New Script: 2FAuth (#943)

* feat(2fauth): ✨ Added 2FAuth * refactor: 🚚 Changed path to user repo * refactor: 🚚 Changed path to user repo * refactor: 🚚 Changed path to user repo * refactor: 🚚 Changed path to user repo * refactor: 🚚 Changed path to user repo * fix(2fauth): 🐛 Fixed path to build functions file * fix(2fauth): 🐛 Fixed unbound variable * fix(2fauth): 🐛 Use instead of for the directory name * chore(2fauth): ✨ Added dependency package for improved composer performance * chore(2fauth): ✨ Added dependency package as it's required * chore(2fauth): ✨ Added dependency package `php8.2-fpm` as it's required * fix(2fauth): 🐛 Fixed unbound variable * fix(2fauth): 🐛 Fixed installation * fix(install): 🐛 Fixed unassigned variable * fix(install): 🐛 Fixed installation * fix(install): 🐛 explicitly set ownership as last step * revert: ⏪ Revert path rewrite to user repo * revert: ⏪ Revert path rewrite to user repo * refactor(2fauth): ⚰️ Removed commented-out code * fix(2fauth): 🚚 Fixed path to remove correctly * refactor(2fauth): 🎨 Changed from variables to static as requested * docs(2fauth): 📝 Added notes for db credentials and the first account being an administrator account * fix(2fauth): 🔊 Updated progress logging * test(2fauth): 🚚 Changed pathes temporarily to user repo to test the App * fix(2fauth): 🚑 Fixed wrong version file in update_script * fix(2fauth): 💄 Removed duplicated version prefix v in messages * Revert 'test(2fauth): 🚚 Changed pathes temporarily to user repo to test the App'
2025-01-10 19:05:09 +00:00 · 2024-12-26 10:36:17 +01:00 · 2024-12-26 10:36:17 +01:00 · b30e8c534f
commit b30e8c534f
parent 9b07fe4178
3 changed files with 256 additions and 0 deletions
--- a/ct/2fauth.sh
+++ b/ct/2fauth.sh
@ -0,0 +1,90 @@
 #!/usr/bin/env bash
 source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
 # Copyright (c) 2021-2024 community-scripts ORG
 # Author: jkrgr0
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://docs.2fauth.app/
 # App Default Values
 APP="2FAuth"
 TAGS="2fa;authenticator"
 var_cpu="1"
 var_ram="512"
 var_disk="2"
 var_os="debian"
 var_version="12"
 var_unprivileged="1"
 # App Output & Base Settings
 header_info "$APP"
 base_settings
 # Core
 variables
 color
 catch_errors
 function update_script() {
    header_info
    check_container_storage
    check_container_resources
    # Check if installation is present | -f for file, -d for folder
    if [[ ! -d "/opt/2fauth" ]]; then
        msg_error "No ${APP} Installation Found!"
        exit
    fi
    # Crawling the new version and checking whether an update is required
    RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
    if [[ "${RELEASE}" != "$(cat /opt/2fauth_version.txt)" ]] || [[ ! -f /opt/2fauth_version.txt ]]; then
        msg_info "Updating $APP to ${RELEASE}"
        apt-get update &>/dev/null
        apt-get -y upgrade &>/dev/null
        # Creating Backup
        msg_info "Creating Backup"
        mv "/opt/2fauth" "/opt/2fauth-backup"
        msg_ok "Backup Created"
        # Execute Update
        wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip"
        unzip -q "${RELEASE}.zip"
        mv "2FAuth-${RELEASE//v}/" "/opt/2fauth"
        mv "/opt/2fauth-backup/.env" "/opt/2fauth/.env"
        mv "/opt/2fauth-backup/storage" "/opt/2fauth/storage"
        cd "/opt/2fauth" || return
        chown -R www-data: "/opt/2fauth"
        chmod -R 755 "/opt/2fauth"
        export COMPOSER_ALLOW_SUPERUSER=1
        composer install --no-dev --prefer-source &>/dev/null
        php artisan 2fauth:install
        # Cleaning up
        msg_info "Cleaning Up"
        rm -rf "v${RELEASE}.zip"
        $STD apt-get -y autoremove
        $STD apt-get -y autoclean
        msg_ok "Cleanup Completed"
        # Last Action
        echo "${RELEASE}" >/opt/2fauth_version.txt
        msg_ok "Updated $APP to ${RELEASE}"
    else
        msg_ok "No update required. ${APP} is already at ${RELEASE}"
    fi
    exit
 }
 start
 build_container
 description
 msg_ok "Completed Successfully!\n"
 echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
 echo -e "${INFO}${YW} Access it using the following URL:${CL}"
 echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:80${CL}"
--- a/install/2fauth-install.sh
+++ b/install/2fauth-install.sh
@ -0,0 +1,123 @@
 #!/usr/bin/env bash
