Add Postgresus service configuration and credentials

- Introduced Postgresus service in docker-compose.yml with necessary environment variables and volume configuration.
- Updated .env.example to include Postgresus credentials (username, password, password hash).
- Modified Caddyfile to implement basic authentication for Postgresus.
- Enhanced scripts for secret generation to include Postgresus credentials.
- Updated README.md to add a description for Postgresus and its functionalities.
- Enhanced final report script to display Postgresus connection details if the service is active.

.env.example

@@ -145,6 +145,7 @@ GRAFANA_HOSTNAME=grafana.yourdomain.com
 PROMETHEUS_HOSTNAME=prometheus.yourdomain.com
 PORTAINER_HOSTNAME=portainer.yourdomain.com
 POSTIZ_HOSTNAME=postiz.yourdomain.com
+POSTGRESUS_HOSTNAME=postgresus.yourdomain.com
 LETTA_HOSTNAME=letta.yourdomain.com
 QDRANT_HOSTNAME=qdrant.yourdomain.com
 PADDLEOCR_HOSTNAME=paddleocr.yourdomain.com
@@ -174,6 +175,15 @@ PADDLEOCR_PASSWORD_HASH=
 RAGAPP_USERNAME=
 RAGAPP_PASSWORD=
 
+############
+# [required]
+# Postgresus credentials (for Caddy basic auth)
+############
+
+POSTGRESUS_USERNAME=
+POSTGRESUS_PASSWORD=
+POSTGRESUS_PASSWORD_HASH=
+
    #
    #
 #######
@@ -336,6 +346,7 @@ PROMETHEUS_PASSWORD_HASH=
 SEARXNG_PASSWORD_HASH=
 COMFYUI_PASSWORD_HASH=
 RAGAPP_PASSWORD_HASH=
+POSTGRESUS_PASSWORD_HASH=
 
 ############
 # Postiz configuration

Caddyfile

@@ -71,6 +71,14 @@
     reverse_proxy postiz:5000
 }
 
+# Postgresus
+{$POSTGRESUS_HOSTNAME} {
+    basic_auth {
+        {$POSTGRESUS_USERNAME} {$POSTGRESUS_PASSWORD_HASH}
+    }
+    reverse_proxy postgresus:4005
+}
+
 # Letta
 {$LETTA_HOSTNAME} {
     reverse_proxy letta:8283

README.md

@@ -63,6 +63,8 @@ The installer also makes the following powerful open-source tools **available fo
 
 ✅ [**Portainer**](https://www.portainer.io/) - A lightweight, secure web UI to manage your Docker environment (containers, images, volumes, networks) with ease.
 
+✅ [**Postgresus**](https://github.com/RostislavDugin/postgresus) - PostgreSQL monitoring and automated backups with a self-hosted UI.
+
 ✅ [**Postiz**](https://postiz.com/) - An open-source social media scheduling and publishing platform.
 
 ✅ [**PaddleOCR**](https://www.paddleocr.ai/latest/en/index.html) - A CPU-ready OCR API powered by PaddleX Basic Serving. 

docker-compose.yml

@@ -19,6 +19,7 @@ volumes:
   comfyui_data:
   postiz-config:
   postiz-uploads:
+  postgresus_data:
 
 x-n8n: &service-n8n
   build:
@@ -218,6 +219,9 @@ services:
       - PADDLEOCR_USERNAME=${PADDLEOCR_USERNAME}
       - PORTAINER_HOSTNAME=${PORTAINER_HOSTNAME}
       - POSTIZ_HOSTNAME=${POSTIZ_HOSTNAME}
+      - POSTGRESUS_HOSTNAME=${POSTGRESUS_HOSTNAME}
+      - POSTGRESUS_USERNAME=${POSTGRESUS_USERNAME}
+      - POSTGRESUS_PASSWORD_HASH=${POSTGRESUS_PASSWORD_HASH}
       - PROMETHEUS_HOSTNAME=${PROMETHEUS_HOSTNAME}
       - PROMETHEUS_PASSWORD_HASH=${PROMETHEUS_PASSWORD_HASH}
       - PROMETHEUS_USERNAME=${PROMETHEUS_USERNAME}
@@ -678,6 +682,14 @@ services:
       redis:
         condition: service_healthy
 
+  postgresus:
+    image: rostislavdugin/postgresus:latest
+    container_name: postgresus
+    profiles: ["postgresus"]
+    restart: unless-stopped
+    volumes:
+      - postgresus_data:/postgresus-data
+
   comfyui:
     image: yanwk/comfyui-boot:cu124-slim
     container_name: comfyui

scripts/03_generate_secrets.sh

@@ -54,6 +54,7 @@ declare -A VARS_TO_GENERATE=(
     ["COMFYUI_PASSWORD"]="password:32" # Added ComfyUI basic auth password
     ["RAGAPP_PASSWORD"]="password:32" # Added RAGApp basic auth password
     ["PADDLEOCR_PASSWORD"]="password:32" # Added PaddleOCR basic auth password
+    ["POSTGRESUS_PASSWORD"]="password:32" # Added Postgresus basic auth password
 )
 
