${GHOST_DIR}/.env"
+OVERRIDE_FILE="${GHOST_DIR}/compose.override.yml"
+ROOT_PASSWORD_FILE="${GHOST_DIR}/.database_root_password"
+DATABASE_PASSWORD_FILE="${GHOST_DIR}/.database_password"
+
+if [ ! -f "${ROOT_PASSWORD_FILE}" ]; then
+  openssl rand -hex 32 > "${ROOT_PASSWORD_FILE}"
+fi
+
+if [ ! -f "${DATABASE_PASSWORD_FILE}" ]; then
+  openssl rand -hex 32 > "${DATABASE_PASSWORD_FILE}"
+fi
+
+DATABASE_ROOT_PASSWORD="$(cat "${ROOT_PASSWORD_FILE}")"
+DATABASE_PASSWORD="$(cat "${DATABASE_PASSWORD_FILE}")"
+
+cat > "${ENV_FILE}" <<EOF
+DOMAIN=${DOMAIN}
+DATABASE_ROOT_PASSWORD=${DATABASE_ROOT_PASSWORD}
+DATABASE_PASSWORD=${DATABASE_PASSWORD}
+UPLOAD_LOCATION=./data/ghost
+MYSQL_DATA_LOCATION=./data/mysql
+EOF
+
+cat > "${OVERRIDE_FILE}" <<EOF
+services:
+  ghost:
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:2368"
+EOF
+
+cat > /etc/caddy/Caddyfile <<EOF
+https://${DOMAIN} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${GHOST_DIR}/compose.yml" -f "${OVERRIDE_FILE}" up -d db ghost
+systemctl reload caddy
diff --git a/ghost/install.sh b/ghost/install.sh
new file mode 100644
index 0000000..9c86e28
--- /dev/null
+++ b/ghost/install.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="ghost"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-2368}"
+REPO_URL="https://github.com/TryGhost/ghost-docker.git"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+GHOST_DIR="${APP_DIR}/${APP_NAME}"
+
+apt-get install -y caddy git openssl
+
+if [ ! -d "${GHOST_DIR}/.git" ]; then
+  git clone "${REPO_URL}" "${GHOST_DIR}"
+fi
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/gitea/domain.sh b/gitea/domain.sh
new file mode 100644
index 0000000..511ee7c
--- /dev/null
+++ b/gitea/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="gitea"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/gitea/install.sh b/gitea/install.sh
new file mode 100644
index 0000000..ca10dcc
--- /dev/null
+++ b/gitea/install.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+APP_NAME="gitea"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+GITEA_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${GITEA_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${GITEA_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  gitea:
+    image: gitea/gitea:1.25.5
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:3000"
+      - "2222:2222"
+    environment:
+      GITEA__server__ROOT_URL: https://${DOMAIN}/
+      GITEA__server__DOMAIN: ${DOMAIN}
+      GITEA__server__SSH_DOMAIN: ${DOMAIN}
+      GITEA__server__SSH_PORT: "2222"
+      GITEA__server__SSH_LISTEN_PORT: "2222"
+    volumes:
+      - gitea-data:/data
+volumes:
+  gitea-data:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/jellyfin/domain.sh b/jellyfin/domain.sh
new file mode 100644
index 0000000..a68fafa
--- /dev/null
+++ b/jellyfin/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="jellyfin"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8096}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/jellyfin/install.sh b/jellyfin/install.sh
new file mode 100644
index 0000000..9ff95d6
--- /dev/null
+++ b/jellyfin/install.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+APP_NAME="jellyfin"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8096}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+JELLYFIN_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${JELLYFIN_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${JELLYFIN_DIR}"
+mkdir -p /srv/media/movies /srv/media/shows /srv/media/music
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  jellyfin:
+    image: jellyfin/jellyfin:10.11.6
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:8096"
+    volumes:
+      - jellyfin-config:/config
+      - jellyfin-cache:/cache
+      - /srv/media:/media
+volumes:
+  jellyfin-config:
