From 867739b9e7b32717049d4371afc39cd9f5fddac9 Mon Sep 17 00:00:00 2001 From: Edward Moscardini Date: Thu, 20 Mar 2025 14:56:32 -0400 Subject: [PATCH] initial install for openziti tunnel --- ct/headers/openziti-tunnel | 7 ++++ ct/openziti-tunnel.sh | 42 +++++++++++++++++++ frontend/public/json/openziti-tunnel.json | 43 +++++++++++++++++++ install/openziti-tunnel-install.sh | 50 +++++++++++++++++++++++ 4 files changed, 142 insertions(+) create mode 100644 ct/headers/openziti-tunnel create mode 100644 ct/openziti-tunnel.sh create mode 100644 frontend/public/json/openziti-tunnel.json create mode 100644 install/openziti-tunnel-install.sh diff --git a/ct/headers/openziti-tunnel b/ct/headers/openziti-tunnel new file mode 100644 index 000000000..873635429 --- /dev/null +++ b/ct/headers/openziti-tunnel @@ -0,0 +1,7 @@ + + .__ __ .__ + ____ ______ ____ ____ _______|__|/ |_|__| + / _ \\____ \_/ __ \ / \\___ / \ __\ | +( <_> ) |_> > ___/| | \/ /| || | | | + \____/| __/ \___ >___| /_____ \__||__| |__| + |__| \/ \/ \/ diff --git a/ct/openziti-tunnel.sh b/ct/openziti-tunnel.sh new file mode 100644 index 000000000..a1b9baac3 --- /dev/null +++ b/ct/openziti-tunnel.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash +source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: openziti +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.openziti.io + +APP="openziti-tunnel" +var_tags="network;openziti-tunnel" +var_cpu="1" +var_ram="512" +var_disk="2" +var_os="ubuntu" +var_version="24.04" +var_unprivileged="1" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + if [[ ! -d /var ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + msg_info "Updating $APP LXC" + $STD apt-get update + $STD apt-get -y upgrade + msg_ok "Updated $APP LXC" + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" \ No newline at end of file diff --git a/frontend/public/json/openziti-tunnel.json b/frontend/public/json/openziti-tunnel.json new file mode 100644 index 000000000..279c1a0c4 --- /dev/null +++ b/frontend/public/json/openziti-tunnel.json @@ -0,0 +1,43 @@ +{ + "name": "openziti-tunnel", + "slug": "openziti-tunnel", + "categories": [ + 4 + ], + "date_created": "2025-03-20", + "type": "ct", + "updateable": false, + "privileged": false, + "interface_port": null, + "documentation": "https://openziti.io/docs/reference/tunnelers/docker/", + "website": "https://www.openziti.io/", + "logo": "https://raw.githubusercontent.com/openziti/ziti-doc/main/docusaurus/static/img/ziti-logo-dark.svg", + "description": "OpenZiti is an open-source, zero trust networking platform that enables secure connectivity between applications, services, and devices. It provides secure, encrypted connections between clients and services, and can be used to create secure, zero trust networks.", + "install_methods": [ + { + "type": "default", + "script": "ct/openziti.sh", + "resources": { + "cpu": 1, + "ram": 512, + "hdd": 2, + "os": "Ubuntu", + "version": "24.04" + } + } + ], + "default_credentials": { + "username": null, + "password": null + }, + "notes": [ + { + "text": "The Openziti tunnel is installed in host mode; please see documentation for more information", + "type": "info" + }, + { + "text": "Openziti tunnel prompts for identity enrollment token during installation", + "type": "info" + } + ] +} diff --git a/install/openziti-tunnel-install.sh b/install/openziti-tunnel-install.sh new file mode 100644 index 000000000..a53a9c7fd --- /dev/null +++ b/install/openziti-tunnel-install.sh @@ -0,0 +1,50 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: openziti +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.openziti.io + +source /dev/stdin <<< "$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing Dependencies" +$STD apt-get install -y curl +$STD apt-get install -y mc +$STD apt-get install -y gpg +msg_ok "Installed Dependencies" + +msg_info "Installing openziti" +mkdir -p --mode=0755 /usr/share/keyrings +curl -sSLf https://get.openziti.io/tun/package-repos.gpg | gpg --dearmor -o /usr/share/keyrings/openziti.gpg +echo "deb [signed-by=/usr/share/keyrings/openziti.gpg] https://packages.openziti.org/zitipax-openziti-deb-stable jammy main" > /etc/apt/sources.list.d/openziti.list +$STD apt-get update +$STD apt-get install -y ziti-edge-tunnel +sed -i '0,/^ExecStart/ { /^ExecStart/ { n; s|^ExecStart.*|ExecStart=/opt/openziti/bin/ziti-edge-tunnel run-host --verbose=${ZITI_VERBOSE} --identity-dir=${ZITI_IDENTITY_DIR}| } }' /usr/lib/systemd/system/ziti-edge-tunnel.service +systemctl daemon-reload +msg_ok "Installed openziti" + +read -r -p "Please paste an identity enrollment token(JTW)" prompt +if [[ ${prompt} ]]; then + msg_info "Adding identity" + echo "${prompt}" > /opt/openziti/etc/identities/identity.jwt + chown ziti:ziti /opt/openziti/etc/identities/identity.jwt + systemctl enable -q --now ziti-edge-tunnel.service + msg_ok "Service Started" +else + systemctl enable ziti-edge-tunnel.service + msg_error "No identity provided; please place an identity file in /opt/openziti/etc/identities/ and restart the service" +fi + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned"