Initial skeleton for step-ca script

2025-02-06 15:59:17 +00:00 · 2025-01-11 00:14:23 +01:00 · 2025-01-11 00:14:23 +01:00 · b6a78dd3a3
commit b6a78dd3a3
parent c772f83e14
3 changed files with 164 additions and 0 deletions
--- a/ct/step-ca.sh
+++ b/ct/step-ca.sh
@ -0,0 +1,85 @@
+#!/usr/bin/env bash
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: FWiegerinck
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/smallstep/certificates
+
+# App Default Values
+APP="Step-CA"
+TAGS="alpine;step-ca"
+var_cpu="1"
+var_ram="512"
+var_disk="1024"
+var_os="alpine"
+var_version="3.20"
+var_unprivileged="0"
+
+# App Output & Base Settings
+header_info "$APP"
+base_settings
+
+# Core
+variables
+color
+catch_errors
+
+function update_script() {
+    header_info
+    check_container_storage
+    check_container_resources
+
+    # Check if installation is present | -f for file, -d for folder
+    if [[ ! -f [INSTALLATION_CHECK_PATH] ]]; then
+        msg_error "No ${APP} Installation Found!"
+        exit
+    fi
+
+    # Crawling the new version and checking whether an update is required
+    RELEASE=$(curl -fsSL [RELEASE_URL] | [PARSE_RELEASE_COMMAND])
+    if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]] || [[ ! -f /opt/${APP}_version.txt ]]; then
+        msg_info "Updating $APP"
+
+        # Stopping Services
+        msg_info "Stopping $APP"
+        systemctl stop [SERVICE_NAME]
+        msg_ok "Stopped $APP"
+
+        # Creating Backup
+        msg_info "Creating Backup"
+        tar -czf "/opt/${APP}_backup_$(date +%F).tar.gz" [IMPORTANT_PATHS]
+        msg_ok "Backup Created"
+
+        # Execute Update
+        msg_info "Updating $APP to v${RELEASE}"
+        [UPDATE_COMMANDS]
+        msg_ok "Updated $APP to v${RELEASE}"
+
+        # Starting Services
+        msg_info "Starting $APP"
+        systemctl start [SERVICE_NAME]
+        sleep 2
+        msg_ok "Started $APP"
+
+        # Cleaning up
+        msg_info "Cleaning Up"
+        rm -rf [TEMP_FILES]
+        msg_ok "Cleanup Completed"
+
+        # Last Action
+        echo "${RELEASE}" >/opt/${APP}_version.txt
+        msg_ok "Update Successful"
+    else
+        msg_ok "No update required. ${APP} is already at v${RELEASE}"
+    fi
+    exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:[PORT]${CL}"
--- a/install/alpine-stepca-install.sh
+++ b/install/alpine-stepca-install.sh
@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: FWiegerinck
+# License: MIT
+# Source: https://github.com/smallstep/certificates
+
+# Import Functions und Setup
+source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+# Installing Dependencies with the 3 core dependencies (curl;sudo;mc)
+#msg_info "Installing Dependencies"
+#msg_ok "Installed Dependencies"
+
+msg_info "Installing Alpine Step-CA"
+$STD apk add step-cli step-certificates
+msg_ok "Installed Alpine Step-CA"
+
+# Initialize CA
+CA_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
+config_dir="/etc/step-ca"
+log_dir="/var/log/step-ca"
+error_log="${log_dir}/${RC_SVCNAME}.log"
+profile_file="${config_dir}/.profile"
+ca_file="${config_dir}/config/ca.json"
+passwd_file="${config_dir}/password.txt"
+
+cat <<EOF >${passwd_file}
+${CA_PASS}
+EOF
+
+# Start application
+msg_info "Starting Alpine Step-CA"
+$STD rc-service step-ca start
+$STD rc-update add step-ca default
+msg_ok "Started Alpine Step-CA"
+
+motd_ssh
+customize
--- a/json/step-ca.json
+++ b/json/step-ca.json
@ -0,0 +1,34 @@
+{
+    "name": "Step CA",
+    "slug": "step-ca",
+    "categories": [
+      11
+    ],
+    "date_created": "2025-01-10",
+    "type": "ct",
+    "updateable": false,
+    "privileged": false,
+    "interface_port": 443,
+    "documentation": "https://smallstep.com/docs/step-ca/configuration/",
+    "website": "https://smallstep.com/docs/step-ca/",
+    "logo": "https://avatars.githubusercontent.com/u/23183426?v=4",
+    "description": "Step CA is an open source Certificate Authority provided by Smallstep. This script creates a step-ca instance as your local online Certificate Authority with ACME support. It provides secure, automated X.509 and SSH certificate management. ",
+    "install_methods": [
+      {
+        "type": "alpine",
+        "script": "/ct/alpine-step-ca.sh",
+        "resources": {
+          "cpu": 1,
+          "ram": 512,
+          "hdd": 1,
+          "os": null,
+          "version": null
+        }
+      }
+    ],
+    "default_credentials": {
+      "username": null,
+      "password": null
+    },
+    "notes": []
+  }