diff --git a/ct/step-ca.sh b/ct/step-ca.sh new file mode 100644 index 00000000..b116b4f0 --- /dev/null +++ b/ct/step-ca.sh @@ -0,0 +1,85 @@ +#!/usr/bin/env bash +source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: FWiegerinck +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/smallstep/certificates + +# App Default Values +APP="Step-CA" +TAGS="alpine;step-ca" +var_cpu="1" +var_ram="512" +var_disk="1024" +var_os="alpine" +var_version="3.20" +var_unprivileged="0" + +# App Output & Base Settings +header_info "$APP" +base_settings + +# Core +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + + # Check if installation is present | -f for file, -d for folder + if [[ ! -f [INSTALLATION_CHECK_PATH] ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + # Crawling the new version and checking whether an update is required + RELEASE=$(curl -fsSL [RELEASE_URL] | [PARSE_RELEASE_COMMAND]) + if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]] || [[ ! -f /opt/${APP}_version.txt ]]; then + msg_info "Updating $APP" + + # Stopping Services + msg_info "Stopping $APP" + systemctl stop [SERVICE_NAME] + msg_ok "Stopped $APP" + + # Creating Backup + msg_info "Creating Backup" + tar -czf "/opt/${APP}_backup_$(date +%F).tar.gz" [IMPORTANT_PATHS] + msg_ok "Backup Created" + + # Execute Update + msg_info "Updating $APP to v${RELEASE}" + [UPDATE_COMMANDS] + msg_ok "Updated $APP to v${RELEASE}" + + # Starting Services + msg_info "Starting $APP" + systemctl start [SERVICE_NAME] + sleep 2 + msg_ok "Started $APP" + + # Cleaning up + msg_info "Cleaning Up" + rm -rf [TEMP_FILES] + msg_ok "Cleanup Completed" + + # Last Action + echo "${RELEASE}" >/opt/${APP}_version.txt + msg_ok "Update Successful" + else + msg_ok "No update required. ${APP} is already at v${RELEASE}" + fi + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:[PORT]${CL}" diff --git a/install/alpine-stepca-install.sh b/install/alpine-stepca-install.sh new file mode 100644 index 00000000..48844ad4 --- /dev/null +++ b/install/alpine-stepca-install.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: FWiegerinck +# License: MIT +# Source: https://github.com/smallstep/certificates + +# Import Functions und Setup +source /dev/stdin <<< "$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +# Installing Dependencies with the 3 core dependencies (curl;sudo;mc) +#msg_info "Installing Dependencies" +#msg_ok "Installed Dependencies" + +msg_info "Installing Alpine Step-CA" +$STD apk add step-cli step-certificates +msg_ok "Installed Alpine Step-CA" + +# Initialize CA +CA_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)" +config_dir="/etc/step-ca" +log_dir="/var/log/step-ca" +error_log="${log_dir}/${RC_SVCNAME}.log" +profile_file="${config_dir}/.profile" +ca_file="${config_dir}/config/ca.json" +passwd_file="${config_dir}/password.txt" + +cat <${passwd_file} +${CA_PASS} +EOF + +# Start application +msg_info "Starting Alpine Step-CA" +$STD rc-service step-ca start +$STD rc-update add step-ca default +msg_ok "Started Alpine Step-CA" + +motd_ssh +customize diff --git a/json/step-ca.json b/json/step-ca.json new file mode 100644 index 00000000..ed55de2e --- /dev/null +++ b/json/step-ca.json @@ -0,0 +1,34 @@ +{ + "name": "Step CA", + "slug": "step-ca", + "categories": [ + 11 + ], + "date_created": "2025-01-10", + "type": "ct", + "updateable": false, + "privileged": false, + "interface_port": 443, + "documentation": "https://smallstep.com/docs/step-ca/configuration/", + "website": "https://smallstep.com/docs/step-ca/", + "logo": "https://avatars.githubusercontent.com/u/23183426?v=4", + "description": "Step CA is an open source Certificate Authority provided by Smallstep. This script creates a step-ca instance as your local online Certificate Authority with ACME support. It provides secure, automated X.509 and SSH certificate management. ", + "install_methods": [ + { + "type": "alpine", + "script": "/ct/alpine-step-ca.sh", + "resources": { + "cpu": 1, + "ram": 512, + "hdd": 1, + "os": null, + "version": null + } + } + ], + "default_credentials": { + "username": null, + "password": null + }, + "notes": [] + } \ No newline at end of file