From 56660eefeb31293ef4c1a6c5c1e2984d874122d1 Mon Sep 17 00:00:00 2001
From: xiahare <45806405+xiahare@users.noreply.github.com>
Date: Thu, 7 Nov 2024 11:39:28 -0800
Subject: [PATCH 1/5] Fix public IP detection: ip.seeip.org has been changed to
 api.seeip.org (#1252)

---
 openvpn-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 6c6a647..d9397b1 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -627,11 +627,11 @@ function installOpenVPN() {
 
 		# Behind NAT, we'll default to the publicly reachable IPv4/IPv6.
 		if [[ $IPV6_SUPPORT == "y" ]]; then
-			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused https://ip.seeip.org); then
+			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused https://api.seeip.org); then
 				PUBLIC_IP=$(dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
 			fi
 		else
-			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused -4 https://ip.seeip.org); then
+			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused -4 https://api.seeip.org); then
 				PUBLIC_IP=$(dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
 			fi
 		fi

From 0d58ddcb8c5c3c096416a4b059972451f88ed369 Mon Sep 17 00:00:00 2001
From: Stanislas Lange <git@slange.me>
Date: Thu, 7 Nov 2024 20:46:47 +0100
Subject: [PATCH 2/5] Update distribution matrix for end-to-end tests

---
 .github/workflows/test.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index ab3ecf5..198ff23 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -13,13 +13,12 @@ jobs:
     strategy:
       matrix:
         os-image:
-          - debian-10-x64
           - debian-11-x64
           - debian-12-x64
-          - ubuntu-20-04-x64
           - ubuntu-22-04-x64
           - ubuntu-24-04-x64
           - fedora-39-x64
+          - fedora-40-x64
           - centos-7-x64
           # - centos-stream-9-x64 # yum oomkill
     steps:

From dc114f324374b15c337674bedc986e4f6248f08e Mon Sep 17 00:00:00 2001
From: Stanislas Lange <git@slange.me>
Date: Thu, 7 Nov 2024 20:49:42 +0100
Subject: [PATCH 3/5] Update distribution matrix for end-to-end tests

---
 .github/workflows/test.yml |  1 -
 README.md                  | 20 ++++++++++----------
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 198ff23..5579a11 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -19,7 +19,6 @@ jobs:
           - ubuntu-24-04-x64
           - fedora-39-x64
           - fedora-40-x64
-          - centos-7-x64
           # - centos-stream-9-x64 # yum oomkill
     steps:
       - uses: actions/checkout@v4
diff --git a/README.md b/README.md
index dd83d6a..0f3a539 100644
--- a/README.md
+++ b/README.md
@@ -117,16 +117,16 @@ The script supports these Linux distributions:
 
 |                    | Support |
 | ------------------ | ------- |
-| AlmaLinux 8        | ✅      |
-| Amazon Linux 2     | ✅      |
-| Arch Linux         | ✅      |
-| CentOS 7           | ✅ 🤖   |
-| CentOS Stream >= 8 | ✅ 🤖   |
-| Debian >= 10       | ✅ 🤖   |
-| Fedora >= 35       | ✅ 🤖   |
-| Oracle Linux 8     | ✅      |
-| Rocky Linux 8      | ✅      |
-| Ubuntu >= 18.04    | ✅ 🤖   |
+| AlmaLinux 8        | ✅       |
+| Amazon Linux 2     | ✅       |
+| Arch Linux         | ✅       |
+| CentOS 7           | ✅       |
+| CentOS Stream >= 8 | ✅ 🤖     |
+| Debian >= 10       | ✅ 🤖     |
+| Fedora >= 35       | ✅ 🤖     |
+| Oracle Linux 8     | ✅       |
+| Rocky Linux 8      | ✅       |
+| Ubuntu >= 18.04    | ✅ 🤖     |
 
 To be noted:
 

From e1f19e0f246c4e429dbf32bdf0a0a507d8ac194b Mon Sep 17 00:00:00 2001
From: Raphael Pinto <raphaelcpinto@gmail.com>
Date: Thu, 7 Nov 2024 19:55:14 +0000
Subject: [PATCH 4/5] Fix Public IP detection - Fix issue when seeip.org is
 unreachable #1241 (#1243)

The script does work when seeip.org is unreachable, so I changed the policy to define the public IP.

