mirror of
https://github.com/angristan/openvpn-install.git
synced 2024-11-14 21:09:03 +01:00
parent
f023de298d
commit
7ba776ce7a
36
README.md
36
README.md
@ -43,20 +43,34 @@ It's also possible to run the script headless, e.g. without waiting for user inp
|
||||
|
||||
Example usage:
|
||||
```bash
|
||||
export APPROVE_INSTALL=y
|
||||
export APPROVE_IP=y
|
||||
export IPV6_SUPPORT=n
|
||||
export PORT_CHOICE=1
|
||||
export PROTOCOL_CHOICE=1
|
||||
export DNS=1
|
||||
export COMPRESSION_ENABLED=n
|
||||
export CUSTOMIZE_ENC=n
|
||||
export CLIENT=clientname
|
||||
export PASS=1
|
||||
AUTO_INSTALL=y ./openvpn-install.sh
|
||||
|
||||
# or
|
||||
|
||||
export AUTO_INSTALL=y
|
||||
./openvpn-install.sh
|
||||
```
|
||||
|
||||
If the server is behind NAT, you can specify its endpoint with the `PUBLICIP` variable. It the endpoint is the public IP address which it is behind, you can use `export PUBLICIP=$(curl ifconfig.co)`.
|
||||
A default set of variables will then be set, by passing the need for user input.
|
||||
|
||||
If you want to customise your installation, you can export them or specify them on the same line, as shown above.
|
||||
|
||||
- `APPROVE_INSTALL=y`
|
||||
- `APPROVE_IP=y`
|
||||
- `IPV6_SUPPORT=n`
|
||||
- `PORT_CHOICE=1`
|
||||
- `PROTOCOL_CHOICE=1`
|
||||
- `DNS=1`
|
||||
- `COMPRESSION_ENABLED=n`
|
||||
- `CUSTOMIZE_ENC=n`
|
||||
- `CLIENT=clientname`
|
||||
- `PASS=1`
|
||||
|
||||
If the server is behind NAT, you can specify its endpoint with the `ENDPOINT` variable. It the endpoint is the public IP address which it is behind, you can use `ENDPOINT=$(curl ifconfig.co)` (the script will default to this.)
|
||||
|
||||
Other variables can be set depending on your choice (encryption, compression). You can search for then in the `installQuestions()` function of the script.
|
||||
|
||||
Password-protected clients are not supported by the headless installation method since user input is expected by OpenSSL.
|
||||
|
||||
## Features
|
||||
|
||||
|
@ -206,8 +206,8 @@ function installQuestions () {
|
||||
echo ""
|
||||
echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
|
||||
echo "We need it for the clients to connect to the server."
|
||||
until [[ "$PUBLICIP" != "" ]]; do
|
||||
read -rp "Public IPv4 address or hostname: " -e PUBLICIP
|
||||
until [[ "$ENDPOINT" != "" ]]; do
|
||||
read -rp "Public IPv4 address or hostname: " -e ENDPOINT
|
||||
done
|
||||
fi
|
||||
|
||||
@ -556,8 +556,26 @@ function installQuestions () {
|
||||
}
|
||||
|
||||
function installOpenVPN () {
|
||||
# Run setup questions first
|
||||
installQuestions
|
||||
if [[ $AUTO_INSTALL == "y" ]]; then
|
||||
# Set default choices so that no questions will be asked.
|
||||
APPROVE_INSTALL=${APPROVE_INSTALL:-y}
|
||||
APPROVE_IP=${APPROVE_IP:-y}
|
||||
IPV6_SUPPORT=${IPV6_SUPPORT:-n}
|
||||
PORT_CHOICE=${PORT_CHOICE:-1}
|
||||
PROTOCOL_CHOICE=${PROTOCOL_CHOICE:-1}
|
||||
DNS=${DNS:-1}
|
||||
COMPRESSION_ENABLED=${COMPRESSION_ENABLED:-n}
|
||||
CUSTOMIZE_ENC=${CUSTOMIZE_ENC:-n}
|
||||
CLIENT=${CLIENT:-client}
|
||||
PASS=${PASS:-1}
|
||||
|
||||
# Behind NAT, we'll default to the publicly reachable IPv4.
|
||||
PUBLIC_IPV4=$(curl ifconfig.co)
|
||||
ENDPOINT=${ENDPOINT:-PUBLIC_IPV4}
|
||||
else
|
||||
# Run setup questions first
|
||||
installQuestions
|
||||
fi
|
||||
|
||||
# Get the "public" interface from the default route
|
||||
NIC=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)
|
||||
@ -905,8 +923,8 @@ WantedBy=multi-user.target" > /etc/systemd/system/iptables-openvpn.service
|
||||
systemctl start iptables-openvpn
|
||||
|
||||
# If the server is behind a NAT, use the correct IP address for the clients to connect to
|
||||
if [[ "$PUBLICIP" != "" ]]; then
|
||||
IP=$PUBLICIP
|
||||
if [[ "$ENDPOINT" != "" ]]; then
|
||||
IP=$ENDPOINT
|
||||
fi
|
||||
|
||||
# client-template.txt is created so we have a template to add further users later
|
||||
|
Loading…
Reference in New Issue
Block a user