From 8765b7ac1d1c67b88258825bf03e0637d781b4c8 Mon Sep 17 00:00:00 2001
From: "push-app-to-main[bot]"
 <203845782+push-app-to-main[bot]@users.noreply.github.com>
Date: Wed, 28 May 2025 13:34:38 +0200
Subject: [PATCH] oauth2-proxy (#4784)

* 'Add new script'

* change cleaning

* change cleaning

---------

Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>
---
 ct/headers/oauth2-proxy                |  6 +++
 ct/oauth2-proxy.sh                     | 64 ++++++++++++++++++++++++++
 frontend/public/json/oauth2-proxy.json | 45 ++++++++++++++++++
 install/oauth2-proxy-install.sh        | 58 +++++++++++++++++++++++
 4 files changed, 173 insertions(+)
 create mode 100644 ct/headers/oauth2-proxy
 create mode 100644 ct/oauth2-proxy.sh
 create mode 100644 frontend/public/json/oauth2-proxy.json
 create mode 100644 install/oauth2-proxy-install.sh

diff --git a/ct/headers/oauth2-proxy b/ct/headers/oauth2-proxy
new file mode 100644
index 000000000..30bd3126a
--- /dev/null
+++ b/ct/headers/oauth2-proxy
@@ -0,0 +1,6 @@
+                     __  __   ___                                   
+  ____  ____ ___  __/ /_/ /_ |__ \      ____  _________  _  ____  __
+ / __ \/ __ `/ / / / __/ __ \__/ /_____/ __ \/ ___/ __ \| |/_/ / / /
+/ /_/ / /_/ / /_/ / /_/ / / / __/_____/ /_/ / /  / /_/ />  </ /_/ / 
+\____/\__,_/\__,_/\__/_/ /_/____/    / .___/_/   \____/_/|_|\__, /  
+                                    /_/                    /____/   
diff --git a/ct/oauth2-proxy.sh b/ct/oauth2-proxy.sh
new file mode 100644
index 000000000..f6cfe77dc
--- /dev/null
+++ b/ct/oauth2-proxy.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: bvdberg01
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/oauth2-proxy/oauth2-proxy/
+
+APP="oauth2-proxy"
+var_tags="${var_tags:-os}"
+var_cpu="${var_cpu:-1}"
+var_ram="${var_ram:-512}"
+var_disk="${var_disk:-3}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-12}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/oauth2-proxy ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  RELEASE=$(curl -fsSL https://api.github.com/repos/oauth2-proxy/oauth2-proxy/releases/latest | jq -r .tag_name | sed 's/^v//')
+  if [[ ! -f /opt/${APP}_version.txt ]] || [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]]; then
+    msg_info "Stopping ${APP} services"
+    systemctl stop oauth2-proxy
+    msg_ok "Stopped ${APP}"
+
+    msg_info "Updating $APP to ${RELEASE}"
+    rm -f /opt/oauth2-proxy/oauth2-proxy
+    curl -fsSL "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${RELEASE}/oauth2-proxy-v${RELEASE}.linux-amd64.tar.gz" -o /opt/oauth2-proxy.tar.gz
+    tar -xzf /opt/oauth2-proxy.tar.gz
+    mv /opt/oauth2-proxy-v${RELEASE}.linux-amd64/oauth2-proxy /opt/oauth2-proxy
+    systemctl start oauth2-proxy
+    echo "${RELEASE}" >/opt/${APP}_version.txt
+    msg_ok "Updated ${APP} to ${RELEASE}"
+
+    msg_info "Cleaning up"
+    rm -f "/opt/oauth2-proxy.tar.gz"
+    rm -rf "/opt/oauth2-proxy-v${RELEASE}.linux-amd64"
+    $STD apt-get -y autoremove
+    $STD apt-get -y autoclean
+    msg_ok "Cleaned"
+  else
+    msg_ok "${APP} is already up to date (${RELEASE})"
+  fi
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Now you can modify /opt/oauth2-proxy/config.toml with your needed config.${CL}"
diff --git a/frontend/public/json/oauth2-proxy.json b/frontend/public/json/oauth2-proxy.json
new file mode 100644
index 000000000..f3361ea46
--- /dev/null
+++ b/frontend/public/json/oauth2-proxy.json
@@ -0,0 +1,45 @@
+{
+    "name": "OAuth2-Proxy",
+    "slug": "oauth2-proxy",
+    "categories": [
+        4,
+        6
+    ],
+    "date_created": "2025-05-25",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": null,
+    "documentation": "https://oauth2-proxy.github.io/oauth2-proxy/configuration/overview",
+    "website": "https://oauth2-proxy.github.io/oauth2-proxy/",
+    "logo": "https://raw.githubusercontent.com/oauth2-proxy/oauth2-proxy/f82e90426a1881d36bf995f25de9b7b1db4c2564/docs/static/img/logos/OAuth2_Proxy_icon.svg",
+    "config_path": "/opt/oauth2-proxy/config.toml",
+    "description": "A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/oauth2-proxy.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 512,
+                "hdd": 3,
+                "os": "debian",
+                "version": "12"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "This application includes a blank configuration file by default due to the wide range of available configuration options. We recommend referring to the official documentation for guidance: `https://oauth2-proxy.github.io/oauth2-proxy/configuration/overview`. With this you can make your config.toml file accordingly to your needs.",
+            "type": "info"
+        },
+        {
+            "text": "After changing the config restart OAuth2-Proxy with: `systemctl restart oauth2-proxy`",
+            "type": "info"
+        }
+    ]
+}
diff --git a/install/oauth2-proxy-install.sh b/install/oauth2-proxy-install.sh
new file mode 100644
index 000000000..3ed3fecea
--- /dev/null
+++ b/install/oauth2-proxy-install.sh
@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: bvdberg01
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/oauth2-proxy/oauth2-proxy/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt-get install -y \
+  jq
+msg_ok "Installed Dependencies"
+
+msg_info "Setup OAuth2-Proxy"
+RELEASE=$(curl -fsSL https://api.github.com/repos/oauth2-proxy/oauth2-proxy/releases/latest | jq -r .tag_name | sed 's/^v//')
+mkdir -p /opt/oauth2-proxy
+curl -fsSL "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${RELEASE}/oauth2-proxy-v${RELEASE}.linux-amd64.tar.gz" -o /opt/oauth2-proxy.tar.gz
+tar -xzf /opt/oauth2-proxy.tar.gz -C /opt
+mv /opt/oauth2-proxy-v${RELEASE}.linux-amd64/oauth2-proxy /opt/oauth2-proxy
+touch /opt/oauth2-proxy/config.toml
+echo "${RELEASE}" >/opt/${APPLICATION}_version.txt
+msg_ok "Setup OAuth2-Proxy"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/oauth2-proxy.service
+[Unit]
+Description=OAuth2-Proxy Service
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/oauth2-proxy
+ExecStart=/opt/oauth2-proxy/oauth2-proxy --config config.toml
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now oauth2-proxy
+msg_ok "Created Service"
+
+motd_ssh
+customize
+
+msg_info "Cleaning up"
+rm -f "/opt/oauth2-proxy.tar.gz"
+rm -rf "/opt/oauth2-proxy-v${RELEASE}.linux-amd64"
+$STD apt-get -y autoremove
+$STD apt-get -y autoclean
+msg_ok "Cleaned"