+  jellyfin-cache:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/metabase/domain.sh b/metabase/domain.sh
new file mode 100644
index 0000000..01dbd11
--- /dev/null
+++ b/metabase/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="metabase"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/metabase/install.sh b/metabase/install.sh
new file mode 100644
index 0000000..7f54d64
--- /dev/null
+++ b/metabase/install.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+APP_NAME="metabase"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+METABASE_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${METABASE_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${METABASE_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  metabase:
+    image: metabase/metabase:v0.59.1
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:3000"
+    environment:
+      MB_SITE_URL: https://${DOMAIN}
+      MB_DB_FILE: /metabase-data/metabase.db
+    volumes:
+      - metabase-data:/metabase-data
+volumes:
+  metabase-data:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/n8n/domain.sh b/n8n/domain.sh
new file mode 100644
index 0000000..6da9d25
--- /dev/null
+++ b/n8n/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="n8n"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-5678}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/n8n/install.sh b/n8n/install.sh
new file mode 100644
index 0000000..74573d8
--- /dev/null
+++ b/n8n/install.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+APP_NAME="n8n"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-5678}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+N8N_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${N8N_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${N8N_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  n8n:
+    image: docker.n8n.io/n8nio/n8n:2.12.3
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:5678"
+    environment:
+      GENERIC_TIMEZONE: UTC
+      TZ: UTC
+      N8N_SECURE_COOKIE: "true"
+      N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS: "true"
+      N8N_RUNNERS_ENABLED: "true"
+      N8N_HOST: ${DOMAIN}
+      N8N_PROTOCOL: https
+      WEBHOOK_URL: https://${DOMAIN}/
+    volumes:
+      - n8n_data:/home/node/.n8n
+volumes:
+  n8n_data:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/nocodb/domain.sh b/nocodb/domain.sh
new file mode 100644
index 0000000..63e14b3
--- /dev/null
+++ b/nocodb/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="nocodb"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8080}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/nocodb/install.sh b/nocodb/install.sh
new file mode 100644
index 0000000..357154c
--- /dev/null
+++ b/nocodb/install.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+APP_NAME="nocodb"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8080}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+NOCODB_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${NOCODB_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${NOCODB_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  nocodb:
+    image: nocodb/nocodb:0.301.5
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:8080"
+    volumes:
+      - nocodb-data:/usr/app/data
+volumes:
+  nocodb-data:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/open-webui/domain.sh b/open-webui/domain.sh
new file mode 100644
index 0000000..df69f2b
--- /dev/null
+++ b/open-webui/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="open-webui"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/open-webui/install.sh b/open-webui/install.sh
new file mode 100644
index 0000000..d626036
--- /dev/null
