From the Github Repo Readme: These scripts enable users to build a Linux container or virtual machine in an interactive manner, offering options for both basic and advanced configurations. The basic setup utilizes default settings, whereas the advanced setup empowers users to alter these default settings. Through the use of the whiptail command, options are presented to users in a dialog box format. After the user makes their selections, the script collects and verifies the user’s input in order to generate the final configuration for the container or virtual machine.
running scripts like these make me nervous, especially on the host machine of a hypervisor. My (limited) understanding is that a compromised host system compromises all the VMs and containers within. Seems like you could be one command away from letting an attacker into everything.
Yeah personally I’m not a fan and I would rather follow a well-written guide than spend even more time auditing such a script (which would be even more difficult if you’re not experienced with Proxmox). For maintenance’s sake it’s also risky getting your service set up like this as you don’t know how the script set things up and it’s harder to fix things if they go wrong.