Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2025-01-31 02:51:31 +01:00
Code Issues Projects Releases Wiki Activity

sysctl fix, again.

Browse Source
This commit is contained in:
TheKinrar 2016-11-24 19:37:45 +01:00
parent cc657fa459
commit 358e80b5a6
1 changed files with 29 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
openvpn-install.sh
View File

@ -24,6 +24,7 @@ if [[ -e /etc/debian_version ]]; then
# Getting the version number, to verify that a recent version of OpenVPN is available # Getting the version number, to verify that a recent version of OpenVPN is available
VERSION_ID=$(cat /etc/os-release | grep "VERSION_ID") VERSION_ID=$(cat /etc/os-release | grep "VERSION_ID")
RCLOCAL='/etc/rc.local' RCLOCAL='/etc/rc.local'
SYSCTL='/etc/sysctl.conf'
if [[ "$VERSION_ID" != 'VERSION_ID="7"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="8"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="12.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="14.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.10"' ]]; then if [[ "$VERSION_ID" != 'VERSION_ID="7"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="8"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="12.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="14.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.10"' ]]; then
echo "Your version of Debian/Ubuntu is not supported." echo "Your version of Debian/Ubuntu is not supported."
echo "I can't install a recent version of OpenVPN on your system." echo "I can't install a recent version of OpenVPN on your system."
@ -42,35 +43,18 @@ if [[ -e /etc/debian_version ]]; then
elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then
OS=centos OS=centos
RCLOCAL='/etc/rc.d/rc.local' RCLOCAL='/etc/rc.d/rc.local'
SYSCTL='/etc/sysctl.conf'
# Needed for CentOS 7 # Needed for CentOS 7
chmod +x /etc/rc.d/rc.local chmod +x /etc/rc.d/rc.local
elif [[ -e /etc/arch-release ]]; then elif [[ -e /etc/arch-release ]]; then
OS=arch OS=arch
RCLOCAL='/etc/rc.local' RCLOCAL='/etc/rc.local'
# Needed for rc.local support on ArchLinux SYSCTL='/etc/sysctl.d/openvpn.conf'
echo "[Unit]
Description=/etc/rc.local compatibility
[Service]
Type=oneshot
ExecStart=/etc/rc.local
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
systemctl enable rc-local.service
if ! grep '#!' $RCLOCAL; then
echo "#!/bin/bash" > $RCLOCAL
fi
else else
echo "Looks like you aren't running this installer on a Debian, Ubuntu, CentOS or ArchLinux system" echo "Looks like you aren't running this installer on a Debian, Ubuntu, CentOS or ArchLinux system"
exit 4 exit 4
fi fi
if [[ ! -e /etc/sysctl.conf ]]; then
touch /etc/sysctl.conf
fi
newclient () { newclient () {
# Generates the custom client.ovpn # Generates the custom client.ovpn
cp /etc/openvpn/client-common.txt ~/$1.ovpn cp /etc/openvpn/client-common.txt ~/$1.ovpn
@ -258,6 +242,29 @@ else
echo "" echo ""
echo "Okay, that was all I needed. We are ready to setup your OpenVPN server now" echo "Okay, that was all I needed. We are ready to setup your OpenVPN server now"
read -n1 -r -p "Press any key to continue..." read -n1 -r -p "Press any key to continue..."
if [[ "$OS" = 'arch' ]]; then
# Needed for rc.local support on ArchLinux
echo "[Unit]
Description=/etc/rc.local compatibility
[Service]
Type=oneshot
ExecStart=/etc/rc.local
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
systemctl enable rc-local.service
if ! grep '#!' $RCLOCAL; then
echo "#!/bin/bash" > $RCLOCAL
fi
fi
if [[ ! -e $SYSCTL ]]; then
touch $SYSCTL
fi
if [[ "$OS" = 'debian' ]]; then if [[ "$OS" = 'debian' ]]; then
apt-get install ca-certificates -y apt-get install ca-certificates -y
# We add the OpenVPN repo to get the latest version. # We add the OpenVPN repo to get the latest version.
@ -415,9 +422,9 @@ crl-verify crl.pem
tls-server tls-server
tls-auth tls-auth.key 0" >> /etc/openvpn/server.conf tls-auth tls-auth.key 0" >> /etc/openvpn/server.conf
# Enable net.ipv4.ip_forward for the system # Enable net.ipv4.ip_forward for the system
sed -i '/\<net.ipv4.ip_forward\>/c\net.ipv4.ip_forward=1' /etc/sysctl.conf sed -i '/\<net.ipv4.ip_forward\>/c\net.ipv4.ip_forward=1' $SYSCTL
if ! grep -q "\<net.ipv4.ip_forward\>" /etc/sysctl.conf; then if ! grep -q "\<net.ipv4.ip_forward\>" $SYSCTL; then
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf echo 'net.ipv4.ip_forward=1' >> $SYSCTL
fi fi
# Avoid an unneeded reboot # Avoid an unneeded reboot
echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/ip_forward