diff --git a/ct/2fauth.sh b/ct/2fauth.sh new file mode 100644 index 00000000..49b04b1d --- /dev/null +++ b/ct/2fauth.sh @@ -0,0 +1,93 @@ +#!/usr/bin/env bash +source <(curl -s https://raw.githubusercontent.com/jkrgr0/ProxmoxVE/refs/head/feature/2fauth/misc/build.func) +# Copyright (c) 2021-2024 community-scripts ORG +# Author: jkrgr0 +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://docs.2fauth.app/ + +# App Default Values +APP="2FAuth" +TAGS="2fa;authenticator" +var_cpu="1" +var_ram="512" +var_disk="2" +var_os="debian" +var_version="12" +var_unprivileged="1" + +# App Output & Base Settings +header_info "$APP" +base_settings + +# Core +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + + # Check if installation is present | -f for file, -d for folder + if [[ ! -d "/opt/${APP}" ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + # Crawling the new version and checking whether an update is required + RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') + if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]] || [[ ! -f /opt/${APP}_version.txt ]]; then + msg_info "Updating $APP" + + apt-get update &>/dev/null + apt-get -y upgrade &>/dev/null + + # Creating Backup + msg_info "Creating Backup" + mv "/opt/${APP}" "/opt/${APP}-backup" + # tar -czf "/opt/${APP}_backup_$(date +%F).tar.gz" "/opt/${APP}" + msg_ok "Backup Created" + + # Execute Update + msg_info "Updating $APP to v${RELEASE}" + wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip" + unzip -q "${RELEASE}.zip" + mv "${APPLICATION}-${RELEASE}/" "/opt/${APPLICATION}" + mv "/opt/${APP}-backup/.env" "/opt/${APP}/.env" + mv "/opt/${APP}-backup/storage" "/opt/${APP}/storage" + cd "/opt/${APP}" || return + + chown -R www-data: "/opt/${APP}" + chmod -R 755 "/opt/${APP}" + + export COMPOSER_ALLOW_SUPERUSER=1 + composer install --no-dev --prefer-source &>/dev/null + + php artisan 2fauth:install + msg_ok "Updated $APP to v${RELEASE}" + + # Cleaning up + msg_info "Cleaning Up" + rm -rf "/opt/v${RELEASE}.zip" + $STD apt-get -y autoremove + $STD apt-get -y autoclean + msg_ok "Cleanup Completed" + + # Last Action + echo "${RELEASE}" >/opt/${APP}_version.txt + msg_ok "Update Successful" + else + msg_ok "No update required. ${APP} is already at v${RELEASE}" + fi + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:80${CL}" \ No newline at end of file diff --git a/install/2fauth-install.sh b/install/2fauth-install.sh new file mode 100644 index 00000000..fd6fb61b --- /dev/null +++ b/install/2fauth-install.sh @@ -0,0 +1,125 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2024 community-scripts ORG +# Author: jkrgr0 +# License: MIT +# Source: https://docs.2fauth.app/ + +# Import Functions und Setup +source /dev/stdin <<< "$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +# Installing Dependencies with the 3 core dependencies (curl;sudo;mc) +msg_info "Installing Dependencies" +$STD apt-get install -y \ + curl \ + sudo \ + mc \ + nginx \ + composer \ + php8.2-{bcmath,common,ctype,fileinfo,mbstring,mysql,xml,cli} \ + mariadb-server +msg_ok "Installed Dependencies" + +# Template: MySQL Database +msg_info "Setting up Database" +DB_NAME=2fauth_db +DB_USER=2fauth +DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13) +$STD mysql -u root -e "CREATE DATABASE $DB_NAME;" +$STD mysql -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED WITH mysql_native_password AS PASSWORD('$DB_PASS');" +$STD mysql -u root -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;" +{ + echo "${APPLICATION} Credentials" + echo "Database User: $DB_USER" + echo "Database Password: $DB_PASS" + echo "Database Name: $DB_NAME" +} >> ~/$APP_NAME.creds +msg_ok "Set up Database" + +# Temp + +# Setup App +msg_info "Setup ${APPLICATION}" +RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') +wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip" +unzip -q "${RELEASE}.zip" +mv "${APPLICATION}-${RELEASE}/" "/opt/${APPLICATION}" + +cd "/opt/${APP}" || return +cp .env.example .env +IPADDRESS=$(hostname -I | awk '{print $1}') + +sed -i -e "s|^APP_URL=.*|APP_URL=http://$IPADDRESS|" \ + -e "s|^DB_CONNECTION=$|DB_CONNECTION=mysql|" \ + -e "s|^DB_DATABASE=$|DB_DATABASE=$DB_NAME|" \ + -e "s|^DB_HOST=$|DB_HOST=127.0.0.1|" \ + -e "s|^DB_PORT=$|DB_PORT=3306|" \ + -e "s|^DB_USERNAME=$|DB_USERNAME=$DB_USER|" \ + -e "s|^DB_PASSWORD=$|DB_PASSWORD=$DB_PASS|" .env + +chown -R www-data: "/opt/${APPLICATION}" +chmod -R 755 "/opt/${APPLICATION}" + +export COMPOSER_ALLOW_SUPERUSER=1 +$STD composer update --no-plugins --no-scripts +$STD composer install --no-dev --prefer-source --no-plugins --no-scripts + +$STD php artisan key:generate --force + +$STD php artisan migrate:refresh +$STD php artisan passport:install +$STD php artisan storage:link +$STD php artisan config:cache + +echo "${RELEASE}" >"/opt/${APPLICATION}_version.txt" +msg_ok "Setup ${APPLICATION}" + +# Configure Service (NGINX) +msg_info "Configure Service" +cat </etc/nginx/conf.d/2fauth.conf +server { + listen 80; + root /opt/${APPLICATION}/public; + server_name $IPADDRESS; + index index.php; + charset utf-8; + + location / { + try_files \$uri \$uri/ /index.php?\$query_string; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + error_page 404 /index.php; + + location ~ \.php\$ { + fastcgi_pass unix:/var/run/php/php8.2-fpm.sock; + fastcgi_param SCRIPT_FILENAME \$realpath_root\$fastcgi_script_name; + include fastcgi_params; + } + + location ~ /\.(?!well-known).* { + deny all; + } +} +EOF + +systemctl reload nginx +msg_ok "Configured Service" + +motd_ssh +customize + +# Cleanup +msg_info "Cleaning up" +rm -f "/opt/v${RELEASE}.zip" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned" diff --git a/json/2fauth.json b/json/2fauth.json new file mode 100644 index 00000000..bca0ea51 --- /dev/null +++ b/json/2fauth.json @@ -0,0 +1,34 @@ +{ + "name": "2FAuth", + "slug": "2fauth", + "categories": [ + 0 + ], + "date_created": "2024-12-20", + "type": "ct", + "updateable": true, + "privileged": false, + "interface_port": 80, + "documentation": null, + "website": "https://docs.2fauth.app/", + "logo": "https://raw.githubusercontent.com/Bubka/2FAuth/refs/heads/master/public/logo.svg", + "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface.", + "install_methods": [ + { + "type": "default", + "script": "ct/2fauth.sh", + "resources": { + "cpu": 1, + "ram": 512, + "hdd": 2, + "os": "Debian", + "version": "12" + } + } + ], + "default_credentials": { + "username": null, + "password": null + }, + "notes": [] + } \ No newline at end of file