diff --git a/ct/oauth2-proxy.sh b/ct/oauth2-proxy.sh new file mode 100644 index 0000000..97399cb --- /dev/null +++ b/ct/oauth2-proxy.sh @@ -0,0 +1,65 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: bvdberg01 +# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE +# Source: https://github.com/oauth2-proxy/oauth2-proxy/ + +APP="oauth2-proxy" +var_tags="${var_tags:-os}" +var_cpu="${var_cpu:-1}" +var_ram="${var_ram:-512}" +var_disk="${var_disk:-3}" +var_os="${var_os:-debian}" +var_version="${var_version:-12}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + + if [[ ! -d /opt/oauth2-proxy ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + RELEASE=$(curl -fsSL https://api.github.com/repos/oauth2-proxy/oauth2-proxy/releases/latest | jq -r .tag_name | sed 's/^v//') + if [[ ! -f /opt/${APP}_version.txt ]] || [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt)" ]]; then + msg_info "Stopping ${APP} services" + systemctl stop oauth2-proxy + msg_ok "Stopped ${APP}" + + msg_info "Updating $APP to ${RELEASE}" + rm -f /opt/oauth2-proxy/oauth2-proxy + curl -fsSL "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${RELEASE}/oauth2-proxy-v${RELEASE}.linux-amd64.tar.gz" -o /opt/oauth2-proxy.tar.gz + tar -xzf /opt/oauth2-proxy.tar.gz + mv /opt/oauth2-proxy-v${RELEASE}.linux-amd64/oauth2-proxy /opt/oauth2-proxy + systemctl restart oauth2-proxy + echo "${RELEASE}" >/opt/${APP}_version.txt + msg_ok "Updated ${APP} to ${RELEASE}" + + msg_info "Cleaning up" + $STD apt-get -y autoremove + $STD apt-get -y autoclean + rm -f "/opt/oauth2-proxy.tar.gz" + rm -rf "/opt/oauth2-proxy-v${RELEASE}.linux-amd64" + msg_ok "Cleaned" + else + msg_ok "${APP} is already up to date (${RELEASE})" + fi +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:4180${CL}" diff --git a/install/oauth2-proxy-install.sh b/install/oauth2-proxy-install.sh new file mode 100644 index 0000000..ecb3cee --- /dev/null +++ b/install/oauth2-proxy-install.sh @@ -0,0 +1,74 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: bvdberg01 +# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE +# Source: https://github.com/oauth2-proxy/oauth2-proxy/ + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing Dependencies" +$STD apt-get install -y \ + jq +msg_ok "Installed Dependencies" + +msg_info "Setup OAuth2-Proxy" +RELEASE=$(curl -fsSL https://api.github.com/repos/oauth2-proxy/oauth2-proxy/releases/latest | jq -r .tag_name | sed 's/^v//') +mkdir -p /opt/oauth2-proxy +curl -fsSL "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${RELEASE}/oauth2-proxy-v${RELEASE}.linux-amd64.tar.gz" -o /opt/oauth2-proxy.tar.gz +tar -xzf /opt/oauth2-proxy.tar.gz +mv /opt/oauth2-proxy-v${RELEASE}.linux-amd64/oauth2-proxy /opt/oauth2-proxy +msg_ok "Setup OAuth2-Proxy" + +msg_info "Setup OAuth2-Proxy Config" +cat </opt/oauth2-proxy/config.cfg +#keycloak +http_address = "0.0.0.0:4180" +provider = "keycloak-oidc" +client_id = "oauth2-proxy" +client_secret = "PLACESECRETHERE" +email_domains = "*" +oidc_issuer_url = "https://example.domain.com/realms/master" +redirect_url = "https://example.domain.com/oauth2/callback" +code_challenge_method = "S256" +cookie_secret = "PLACESECRETHERE" +cookie_domains = ".domain.com" +whitelist_domains = ".domain.com" +EOF +echo "${RELEASE}" >/opt/${APPLICATION}_version.txt +msg_ok "Setup OAuth2-Proxy Config" + +msg_info "Creating Service" +cat </etc/systemd/system/oauth2-proxy.service +[Unit] +Description=OAuth2-Proxy Service +After=network.target + +[Service] +Type=simple +WorkingDirectory=/opt/oauth2-proxy +ExecStart=/opt/oauth2-proxy/oauth2-proxy --config config.cfg +Restart=on-failure +RestartSec=5 + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable -q --now oauth2-proxy +msg_ok "Created Service" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +rm -f "/opt/oauth2-proxy.tar.gz" +rm -rf "/opt/oauth2-proxy-v${RELEASE}.linux-amd64" +msg_ok "Cleaned"