+++ b/open-webui/install.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+APP_NAME="open-webui"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3000}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+OPEN_WEBUI_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${OPEN_WEBUI_DIR}/docker-compose.yml"
+
+apt-get install -y caddy openssl
+mkdir -p "${OPEN_WEBUI_DIR}"
+
+WEBUI_SECRET_KEY="$(openssl rand -hex 32)"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  open-webui:
+    image: ghcr.io/open-webui/open-webui:v0.8.6
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:8080"
+    environment:
+      WEBUI_SECRET_KEY: "${WEBUI_SECRET_KEY}"
+    volumes:
+      - open-webui:/app/backend/data
+volumes:
+  open-webui:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/openclaw/domain.sh b/openclaw/domain.sh
new file mode 100644
index 0000000..2136528
--- /dev/null
+++ b/openclaw/domain.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+
+APP_NAME="openclaw"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-18789}"
+APP_BRIDGE_PORT="${EXC_APP_BRIDGE_PORT:-18790}"
+OPENCLAW_IMAGE="${OPENCLAW_IMAGE:-ghcr.io/openclaw/openclaw:latest}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+OPENCLAW_DIR="${APP_DIR}/${APP_NAME}"
+DATA_DIR="${OPENCLAW_DIR}/data"
+CONFIG_DIR="${DATA_DIR}/config"
+WORKSPACE_DIR="${DATA_DIR}/workspace"
+TOKEN_FILE="${OPENCLAW_DIR}/.gateway_token"
+ENV_FILE="${OPENCLAW_DIR}/.env"
+LEGACY_OVERRIDE_FILE="${OPENCLAW_DIR}/compose.override.yml"
+
+mkdir -p "${CONFIG_DIR}/identity"
+mkdir -p "${CONFIG_DIR}/agents/main/agent"
+mkdir -p "${CONFIG_DIR}/agents/main/sessions"
+mkdir -p "${WORKSPACE_DIR}"
+chown -R 1000:1000 "${DATA_DIR}"
+
+if [ ! -f "${TOKEN_FILE}" ]; then
+  openssl rand -hex 32 > "${TOKEN_FILE}"
+fi
+
+OPENCLAW_GATEWAY_TOKEN="$(cat "${TOKEN_FILE}")"
+
+cat > "${ENV_FILE}" <<EOF
+OPENCLAW_IMAGE=${OPENCLAW_IMAGE}
+OPENCLAW_CONFIG_DIR=${CONFIG_DIR}
+OPENCLAW_WORKSPACE_DIR=${WORKSPACE_DIR}
+OPENCLAW_GATEWAY_PORT=127.0.0.1:${APP_UPSTREAM_PORT}
+OPENCLAW_BRIDGE_PORT=127.0.0.1:${APP_BRIDGE_PORT}
+OPENCLAW_GATEWAY_BIND=lan
+OPENCLAW_GATEWAY_TOKEN=${OPENCLAW_GATEWAY_TOKEN}
+EOF
+
+cd "${OPENCLAW_DIR}"
+rm -f "${LEGACY_OVERRIDE_FILE}"
+docker compose run --rm --no-deps --entrypoint node openclaw-gateway dist/index.js config set gateway.mode local
+docker compose run --rm --no-deps --entrypoint node openclaw-gateway dist/index.js config set gateway.bind lan
+docker compose run --rm --no-deps --entrypoint node openclaw-gateway dist/index.js config set gateway.controlUi.allowedOrigins "[\"https://${DOMAIN}\",\"http://localhost:${APP_UPSTREAM_PORT}\",\"http://127.0.0.1:${APP_UPSTREAM_PORT}\"]" --strict-json
+docker compose -f docker-compose.yml up -d openclaw-gateway
+
+cat > /etc/caddy/Caddyfile <<EOF
+https://${DOMAIN} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+systemctl reload caddy
diff --git a/openclaw/install.sh b/openclaw/install.sh
new file mode 100644
index 0000000..ecb84dc
--- /dev/null
+++ b/openclaw/install.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+APP_NAME="openclaw"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+REPO_URL="https://github.com/openclaw/openclaw.git"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+OPENCLAW_DIR="${APP_DIR}/${APP_NAME}"
+
+apt-get install -y caddy git openssl
+
+if [ ! -d "${OPENCLAW_DIR}/.git" ]; then
+  git clone "${REPO_URL}" "${OPENCLAW_DIR}"
+fi
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/picoclaw/domain.sh b/picoclaw/domain.sh
new file mode 100644
index 0000000..f9607ed
--- /dev/null
+++ b/picoclaw/domain.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+APP_NAME="picoclaw"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-18800}"
+APP_BRIDGE_PORT="${EXC_APP_BRIDGE_PORT:-18790}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+PICOCLAW_DIR="${APP_DIR}/${APP_NAME}"
+DATA_DIR="${PICOCLAW_DIR}/docker/data"
+CONFIG_FILE="${DATA_DIR}/config.json"
