From 358e80b5a6363bd7adb1a968a51cfd17ef762d43 Mon Sep 17 00:00:00 2001 From: TheKinrar Date: Thu, 24 Nov 2016 19:37:45 +0100 Subject: [PATCH] sysctl fix, again. --- openvpn-install.sh | 51 ++++++++++++++++++++++++++-------------------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 4c5980f..8ed27b0 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -24,6 +24,7 @@ if [[ -e /etc/debian_version ]]; then # Getting the version number, to verify that a recent version of OpenVPN is available VERSION_ID=$(cat /etc/os-release | grep "VERSION_ID") RCLOCAL='/etc/rc.local' + SYSCTL='/etc/sysctl.conf' if [[ "$VERSION_ID" != 'VERSION_ID="7"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="8"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="12.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="14.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.10"' ]]; then echo "Your version of Debian/Ubuntu is not supported." echo "I can't install a recent version of OpenVPN on your system." @@ -42,35 +43,18 @@ if [[ -e /etc/debian_version ]]; then elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then OS=centos RCLOCAL='/etc/rc.d/rc.local' + SYSCTL='/etc/sysctl.conf' # Needed for CentOS 7 chmod +x /etc/rc.d/rc.local elif [[ -e /etc/arch-release ]]; then OS=arch RCLOCAL='/etc/rc.local' - # Needed for rc.local support on ArchLinux - echo "[Unit] -Description=/etc/rc.local compatibility - -[Service] -Type=oneshot -ExecStart=/etc/rc.local -RemainAfterExit=yes - -[Install] -WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service - systemctl enable rc-local.service - if ! grep '#!' $RCLOCAL; then - echo "#!/bin/bash" > $RCLOCAL - fi + SYSCTL='/etc/sysctl.d/openvpn.conf' else echo "Looks like you aren't running this installer on a Debian, Ubuntu, CentOS or ArchLinux system" exit 4 fi -if [[ ! -e /etc/sysctl.conf ]]; then - touch /etc/sysctl.conf -fi - newclient () { # Generates the custom client.ovpn cp /etc/openvpn/client-common.txt ~/$1.ovpn @@ -258,6 +242,29 @@ else echo "" echo "Okay, that was all I needed. We are ready to setup your OpenVPN server now" read -n1 -r -p "Press any key to continue..." + + if [[ "$OS" = 'arch' ]]; then + # Needed for rc.local support on ArchLinux + echo "[Unit] + Description=/etc/rc.local compatibility + + [Service] + Type=oneshot + ExecStart=/etc/rc.local + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service + systemctl enable rc-local.service + if ! grep '#!' $RCLOCAL; then + echo "#!/bin/bash" > $RCLOCAL + fi + fi + + if [[ ! -e $SYSCTL ]]; then + touch $SYSCTL + fi + if [[ "$OS" = 'debian' ]]; then apt-get install ca-certificates -y # We add the OpenVPN repo to get the latest version. @@ -415,9 +422,9 @@ crl-verify crl.pem tls-server tls-auth tls-auth.key 0" >> /etc/openvpn/server.conf # Enable net.ipv4.ip_forward for the system - sed -i '/\/c\net.ipv4.ip_forward=1' /etc/sysctl.conf - if ! grep -q "\" /etc/sysctl.conf; then - echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf + sed -i '/\/c\net.ipv4.ip_forward=1' $SYSCTL + if ! grep -q "\" $SYSCTL; then + echo 'net.ipv4.ip_forward=1' >> $SYSCTL fi # Avoid an unneeded reboot echo 1 > /proc/sys/net/ipv4/ip_forward