Improve automated install (#395)

#390 follow up, fixes #261
This commit is contained in:
Stanislas 2019-02-25 21:30:46 +01:00 committed by GitHub
parent f023de298d
commit 7ba776ce7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 49 additions and 17 deletions

View File

@ -43,20 +43,34 @@ It's also possible to run the script headless, e.g. without waiting for user inp
Example usage:
```bash
export APPROVE_INSTALL=y
export APPROVE_IP=y
export IPV6_SUPPORT=n
export PORT_CHOICE=1
export PROTOCOL_CHOICE=1
export DNS=1
export COMPRESSION_ENABLED=n
export CUSTOMIZE_ENC=n
export CLIENT=clientname
export PASS=1
AUTO_INSTALL=y ./openvpn-install.sh
# or
export AUTO_INSTALL=y
./openvpn-install.sh
```
If the server is behind NAT, you can specify its endpoint with the `PUBLICIP` variable. It the endpoint is the public IP address which it is behind, you can use `export PUBLICIP=$(curl ifconfig.co)`.
A default set of variables will then be set, by passing the need for user input.
If you want to customise your installation, you can export them or specify them on the same line, as shown above.
- `APPROVE_INSTALL=y`
- `APPROVE_IP=y`
- `IPV6_SUPPORT=n`
- `PORT_CHOICE=1`
- `PROTOCOL_CHOICE=1`
- `DNS=1`
- `COMPRESSION_ENABLED=n`
- `CUSTOMIZE_ENC=n`
- `CLIENT=clientname`
- `PASS=1`
If the server is behind NAT, you can specify its endpoint with the `ENDPOINT` variable. It the endpoint is the public IP address which it is behind, you can use `ENDPOINT=$(curl ifconfig.co)` (the script will default to this.)
Other variables can be set depending on your choice (encryption, compression). You can search for then in the `installQuestions()` function of the script.
Password-protected clients are not supported by the headless installation method since user input is expected by OpenSSL.
## Features

View File

@ -206,8 +206,8 @@ function installQuestions () {
echo ""
echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
echo "We need it for the clients to connect to the server."
until [[ "$PUBLICIP" != "" ]]; do
read -rp "Public IPv4 address or hostname: " -e PUBLICIP
until [[ "$ENDPOINT" != "" ]]; do
read -rp "Public IPv4 address or hostname: " -e ENDPOINT
done
fi
@ -556,8 +556,26 @@ function installQuestions () {
}
function installOpenVPN () {
# Run setup questions first
installQuestions
if [[ $AUTO_INSTALL == "y" ]]; then
# Set default choices so that no questions will be asked.
APPROVE_INSTALL=${APPROVE_INSTALL:-y}
APPROVE_IP=${APPROVE_IP:-y}
IPV6_SUPPORT=${IPV6_SUPPORT:-n}
PORT_CHOICE=${PORT_CHOICE:-1}
PROTOCOL_CHOICE=${PROTOCOL_CHOICE:-1}
DNS=${DNS:-1}
COMPRESSION_ENABLED=${COMPRESSION_ENABLED:-n}
CUSTOMIZE_ENC=${CUSTOMIZE_ENC:-n}
CLIENT=${CLIENT:-client}
PASS=${PASS:-1}
# Behind NAT, we'll default to the publicly reachable IPv4.
PUBLIC_IPV4=$(curl ifconfig.co)
ENDPOINT=${ENDPOINT:-PUBLIC_IPV4}
else
# Run setup questions first
installQuestions
fi
# Get the "public" interface from the default route
NIC=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)
@ -905,8 +923,8 @@ WantedBy=multi-user.target" > /etc/systemd/system/iptables-openvpn.service
systemctl start iptables-openvpn
# If the server is behind a NAT, use the correct IP address for the clients to connect to
if [[ "$PUBLICIP" != "" ]]; then
IP=$PUBLICIP
if [[ "$ENDPOINT" != "" ]]; then
IP=$ENDPOINT
fi
# client-template.txt is created so we have a template to add further users later