+OVERRIDE_FILE="${PICOCLAW_DIR}/docker/compose.override.yml"
+
+mkdir -p "${DATA_DIR}/workspace"
+
+if [ ! -f "${CONFIG_FILE}" ]; then
+  cp "${PICOCLAW_DIR}/config/config.example.json" "${CONFIG_FILE}"
+fi
+
+cat > "${OVERRIDE_FILE}" <<EOF
+services:
+  picoclaw-launcher:
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:18800"
+      - "127.0.0.1:${APP_BRIDGE_PORT}:18790"
+EOF
+
+cd "${PICOCLAW_DIR}"
+docker compose -f docker/docker-compose.yml -f docker/compose.override.yml --profile launcher up -d
+
+cat > /etc/caddy/Caddyfile <<EOF
+https://${DOMAIN} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+systemctl reload caddy
diff --git a/picoclaw/install.sh b/picoclaw/install.sh
new file mode 100644
index 0000000..85b0c61
--- /dev/null
+++ b/picoclaw/install.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+APP_NAME="picoclaw"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+REPO_URL="https://github.com/sipeed/picoclaw.git"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+PICOCLAW_DIR="${APP_DIR}/${APP_NAME}"
+
+apt-get install -y caddy git
+
+if [ ! -d "${PICOCLAW_DIR}/.git" ]; then
+  git clone "${REPO_URL}" "${PICOCLAW_DIR}"
+fi
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/plausible/domain.sh b/plausible/domain.sh
new file mode 100644
index 0000000..9f39422
--- /dev/null
+++ b/plausible/domain.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+APP_NAME="plausible"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8000}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+PLAUSIBLE_DIR="${APP_DIR}/${APP_NAME}"
+ENV_FILE="${PLAUSIBLE_DIR}/.env"
+OVERRIDE_FILE="${PLAUSIBLE_DIR}/compose.override.yml"
+SECRET_KEY_FILE="${PLAUSIBLE_DIR}/.secret_key_base"
+
+if [ ! -f "${SECRET_KEY_FILE}" ]; then
+  openssl rand -base64 48 > "${SECRET_KEY_FILE}"
+fi
+
+SECRET_KEY_BASE="$(tr -d '\n' < "${SECRET_KEY_FILE}")"
+
+cat > "${ENV_FILE}" <<EOF
+BASE_URL=https://${DOMAIN}
+SECRET_KEY_BASE=${SECRET_KEY_BASE}
+HTTP_PORT=80
+EOF
+
+cat > "${OVERRIDE_FILE}" <<EOF
+services:
+  plausible:
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:80"
+EOF
+
+cat > /etc/caddy/Caddyfile <<EOF
+https://${DOMAIN} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${PLAUSIBLE_DIR}/compose.yml" -f "${OVERRIDE_FILE}" up -d
+systemctl reload caddy
diff --git a/plausible/install.sh b/plausible/install.sh
new file mode 100644
index 0000000..398c956
--- /dev/null
+++ b/plausible/install.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+APP_NAME="plausible"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8000}"
+REPO_URL="https://github.com/plausible/community-edition.git"
+REPO_REF="v3.2.0"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+PLAUSIBLE_DIR="${APP_DIR}/${APP_NAME}"
+
+apt-get install -y caddy git openssl
+
+if [ ! -d "${PLAUSIBLE_DIR}/.git" ]; then
+  git clone -b "${REPO_REF}" --single-branch "${REPO_URL}" "${PLAUSIBLE_DIR}"
+fi
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/signoz/domain.sh b/signoz/domain.sh
index fd78851..10270f5 100644
--- a/signoz/domain.sh
+++ b/signoz/domain.sh
@@ -38,26 +38,26 @@ set_env "SIGNOZ_ALERTMANAGER_SIGNOZ_EXTERNAL_URL" "${URL}" ".services.signoz.env
 
 cat > /etc/caddy/Caddyfile << EOF
 ${URL} {
-        reverse_proxy localhost:${APP_UPSTREAM_PORT}
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
 }
 
 ${URL}:4317 {
-        reverse_proxy h2c://localhost:44317
+        reverse_proxy h2c://127.0.0.1:44317
 }
 
 ${URL}:4318 {
-        reverse_proxy localhost:44318
+        reverse_proxy 127.0.0.1:44318
 }
 # ${INTERNAL_URL} {
-#         reverse_proxy localhost:${APP_UPSTREAM_PORT}
+#         reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
 # }
 #
 # ${INTERNAL_URL}:4317 {
-#         reverse_proxy h2c://localhost:44317
+#         reverse_proxy h2c://127.0.0.1:44317
