Update CHANGELOG.md

* ensure all RFC1918 local Ipv4 addresses are in iptag script

* fix indent

CHANGELOG.md

@@ -16,6 +16,19 @@ All LXC instances created using this repository come pre-installed with Midnight
 > [!IMPORTANT]
 Do not break established syntax in this file, as it is automatically updated by a Github Workflow
 
+## 2024-12-26
+
+### Changed
+
+### ✨ New Scripts
+
+- New Script: 2FAuth [@jkrgr0](https://github.com/jkrgr0) ([#943](https://github.com/community-scripts/ProxmoxVE/pull/943))
+
+### 🚀 Updated Scripts
+
+- ensure all RFC1918 local Ipv4 addresses are in iptag script [@AskAlice](https://github.com/AskAlice) ([#992](https://github.com/community-scripts/ProxmoxVE/pull/992))
+- Fix Proxmox DataCenter: incorrect build.func url [@rbradley0](https://github.com/rbradley0) ([#1013](https://github.com/community-scripts/ProxmoxVE/pull/1013))
+
 ## 2024-12-25
 
 ### Changed

ct/2fauth.sh

@@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2024 community-scripts ORG
+# Author: jkrgr0
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://docs.2fauth.app/
+
+# App Default Values
+APP="2FAuth"
+TAGS="2fa;authenticator"
+var_cpu="1"
+var_ram="512"
+var_disk="2"
+var_os="debian"
+var_version="12"
+var_unprivileged="1"
+
+# App Output & Base Settings
+header_info "$APP"
+base_settings
+
+# Core
+variables
+color
+catch_errors
+
+function update_script() {
+    header_info
+    check_container_storage
+    check_container_resources
+
+    # Check if installation is present | -f for file, -d for folder
+    if [[ ! -d "/opt/2fauth" ]]; then
+        msg_error "No ${APP} Installation Found!"
+        exit
+    fi
+
+    # Crawling the new version and checking whether an update is required
+    RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
+    if [[ "${RELEASE}" != "$(cat /opt/2fauth_version.txt)" ]] || [[ ! -f /opt/2fauth_version.txt ]]; then
+        msg_info "Updating $APP to ${RELEASE}"
+
+        apt-get update &>/dev/null
+        apt-get -y upgrade &>/dev/null
+
+        # Creating Backup
+        msg_info "Creating Backup"
+        mv "/opt/2fauth" "/opt/2fauth-backup"
+        msg_ok "Backup Created"
+
+        # Execute Update
+        wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip"
+        unzip -q "${RELEASE}.zip"
+        mv "2FAuth-${RELEASE//v}/" "/opt/2fauth"
+        mv "/opt/2fauth-backup/.env" "/opt/2fauth/.env"
+        mv "/opt/2fauth-backup/storage" "/opt/2fauth/storage"
+        cd "/opt/2fauth" || return
+
+        chown -R www-data: "/opt/2fauth"
+        chmod -R 755 "/opt/2fauth"
+
+        export COMPOSER_ALLOW_SUPERUSER=1
+        composer install --no-dev --prefer-source &>/dev/null
+
+        php artisan 2fauth:install
+
+        # Cleaning up
+        msg_info "Cleaning Up"
+        rm -rf "v${RELEASE}.zip"
+        $STD apt-get -y autoremove
+        $STD apt-get -y autoclean
+        msg_ok "Cleanup Completed"
+
+        # Last Action
+        echo "${RELEASE}" >/opt/2fauth_version.txt
+        msg_ok "Updated $APP to ${RELEASE}"
+    else
+        msg_ok "No update required. ${APP} is already at ${RELEASE}"
+    fi
+    exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:80${CL}"

ct/proxmox-datacenter-manager.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/raw/main/misc/build.func)
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
 # Copyright (c) 2021-2024 community-scripts ORG
 # Author: CrazyWolf13
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE

install/2fauth-install.sh

@@ -0,0 +1,123 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2024 community-scripts ORG
+# Author: jkrgr0
+# License: MIT
+# Source: https://docs.2fauth.app/
+
+# Import Functions und Setup
+source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+# Installing Dependencies with the 3 core dependencies (curl;sudo;mc)
+msg_info "Installing Dependencies"
+$STD apt-get install -y \
+  curl \
+  sudo \
+  mc \
+  nginx \
+  composer \
+  php8.2-{bcmath,common,ctype,curl,fileinfo,fpm,gd,mbstring,mysql,xml,cli} \
+  mariadb-server
+msg_ok "Installed Dependencies"
+
+# Template: MySQL Database
+msg_info "Setting up Database"
+DB_NAME=2fauth_db
+DB_USER=2fauth
+DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
+$STD mysql -u root -e "CREATE DATABASE $DB_NAME;"
+$STD mysql -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED WITH mysql_native_password AS PASSWORD('$DB_PASS');"
+$STD mysql -u root -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
+{
+    echo "2FAuth Credentials"
+    echo "Database User: $DB_USER"
+    echo "Database Password: $DB_PASS"
+    echo "Database Name: $DB_NAME"
+} >> ~/2FAuth.creds
+msg_ok "Set up Database"
+
+# Setup App
+msg_info "Setup 2FAuth"
+RELEASE=$(curl -s https://api.github.com/repos/Bubka/2FAuth/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
+wget -q "https://github.com/Bubka/2FAuth/archive/refs/tags/${RELEASE}.zip"
+unzip -q "${RELEASE}.zip"
+mv "2FAuth-${RELEASE//v}/" /opt/2fauth
+
+cd "/opt/2fauth" || return
+cp .env.example .env
+IPADDRESS=$(hostname -I | awk '{print $1}')
+
+sed -i -e "s|^APP_URL=.*|APP_URL=http://$IPADDRESS|" \
+       -e "s|^DB_CONNECTION=$|DB_CONNECTION=mysql|" \
+       -e "s|^DB_DATABASE=$|DB_DATABASE=$DB_NAME|" \
+       -e "s|^DB_HOST=$|DB_HOST=127.0.0.1|" \
+       -e "s|^DB_PORT=$|DB_PORT=3306|" \
+       -e "s|^DB_USERNAME=$|DB_USERNAME=$DB_USER|" \
+       -e "s|^DB_PASSWORD=$|DB_PASSWORD=$DB_PASS|" .env
+
+export COMPOSER_ALLOW_SUPERUSER=1
+$STD composer update --no-plugins --no-scripts
+$STD composer install --no-dev --prefer-source --no-plugins --no-scripts
+
+$STD php artisan key:generate --force
+
+$STD php artisan migrate:refresh
+$STD php artisan passport:install -q -n
+$STD php artisan storage:link
+$STD php artisan config:cache
+
+chown -R www-data: /opt/2fauth
+chmod -R 755 /opt/2fauth
+
+echo "${RELEASE}" >"/opt/2fauth_version.txt"
+msg_ok "Setup 2fauth"
+
+# Configure Service (NGINX)
+msg_info "Configure Service"
+cat <<EOF >/etc/nginx/conf.d/2fauth.conf
+server {
+        listen 80;
+        root /opt/2fauth/public;
+        server_name $IPADDRESS;
+        index index.php;
+        charset utf-8;
+
+        location / {
+                try_files \$uri \$uri/ /index.php?\$query_string;
+        }
+
+        location = /favicon.ico { access_log off; log_not_found off; }
+        location = /robots.txt { access_log off; log_not_found off; }
+
+        error_page 404 /index.php;
+
+        location ~ \.php\$ {
+                fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
+                fastcgi_param SCRIPT_FILENAME \$realpath_root\$fastcgi_script_name;
+                include fastcgi_params;
+        }
+
+        location ~ /\.(?!well-known).* {
+                deny all;
+        }
+}
+EOF
+
+systemctl reload nginx
+msg_ok "Configured Service"
+
+motd_ssh
+customize
+
+# Cleanup
+msg_info "Cleaning up"
+rm -f "/opt/v${RELEASE}.zip"
+$STD apt-get -y autoremove
+$STD apt-get -y autoclean
+msg_ok "Cleaned"

json/2fauth.json

@@ -0,0 +1,43 @@
+{
+    "name": "2FAuth",
+    "slug": "2fauth",
+    "categories": [
+      0
+    ],
+    "date_created": "2024-12-20",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 80,
+    "documentation": null,
+    "website": "https://docs.2fauth.app/",
+    "logo": "https://raw.githubusercontent.com/Bubka/2FAuth/refs/heads/master/public/logo.svg",
+    "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface.",
+    "install_methods": [
+      {
+        "type": "default",
+        "script": "ct/2fauth.sh",
+        "resources": {
+          "cpu": 1,
+          "ram": 512,
+          "hdd": 2,
+          "os": "Debian",
+          "version": "12"
+        }
+      }
+    ],
+    "default_credentials": {
+      "username": null,
+      "password": null
+    },
+    "notes": [
+      {
+        "text": "Database credentials: `cat ~/2FAuth.creds`",
+        "type": "info"
+      },
+      {
+        "text": "The very first account created is automatically set up as an administrator account.",
+        "type": "info"
+      }
+    ]
+  }

json/proxmox-datacenter-manager.json

@@ -2,10 +2,9 @@
     "name": "Proxmox Datacenter Manager",
     "slug": "proxmox-datacenter-manager",
     "categories": [
-      11,
       1
     ],
-    "date_created": "2024-12-20",
+    "date_created": "2024-12-25",
     "type": "ct",
     "updateable": true,
     "privileged": false,

misc/add-lxc-iptag.sh

@@ -133,8 +133,9 @@ if [[ ! -f /opt/lxc-iptag/iptag.conf ]]; then
 # List of allowed CIDRs
 CIDR_LIST=(
   192.168.0.0/16
-  100.64.0.0/10
+  172.16.0.0/12
   10.0.0.0/8
+  100.64.0.0/10
 )
 
 # Interval settings (in seconds)