 # Copyright (c) 2021-2024 community-scripts ORG
 # Author: jkrgr0
 # License: MIT
 # Source: https://docs.2fauth.app/
 # Import Functions und Setup
 source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
 color
 verb_ip6
 catch_errors
 setting_up_container
 network_check
 update_os
 # Installing Dependencies with the 3 core dependencies (curl;sudo;mc)
 msg_info "Installing Dependencies"
 $STD apt-get install -y \
  curl \
  sudo \
  mc \
  nginx \
  composer \
  php8.2-{bcmath,common,ctype,curl,fileinfo,fpm,gd,mbstring,mysql,xml,cli} \
  mariadb-server
 msg_ok "Installed Dependencies"
 # Template: MySQL Database
 msg_info "Setting up Database"
 DB_NAME=2fauth_db
 DB_USER=2fauth
 DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
 $STD mysql -u root -e "CREATE DATABASE $DB_NAME;"
 $STD mysql -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED WITH mysql_native_password AS PASSWORD('$DB_PASS');"
 $STD mysql -u root -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
 {
    echo "2FAuth Credentials"
    echo "Database User: $DB_USER"
    echo "Database Password: $DB_PASS"
    echo "Database Name: $DB_NAME"
 } >> ~/2FAuth.creds
 msg_ok "Set up Database"
 # Setup App
 msg_info "Setup 2FAuth"
 RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
 wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip"
 unzip -q "${RELEASE}.zip"
 mv "2FAuth-${RELEASE//v}/" /opt/2fauth
 cd "/opt/2fauth" || return
 cp .env.example .env
 IPADDRESS=$(hostname -I | awk '{print $1}')
 sed -i -e "s|^APP_URL=.*|APP_URL=http://$IPADDRESS|" \
       -e "s|^DB_CONNECTION=$|DB_CONNECTION=mysql|" \
       -e "s|^DB_DATABASE=$|DB_DATABASE=$DB_NAME|" \
       -e "s|^DB_HOST=$|DB_HOST=127.0.0.1|" \
       -e "s|^DB_PORT=$|DB_PORT=3306|" \
       -e "s|^DB_USERNAME=$|DB_USERNAME=$DB_USER|" \
       -e "s|^DB_PASSWORD=$|DB_PASSWORD=$DB_PASS|" .env
 export COMPOSER_ALLOW_SUPERUSER=1
 $STD composer update --no-plugins --no-scripts
 $STD composer install --no-dev --prefer-source --no-plugins --no-scripts
 $STD php artisan key:generate --force
 $STD php artisan migrate:refresh
 $STD php artisan passport:install -q -n
 $STD php artisan storage:link
 $STD php artisan config:cache
 chown -R www-data: /opt/2fauth
 chmod -R 755 /opt/2fauth
 echo "${RELEASE}" >"/opt/2fauth_version.txt"
 msg_ok "Setup 2fauth"
 # Configure Service (NGINX)
 msg_info "Configure Service"
 cat <<EOF >/etc/nginx/conf.d/2fauth.conf
 server {
        listen 80;
        root /opt/2fauth/public;
        server_name $IPADDRESS;
        index index.php;
        charset utf-8;
        location / {
                try_files \$uri \$uri/ /index.php?\$query_string;
        }
        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt { access_log off; log_not_found off; }
        error_page 404 /index.php;
        location ~ \.php\$ {
                fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
                fastcgi_param SCRIPT_FILENAME \$realpath_root\$fastcgi_script_name;
                include fastcgi_params;
        }
        location ~ /\.(?!well-known).* {
                deny all;
        }
 }
 EOF
 systemctl reload nginx
 msg_ok "Configured Service"
 motd_ssh
 customize
 # Cleanup
 msg_info "Cleaning up"
 rm -f "/opt/v${RELEASE}.zip"
 $STD apt-get -y autoremove
 $STD apt-get -y autoclean
 msg_ok "Cleaned"
--- a/json/2fauth.json
+++ b/json/2fauth.json
@ -0,0 +1,43 @@
 {
    "name": "2FAuth",
    "slug": "2fauth",
    "categories": [
      0
    ],
    "date_created": "2024-12-20",
    "type": "ct",
    "updateable": true,
    "privileged": false,
    "interface_port": 80,
    "documentation": null,
    "website": "https://docs.2fauth.app/",
    "logo": "https://raw.githubusercontent.com/Bubka/2FAuth/refs/heads/master/public/logo.svg",
    "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface.",
    "install_methods": [
      {
        "type": "default",
        "script": "ct/2fauth.sh",
        "resources": {
          "cpu": 1,
          "ram": 512,
          "hdd": 2,
          "os": "Debian",
          "version": "12"
        }
      }
    ],
    "default_credentials": {
      "username": null,
      "password": null
    },
    "notes": [
      {
        "text": "Database credentials: `cat ~/2FAuth.creds`",
        "type": "info"
      },
      {
        "text": "The very first account created is automatically set up as an administrator account.",
        "type": "info"
      }
    ]
  }