 # }
 #
 # ${INTERNAL_URL}:4318 {
-#         reverse_proxy localhost:44318
+#         reverse_proxy 127.0.0.1:44318
 # }
 EOF
 
diff --git a/signoz/install.sh b/signoz/install.sh
index 8d28ec7..92f04ed 100644
--- a/signoz/install.sh
+++ b/signoz/install.sh
@@ -17,14 +17,16 @@ if [ -z "$DOMAIN" ]; then
 fi
 
 JWT_SECRET=$(openssl rand -hex 16 | cut -c-32)
-
-if [ -f "${APP_DIR}/jwt-secret" ]; then
-    JWT_SECRET=$(cat ${APP_DIR}/jwt-secret)
-else
-    echo $JWT_SECRET > ${APP_DIR}/jwt-secret
-fi
-
 SIGNOZ_DIR="${APP_DIR}/signoz"
+JWT_SECRET_FILE="${SIGNOZ_DIR}/jwt-secret"
+
+mkdir -p "${SIGNOZ_DIR}"
+
+if [ -f "${JWT_SECRET_FILE}" ]; then
+    JWT_SECRET=$(cat "${JWT_SECRET_FILE}")
+else
+    echo "${JWT_SECRET}" > "${JWT_SECRET_FILE}"
+fi
 COMPOSE_FILE="${SIGNOZ_DIR}/deploy/docker/docker-compose.yaml"
 OTEL_SERVICE_PATH='.services["otel-collector"].ports'
 SIGNOZ_SERVICE_PATH=".services.signoz.ports"
diff --git a/uptime-kuma/domain.sh b/uptime-kuma/domain.sh
new file mode 100644
index 0000000..3a022ce
--- /dev/null
+++ b/uptime-kuma/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="uptime-kuma"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3001}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/uptime-kuma/install.sh b/uptime-kuma/install.sh
new file mode 100644
index 0000000..46f4c8e
--- /dev/null
+++ b/uptime-kuma/install.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+APP_NAME="uptime-kuma"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-3001}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+UPTIME_KUMA_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${UPTIME_KUMA_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${UPTIME_KUMA_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  uptime-kuma:
+    image: louislam/uptime-kuma:2
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:3001"
+    volumes:
+      - uptime-kuma:/app/data
+volumes:
+  uptime-kuma:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"
diff --git a/vaultwarden/domain.sh b/vaultwarden/domain.sh
new file mode 100644
index 0000000..c81566f
--- /dev/null
+++ b/vaultwarden/domain.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+APP_NAME="vaultwarden"
+APP_DIR="/var/excloud/apps"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8080}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "domain.sh sub.example.com" >&2
+  exit 1
+fi
+
+URL="https://${DOMAIN}"
+COMPOSE_FILE="${APP_DIR}/${APP_NAME}/docker-compose.yml"
+
+cat > /etc/caddy/Caddyfile <<EOF
+${URL} {
+        reverse_proxy 127.0.0.1:${APP_UPSTREAM_PORT}
+}
+EOF
+
+echo "Caddyfile updated"
+
+systemctl enable caddy
+docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
+systemctl reload caddy
diff --git a/vaultwarden/install.sh b/vaultwarden/install.sh
new file mode 100644
index 0000000..a45a031
--- /dev/null
+++ b/vaultwarden/install.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+APP_NAME="vaultwarden"
+APP_DIR="/var/excloud/apps"
+SCRIPT_DIR="/var/excloud/scripts"
+APP_UPSTREAM_PORT="${EXC_APP_UPSTREAM_PORT:-8080}"
+
+mkdir -p "${APP_DIR}"
+mkdir -p "${SCRIPT_DIR}"
+
+DOMAIN="${1}"
+
+if [ -z "${DOMAIN}" ]; then
+  echo "Error: URL argument is required. Example:" >&2
+  echo "install.sh sub.example.com" >&2
+  exit 1
+fi
+
+VAULTWARDEN_DIR="${APP_DIR}/${APP_NAME}"
+COMPOSE_FILE="${VAULTWARDEN_DIR}/docker-compose.yml"
+
+apt-get install -y caddy
+mkdir -p "${VAULTWARDEN_DIR}"
+
+cat > "${COMPOSE_FILE}" <<EOF
+services:
+  vaultwarden:
+    image: vaultwarden/server:1.26.0
+    restart: always
+    ports:
+      - "127.0.0.1:${APP_UPSTREAM_PORT}:80"
+    environment:
+      DOMAIN: https://${DOMAIN}
+      SIGNUPS_ALLOWED: "true"
+    volumes:
+      - vaultwarden-data:/data
+volumes:
+  vaultwarden-data:
+EOF
+
+bash "${SCRIPT_DIR}/domain.sh" "${DOMAIN}"