 # Initialize existing_env_vars and attempt to read .env if it exists
@@ -375,6 +376,7 @@ generated_values["WEAVIATE_USERNAME"]="$USER_EMAIL" # Set Weaviate username for
 generated_values["COMFYUI_USERNAME"]="$USER_EMAIL" # Set ComfyUI username for Caddy
 generated_values["RAGAPP_USERNAME"]="$USER_EMAIL" # Set RAGApp username for Caddy
 generated_values["PADDLEOCR_USERNAME"]="$USER_EMAIL" # Set PaddleOCR username for Caddy
+generated_values["POSTGRESUS_USERNAME"]="$USER_EMAIL" # Set Postgresus username for Caddy
 
 if [[ -n "$OPENAI_API_KEY" ]]; then
     generated_values["OPENAI_API_KEY"]="$OPENAI_API_KEY"
@@ -401,6 +403,7 @@ found_vars["NEO4J_AUTH_USERNAME"]=0
 found_vars["COMFYUI_USERNAME"]=0
 found_vars["RAGAPP_USERNAME"]=0
 found_vars["PADDLEOCR_USERNAME"]=0
+found_vars["POSTGRESUS_USERNAME"]=0
 
 # Read template, substitute domain, generate initial values
 while IFS= read -r line || [[ -n "$line" ]]; do
@@ -447,7 +450,7 @@ while IFS= read -r line || [[ -n "$line" ]]; do
             # This 'else' block is for lines from template not covered by existing values or VARS_TO_GENERATE.
             # Check if it is one of the user input vars - these are handled by found_vars later if not in template.
             is_user_input_var=0 # Reset for each line
-            user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME")
+            user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME" "POSTGRESUS_USERNAME")
             for uivar in "${user_input_vars[@]}"; do
                 if [[ "$varName" == "$uivar" ]]; then
                     is_user_input_var=1
@@ -676,6 +679,18 @@ if [[ -z "$FINAL_RAGAPP_HASH" && -n "$RAGAPP_PLAIN_PASS" ]]; then
 fi
 _update_or_add_env_var "RAGAPP_PASSWORD_HASH" "$FINAL_RAGAPP_HASH"
 
+# --- POSTGRESUS ---
+POSTGRESUS_PLAIN_PASS="${generated_values["POSTGRESUS_PASSWORD"]}"
+FINAL_POSTGRESUS_HASH="${generated_values[POSTGRESUS_PASSWORD_HASH]}"
+if [[ -z "$FINAL_POSTGRESUS_HASH" && -n "$POSTGRESUS_PLAIN_PASS" ]]; then
+    NEW_HASH=$(_generate_and_get_hash "$POSTGRESUS_PLAIN_PASS")
+    if [[ -n "$NEW_HASH" ]]; then
+        FINAL_POSTGRESUS_HASH="$NEW_HASH"
+        generated_values["POSTGRESUS_PASSWORD_HASH"]="$NEW_HASH"
+    fi
+fi
+_update_or_add_env_var "POSTGRESUS_PASSWORD_HASH" "$FINAL_POSTGRESUS_HASH"
+
 
 if [ $? -eq 0 ]; then # This $? reflects the status of the last mv command from the last _update_or_add_env_var call.
     # For now, assuming if we reached here and mv was fine, primary operations were okay.

scripts/04_wizard.sh

@@ -65,6 +65,7 @@ base_services_data=(
     "open-webui" "Open WebUI (ChatGPT-like Interface)"
     "paddleocr" "PaddleOCR (OCR API Server)"
     "portainer" "Portainer (Docker management UI)"
+    "postgresus" "Postgresus (PostgreSQL backups & monitoring)"
     "postiz" "Postiz (Social publishing platform)"
     "python-runner" "Python Runner (Run your custom Python code from ./python-runner)"
     "qdrant" "Qdrant (Vector Database)"

scripts/06_final_report.sh

@@ -143,6 +143,18 @@ if is_profile_active "postiz"; then
   echo "Internal Access (e.g., from n8n): http://postiz:5000"
 fi
 
+if is_profile_active "postgresus"; then
+  echo
+  echo "================================= Postgresus =========================="
+  echo
+  echo "Host: ${POSTGRESUS_HOSTNAME:-<hostname_not_set>}"
+  echo "User: ${POSTGRESUS_USERNAME:-<not_set_in_env>}"
+  echo "Password: ${POSTGRESUS_PASSWORD:-<not_set_in_env>}"
+  echo "UI (external via Caddy): https://${POSTGRESUS_HOSTNAME:-<hostname_not_set>}"
+  echo "UI (internal): http://postgresus:4005"
+  echo "To back up internal PostgreSQL: host=postgres, port=5432, user=postgres, password=${POSTGRES_PASSWORD:-<not_set_in_env>}"
+fi
+
 if is_profile_active "ragapp"; then
   echo
   echo "================================= RAGApp =============================="