initial install for openziti tunnel

ct/headers/openziti-tunnel

@@ -0,0 +1,7 @@
+
+                                   .__  __  .__ 
+  ____ ______   ____   ____ _______|__|/  |_|__|
+ /  _ \\____ \_/ __ \ /    \\___   /  \   __\  |
+(  <_> )  |_> >  ___/|   |  \/    /|  ||  | |  |
+ \____/|   __/ \___  >___|  /_____ \__||__| |__|
+       |__|        \/     \/      \/            

ct/openziti-tunnel.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: openziti
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.openziti.io
+
+APP="openziti-tunnel"
+var_tags="network;openziti-tunnel"
+var_cpu="1"
+var_ram="512"
+var_disk="2"
+var_os="ubuntu"
+var_version="24.04"
+var_unprivileged="1"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+   header_info
+   check_container_storage
+   check_container_resources
+   if [[ ! -d /var ]]; then
+      msg_error "No ${APP} Installation Found!"
+      exit
+   fi
+   msg_info "Updating $APP LXC"
+   $STD apt-get update
+   $STD apt-get -y upgrade
+   msg_ok "Updated $APP LXC"
+   exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"

frontend/public/json/openziti-tunnel.json

@@ -0,0 +1,43 @@
+{
+    "name": "openziti-tunnel",
+    "slug": "openziti-tunnel",
+    "categories": [
+        4
+    ],
+    "date_created": "2025-03-20",
+    "type": "ct",
+    "updateable": false,
+    "privileged": false,
+    "interface_port": null,
+    "documentation": "https://openziti.io/docs/reference/tunnelers/docker/",
+    "website": "https://www.openziti.io/",
+    "logo": "https://raw.githubusercontent.com/openziti/ziti-doc/main/docusaurus/static/img/ziti-logo-dark.svg",
+    "description": "OpenZiti is an open-source, zero trust networking platform that enables secure connectivity between applications, services, and devices. It provides secure, encrypted connections between clients and services, and can be used to create secure, zero trust networks.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/openziti.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 512,
+                "hdd": 2,
+                "os": "Ubuntu",
+                "version": "24.04"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "The Openziti tunnel is installed in host mode; please see documentation for more information",
+            "type": "info"
+        },
+        {
+            "text": "Openziti tunnel prompts for identity enrollment token during installation",
+            "type": "info"
+        }
+    ]
+}

install/openziti-tunnel-install.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: openziti
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.openziti.io
+
+source /dev/stdin <<< "$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt-get install -y curl
+$STD apt-get install -y mc
+$STD apt-get install -y gpg
+msg_ok "Installed Dependencies"
+
+msg_info "Installing openziti"
+mkdir -p --mode=0755 /usr/share/keyrings
+curl -sSLf https://get.openziti.io/tun/package-repos.gpg | gpg --dearmor -o /usr/share/keyrings/openziti.gpg
+echo "deb [signed-by=/usr/share/keyrings/openziti.gpg] https://packages.openziti.org/zitipax-openziti-deb-stable jammy main" > /etc/apt/sources.list.d/openziti.list
+$STD apt-get update 
+$STD apt-get install -y ziti-edge-tunnel
+sed -i '0,/^ExecStart/ { /^ExecStart/ { n; s|^ExecStart.*|ExecStart=/opt/openziti/bin/ziti-edge-tunnel run-host --verbose=${ZITI_VERBOSE} --identity-dir=${ZITI_IDENTITY_DIR}| } }' /usr/lib/systemd/system/ziti-edge-tunnel.service
+systemctl daemon-reload
+msg_ok "Installed openziti"
+
+read -r -p "Please paste an identity enrollment token(JTW)" prompt
+if [[ ${prompt} ]]; then
+  msg_info "Adding identity"
+  echo "${prompt}" > /opt/openziti/etc/identities/identity.jwt
+  chown ziti:ziti /opt/openziti/etc/identities/identity.jwt
+  systemctl enable -q --now ziti-edge-tunnel.service
+  msg_ok "Service Started"
+else
+  systemctl enable ziti-edge-tunnel.service
+  msg_error "No identity provided; please place an identity file in /opt/openziti/etc/identities/ and restart the service"
+fi
+
+motd_ssh
+customize
+
+msg_info "Cleaning up"
+$STD apt-get -y autoremove
+$STD apt-get -y autoclean
+msg_ok "Cleaned"