It solves the issue #1241

* Timeout limit on each try to solve the IP to avoid long waits;
* Extra public IP providers as failovers;
* the script only will try to solve an IP if the ENDPOINT is empty;

Co-authored-by: Stanislas <github@slange.me>
---
 openvpn-install.sh | 58 ++++++++++++++++++++++++++++++++++++----------
 1 file changed, 46 insertions(+), 12 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index d9397b1..a0e04a4 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -216,6 +216,45 @@ access-control: fd42:42:42:42::/112 allow' >>/etc/unbound/openvpn.conf
 	systemctl restart unbound
 }
 
+function resolvePublicIP() {
+	# IP version flags, we'll use as default the IPv4
+	CURL_IP_VERSION_FLAG="-4"
+	DIG_IP_VERSION_FLAG="-4"
+
+	# Behind NAT, we'll default to the publicly reachable IPv4/IPv6.
+	if [[ $IPV6_SUPPORT == "y" ]]; then
+		CURL_IP_VERSION_FLAG=""
+		DIG_IP_VERSION_FLAG="-6"
+	fi
+
+	# If there is no public ip yet, we'll try to solve it using: https://api.seeip.org
+	if [[ -z $PUBLIC_IP ]]; then
+		PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://api.seeip.org 2>/dev/null)
+	fi
+
+	# If there is no public ip yet, we'll try to solve it using: https://ifconfig.me
+	if [[ -z $PUBLIC_IP ]]; then
+		PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://ifconfig.me 2>/dev/null)
+	fi
+
+	# If there is no public ip yet, we'll try to solve it using: https://api.ipify.org
+	if [[ -z $PUBLIC_IP ]]; then
+		PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://api.ipify.org 2>/dev/null)
+	fi
+
+	# If there is no public ip yet, we'll try to solve it using: ns1.google.com
+	if [[ -z $PUBLIC_IP ]]; then
+		PUBLIC_IP=$(dig $DIG_IP_VERSION_FLAG TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
+	fi
+
+	if [[ -z $PUBLIC_IP ]]; then
+		echo >&2 echo "Couldn't solve the public IP"
+		exit 1
+	fi
+
+	echo "$PUBLIC_IP"
+}
+
 function installQuestions() {
 	echo "Welcome to the OpenVPN installer!"
 	echo "The git repository is available at: https://github.com/angristan/openvpn-install"
@@ -244,9 +283,12 @@ function installQuestions() {
 		echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
 		echo "We need it for the clients to connect to the server."
 
-		PUBLICIP=$(curl -s https://api.ipify.org)
+		if [[ -z $ENDPOINT ]]; then
+			DEFAULT_ENDPOINT=$(resolvePublicIP)
+		fi
+
 		until [[ $ENDPOINT != "" ]]; do
-			read -rp "Public IPv4 address or hostname: " -e -i "$PUBLICIP" ENDPOINT
+			read -rp "Public IPv4 address or hostname: " -e -i "$DEFAULT_ENDPOINT" ENDPOINT
 		done
 	fi
 
@@ -625,17 +667,9 @@ function installOpenVPN() {
 		PASS=${PASS:-1}
 		CONTINUE=${CONTINUE:-y}
 
-		# Behind NAT, we'll default to the publicly reachable IPv4/IPv6.
-		if [[ $IPV6_SUPPORT == "y" ]]; then
-			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused https://api.seeip.org); then
-				PUBLIC_IP=$(dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
-			fi
-		else
-			if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused -4 https://api.seeip.org); then
-				PUBLIC_IP=$(dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
-			fi
+		if [[ -z $ENDPOINT ]]; then
+			ENDPOINT=$(resolvePublicIP)
 		fi
-		ENDPOINT=${ENDPOINT:-$PUBLIC_IP}
 	fi
 
 	# Run setup questions first, and set other variables if auto-install

From e2d4990ae194e37fd5162168a8aac5e2d89e0e8d Mon Sep 17 00:00:00 2001
From: Stanislas Lange <git@slange.me>
Date: Mon, 6 Jan 2025 17:25:21 +0100
Subject: [PATCH 5/5] Improve README

---
 README.md | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 0f3a539..e670650 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,25 @@ This script will let you setup your own secure VPN server in just a few seconds.
 
 You can also check out [wireguard-install](https://github.com/angristan/wireguard-install), a simple installer for a simpler, safer, faster and more modern VPN protocol.
 
+## What is this?
+
+This script is meant to be run on your own server, whether it's a VPS or a dedicated server, or even a computer at home.
+
+Once set up, you will be able to generate client configuration files for every device you want to connect.
+
+Each client will be able to route its internet traffic through the server, fully encrypted.
+
+```mermaid
+graph LR
+  A[Phone] --> VPN
+  B[Laptop] --> VPN
+  C[Computer] --> VPN
+
+  VPN[OpenVPN Server]
+
+  VPN -->|Encrypted Traffic| I[Internet]
+```
+
 ## Usage
 
 First, get the script and make it executable:
@@ -37,9 +56,7 @@ When OpenVPN is installed, you can run the script again, and you will get the ch
 
 In your home directory, you will have `.ovpn` files. These are the client configuration files. Download them from your server and connect using your favorite OpenVPN client.
 
-If you have any question, head to the [FAQ](#faq) first. Please read everything before opening an issue.
-
-**PLEASE do not send me emails or private messages asking for help.** The only place to get help is the issues. Other people may be able to help and in the future, other users may also run into the same issue as you. My time is not available for free just for you, you're not special.
+If you have any question, head to the [FAQ](#faq) first. And if you need help, you can open a [discussion](https://github.com/angristan/openvpn-install/discussions). Please search existing issues and dicussions first.
 
 ### Headless install