From 0a1248861b9ff55da3291fb0418b002e23499b53 Mon Sep 17 00:00:00 2001 From: Thorsten Date: Mon, 24 Feb 2025 11:22:43 +0100 Subject: [PATCH] New Script: Authelia (#2060) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fixed subscription nag removal * Authelia + Dev env * unbound var fix * fixes * service start and update function * remove dev env * remove dev env * Apply suggestions from code review Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update authelia.sh * Update authelia-install.sh --------- Co-authored-by: Slaviša Arežina <58952836+tremor021@users.noreply.github.com> Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> --- ct/authelia.sh | 55 ++++++++++++++++++++++++ install/authelia-install.sh | 84 +++++++++++++++++++++++++++++++++++++ json/authelia.json | 34 +++++++++++++++ 3 files changed, 173 insertions(+) create mode 100644 ct/authelia.sh create mode 100644 install/authelia-install.sh create mode 100644 json/authelia.json diff --git a/ct/authelia.sh b/ct/authelia.sh new file mode 100644 index 000000000..5e4dd6489 --- /dev/null +++ b/ct/authelia.sh @@ -0,0 +1,55 @@ +#!/usr/bin/env bash +source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) +# Copyright (c) 2021-2025 community-scripts ORG +# Author: thost96 (thost96) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.authelia.com/ + +APP="Authelia" +TAGS="" +var_cpu="1" +var_ram="512" +var_disk="2" +var_os="debian" +var_version="12" +var_unprivileged="1" + +header_info "$APP" +base_settings + +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + if [[ ! -d "/etc/authelia/" ]]; then msg_error "No ${APP} Installation Found!"; exit; fi + RELEASE=$(curl -s https://api.github.com/repos/authelia/authelia/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') + if [[ "${RELEASE}" != "$(/usr/bin/authelia -v | awk '{print substr($3, 2, length($2)) }' )" ]]; then + msg_info "Updating $APP to ${RELEASE}" + apt-get update &>/dev/null + apt-get -y upgrade &>/dev/null + wget -q "https://github.com/authelia/authelia/releases/download/${RELEASE}/authelia_${RELEASE}_amd64.deb" + dpkg -i "authelia_${RELEASE}_amd64.deb" &>/dev/null + msg_info "Cleaning Up" + rm -f "authelia_${RELEASE}_amd64.deb" + apt-get -y autoremove &>/dev/null + apt-get -y autoclean &>/dev/null + msg_ok "Cleanup Completed" + msg_ok "Updated $APP to ${RELEASE}" + else + msg_ok "No update required. ${APP} is already at ${RELEASE}" + fi + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:9091${CL}" diff --git a/install/authelia-install.sh b/install/authelia-install.sh new file mode 100644 index 000000000..81ccfa3e6 --- /dev/null +++ b/install/authelia-install.sh @@ -0,0 +1,84 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: thost96 (thost96) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.authelia.com/ + +source /dev/stdin <<< "$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing Dependencies" +$STD apt-get install -y \ + curl \ + sudo \ + mc +msg_ok "Installed Dependencies" + +msg_info "Installing Authelia" +RELEASE=$(curl -s https://api.github.com/repos/authelia/authelia/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }') +wget -q "https://github.com/authelia/authelia/releases/download/${RELEASE}/authelia_${RELEASE}_amd64.deb" +$STD dpkg -i "authelia_${RELEASE}_amd64.deb" +msg_ok "Install Authelia completed" + +msg_info "Setting Authelia up" +touch /etc/authelia/emails.txt +JWT_SECRET=$(openssl rand -hex 64) +SESSION_SECRET=$(openssl rand -hex 64) +STORAGE_KEY=$(openssl rand -hex 64) +DOMAIN=$(hostname -d) + +cat </etc/authelia/users.yml +users: + authelia: + disabled: false + displayname: "Authelia Admin" + password: "$argon2id$v=19$m=65536,t=3,p=4$ZBopMzXrzhHXPEZxRDVT2w$SxWm96DwhOsZyn34DLocwQEIb4kCDsk632PuiMdZnig" + groups: [] +EOF + +cat </etc/authelia/configuration.yml +authentication_backend: + file: + path: /etc/authelia/users.yml +access_control: + default_policy: one_factor +session: + secret: "${SESSION_SECRET}" + name: 'authelia_session' + same_site: 'lax' + inactivity: '5m' + expiration: '1h' + remember_me: '1M' + cookies: + - domain: "${DOMAIN}" + authelia_url: "https://auth.${DOMAIN}" +storage: + encryption_key: "${STORAGE_KEY}" + local: + path: /etc/authelia/db.sqlite +identity_validation: + reset_password: + jwt_secret: "${JWT_SECRET}" + jwt_lifespan: '5 minutes' + jwt_algorithm: 'HS256' +notifier: + filesystem: + filename: /etc/authelia/emails.txt +EOF +systemctl enable -q --now authelia +msg_ok "Authelia Setup completed" + +motd_ssh +customize + +msg_info "Cleaning up" +rm -f "authelia_${RELEASE}_amd64.deb" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned" diff --git a/json/authelia.json b/json/authelia.json new file mode 100644 index 000000000..dcdb922a6 --- /dev/null +++ b/json/authelia.json @@ -0,0 +1,34 @@ +{ + "name": "Authelia", + "slug": "authelia", + "categories": [ + 6 + ], + "date_created": "2025-02-05", + "type": "ct", + "updateable": true, + "privileged": false, + "interface_port": 9091, + "documentation": "https://www.authelia.com/integration/deployment/bare-metal/", + "website": "https://www.authelia.com/", + "logo": "https://www.authelia.com/images/branding/logo.png", + "description": "Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.", + "install_methods": [ + { + "type": "default", + "script": "ct/authelia.sh", + "resources": { + "cpu": 1, + "ram": 512, + "hdd": 2, + "os": "Debian", + "version": "12" + } + } + ], + "default_credentials": { + "username": "authelia", + "password": "authelia" + }, + "notes": [] + } \ No newline at end of file