diff --git a/ct/twingate-connector.sh b/ct/twingate-connector.sh new file mode 100644 index 000000000..42fe1a6f7 --- /dev/null +++ b/ct/twingate-connector.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: twingate-andrewb +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.twingate.com/docs/ + +APP="Twingate-Connector" +var_tags="${var_tags:-network;connector;twingate}" +var_cpu="${var_cpu:-1}" +var_ram="${var_ram:-1024}" +var_disk="${var_disk:-3}" +var_os="${var_os:-ubuntu}" +var_version="${var_version:-24.04}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + + if [[ ! -f /lib/systemd/system/twingate-connector.service ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + msg_info "Updating ${APP}" + $STD apt update + $STD apt install -yq twingate-connector + $STD systemctl restart twingate-connector + msg_ok "Updated Successfully" + exit +} + +start +build_container +description + +msg_ok "All Finished! If you need to update your access or refresh tokens, they can be found in /etc/twingate/connector.conf" diff --git a/frontend/public/json/twingate-connector.json b/frontend/public/json/twingate-connector.json new file mode 100644 index 000000000..e9aa195ed --- /dev/null +++ b/frontend/public/json/twingate-connector.json @@ -0,0 +1,44 @@ +{ + "name": "twingate-connector", + "slug": "twingate-connector", + "categories": [ + 4 + ], + "date_created": "2025-07-17", + "type": "ct", + "updateable": true, + "privileged": false, + "interface_port": null, + "documentation": "https://www.twingate.com/docs/", + "config_path": "/etc/twingate/connector.conf", + "website": "https://www.twingate.com", + "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons/webp/twingate.webp", + "description": "Twingate Connectors are lightweight software components that establish secure, least-privileged access between private network resources and authorized users without exposing the network to the internet. They act as outbound-only bridges between your protected resources and the Twingate infrastructure, ensuring zero-trust access without the need for a VPN.", + "install_methods": [ + { + "type": "default", + "script": "ct/twingate-connector.sh", + "resources": { + "cpu": 1, + "ram": 1024, + "hdd": 3, + "os": "Ubuntu", + "version": "24.04" + } + } + ], + "default_credentials": { + "username": null, + "password": null + }, + "notes": [ + { + "text": "You can get your Twingate access or refresh tokens from the Twingate Admin Console. `https://auth.twingate.com/signup-v2`", + "type": "info" + }, + { + "text": "If you need to update your access or refresh tokens, they can be found in /etc/twingate/connector.conf", + "type": "info" + } + ] +} diff --git a/install/twingate-connector-install.sh b/install/twingate-connector-install.sh new file mode 100644 index 000000000..0b4b9f3a6 --- /dev/null +++ b/install/twingate-connector-install.sh @@ -0,0 +1,61 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: MickLesk (CanbiZ), twingate-andrewb +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.twingate.com/docs/ + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +install -d -m 0700 /etc/twingate +access_token="" +refresh_token="" +network="" +while [[ -z "$access_token" ]]; do + read -rp "${TAB3}Please enter your access token: " access_token +done +while [[ -z "$refresh_token" ]]; do + read -rp "${TAB3}Please enter your refresh token: " refresh_token +done +while [[ -z "$network" ]]; do + read -rp "${TAB3}Please enter your network name: " network +done + +msg_info "Setup Twingate Repository" +curl -fsSL "https://packages.twingate.com/apt/gpg.key" | gpg --dearmor -o /usr/share/keyrings/twingate-connector-keyring.gpg +echo "deb [signed-by=/usr/share/keyrings/twingate-connector-keyring.gpg] https://packages.twingate.com/apt/ /" > /etc/apt/sources.list.d/twingate.list +$STD apt-get update +msg_ok "Setup Twingate Repository" + +msg_info "Setup Twingate Connector" +$STD apt-get install -y twingate-connector +msg_ok "Setup Twingate Connector" + +msg_info "Configure Twingate-Connector" +{ + echo "TWINGATE_NETWORK=${network}" + echo "TWINGATE_ACCESS_TOKEN=${access_token}" + echo "TWINGATE_REFRESH_TOKEN=${refresh_token}" + echo "TWINGATE_LABEL_HOSTNAME=$(hostname)" + echo "TWINGATE_LABEL_DEPLOYED_BY=proxmox" +} > /etc/twingate/connector.conf +chmod 600 /etc/twingate/connector.conf +msg_ok "Configured Twingate-Connector" + +msg_info "Starting Service" +systemctl enable -q --now twingate-connector +msg_ok "Service started" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned"