mirror of
https://github.com/angristan/openvpn-install.git
synced 2024-12-04 06:25:33 +01:00
Merge branch 'angristan:master' into own_ip
This commit is contained in:
commit
9b3bb634ea
3
.github/FUNDING.yml
vendored
3
.github/FUNDING.yml
vendored
@ -1,5 +1,2 @@
|
||||
patreon: stanislas
|
||||
liberapay: stanislas
|
||||
ko_fi: stanislas
|
||||
github: angristan
|
||||
custom: https://coindrop.to/stanislas
|
||||
|
@ -1,35 +0,0 @@
|
||||
---
|
||||
name: Bug report / Support request
|
||||
about: Create a report to help us improve
|
||||
title: ''
|
||||
labels: ''
|
||||
assignees: ''
|
||||
|
||||
---
|
||||
|
||||
**⚠️ Unless you are sure you find a bug with the script, please open a [discussion](https://github.com/angristan/openvpn-install/discussions) instead of an issue!**
|
||||
|
||||
**Checklist**
|
||||
|
||||
- [ ] I read the [README](https://github.com/angristan/openvpn-install/blob/master/README.md)
|
||||
- [ ] I read the [FAQ](https://github.com/angristan/openvpn-install/blob/master/FAQ.md)
|
||||
- [ ] I searched the [issues](https://github.com/angristan/openvpn-install/issues?q=is%3Aissue+)
|
||||
- [ ] I searched the [discussion](https://github.com/angristan/openvpn-install/discussions)
|
||||
- [ ] My issue is about the script, and not OpenVPN itself
|
||||
|
||||
<!---
|
||||
If you need help with OpenVPN itself, please us the [community forums](https://forums.openvpn.net/) or [Stack Overflow](https://stackoverflow.com/questions/tagged/openvpn)
|
||||
--->
|
||||
|
||||
Pease include as much details as possible in your issue:
|
||||
|
||||
- Description of the issue
|
||||
- How to reproduce the issue
|
||||
- What did you expected should happen
|
||||
- Logs
|
||||
- Server/Client versions (OS, OpenVPN, etc)
|
||||
- Any context or information that could help
|
||||
|
||||
---
|
||||
|
||||
<!-- Write your report below this line -->
|
74
.github/ISSUE_TEMPLATE/bug.yml
vendored
Normal file
74
.github/ISSUE_TEMPLATE/bug.yml
vendored
Normal file
@ -0,0 +1,74 @@
|
||||
name: Bug Report
|
||||
description: File a bug report
|
||||
title: "[Bug]: "
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
Thanks for taking the time to fill out this bug report!
|
||||
|
||||
**PLEASE** prioritise these communities before opening an issue.
|
||||
- https://forums.openvpn.net
|
||||
- https://stackoverflow.com/questions/tagged/openvpn
|
||||
- https://github.com/angristan/openvpn-install/discussions
|
||||
|
||||
⚠️ **ANY ISSUE THAT IS NOT CLEARLY A BUG REPORT WILL BE CLOSED AND/OR CONVERTED TO A DISCUSSION.**
|
||||
|
||||
- type: checkboxes
|
||||
id: pre
|
||||
attributes:
|
||||
label: Make sure your check these beforehand!
|
||||
description: Search before opening an issue.
|
||||
options:
|
||||
- label: Issues - https://github.com/angristan/openvpn-install/issues
|
||||
required: true
|
||||
- label: README and FAQ - https://github.com/angristan/openvpn-install
|
||||
required: true
|
||||
- label: Wiki - https://github.com/angristan/openvpn-install/wiki
|
||||
required: true
|
||||
- label: Discussions - https://github.com/angristan/openvpn-install/discussions
|
||||
required: true
|
||||
|
||||
- type: input
|
||||
id: server
|
||||
attributes:
|
||||
label: Server OS
|
||||
description: What OS is the OpenVPN server running on?
|
||||
placeholder: Debian 10
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: input
|
||||
id: openvpn
|
||||
attributes:
|
||||
label: OpenVPN version
|
||||
description: What OpenVPN version is running on your server?
|
||||
placeholder: 2.5.0
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: input
|
||||
id: client
|
||||
attributes:
|
||||
label: Client
|
||||
description: What OS and client are you using? Please specify the versions.
|
||||
placeholder: Viscosity 1.10.1 on macOS 12.1
|
||||
validations:
|
||||
required: false
|
||||
|
||||
- type: textarea
|
||||
id: issue
|
||||
attributes:
|
||||
label: What is the bug?
|
||||
description: Also tell us, what did you expect to happen?
|
||||
placeholder: Tell us what you see!
|
||||
value: "A bug happened!"
|
||||
validations:
|
||||
required: true
|
||||
|
||||
- type: textarea
|
||||
id: logs
|
||||
attributes:
|
||||
label: Relevant log output
|
||||
description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
|
||||
render: shell
|
22
.github/ISSUE_TEMPLATE/feature-request.md
vendored
22
.github/ISSUE_TEMPLATE/feature-request.md
vendored
@ -1,10 +1,9 @@
|
||||
---
|
||||
name: Feature request
|
||||
about: Suggest an idea for this project
|
||||
title: ''
|
||||
labels: ''
|
||||
assignees: ''
|
||||
|
||||
title: ""
|
||||
labels: ""
|
||||
assignees: ""
|
||||
---
|
||||
|
||||
**Checklist**
|
||||
@ -15,17 +14,8 @@ assignees: ''
|
||||
- [ ] My issue is about the script, and not OpenVPN itself
|
||||
|
||||
<!---
|
||||
⚠️
|
||||
If you need help with OpenVPN itself, please us the [community forums](https://forums.openvpn.net/) or [Stack Overflow](https://stackoverflow.com/questions/tagged/openvpn)
|
||||
PLEASE OPEN A DISCUSSION INSTEAD: https://github.com/angristan/openvpn-install/discussions
|
||||
⚠️
|
||||
--->
|
||||
|
||||
**Is your feature request related to a problem? Please describe.**
|
||||
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
|
||||
|
||||
**Describe the solution you'd like**
|
||||
A clear and concise description of what you want to happen.
|
||||
|
||||
**Describe alternatives you've considered**
|
||||
A clear and concise description of any alternative solutions or features you've considered.
|
||||
|
||||
**Additional context**
|
||||
Add any other context or screenshots about the feature request here.
|
||||
|
2
.github/linters/.markdown-lint.yml
vendored
2
.github/linters/.markdown-lint.yml
vendored
@ -1 +1 @@
|
||||
{ 'MD013': null, 'MD045': null, 'MD040': null, 'MD036': null }
|
||||
{ "MD013": null, "MD045": null, "MD040": null, "MD036": null }
|
||||
|
2
.github/workflows/lint.yml
vendored
2
.github/workflows/lint.yml
vendored
@ -7,7 +7,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v2.3.4
|
||||
uses: actions/checkout@v3.0.2
|
||||
- name: Lint Code Base
|
||||
uses: github/super-linter@v4.1.0
|
||||
env:
|
||||
|
10
.github/workflows/test.yml
vendored
10
.github/workflows/test.yml
vendored
@ -13,16 +13,14 @@ jobs:
|
||||
os-image:
|
||||
- debian-9-x64
|
||||
- debian-10-x64
|
||||
- debian-11-x64
|
||||
- ubuntu-18-04-x64
|
||||
- ubuntu-20-04-x64
|
||||
- ubuntu-20-10-x64
|
||||
- ubuntu-21-04-x64
|
||||
- fedora-33-x64
|
||||
- fedora-34-x64
|
||||
- fedora-35-x64
|
||||
- centos-7-x64
|
||||
- centos-8-x64
|
||||
- centos-stream-8-x64
|
||||
steps:
|
||||
- uses: actions/checkout@v2.3.4
|
||||
- uses: actions/checkout@v3.0.2
|
||||
|
||||
- name: Setup doctl
|
||||
uses: digitalocean/action-doctl@v2
|
||||
|
@ -3,6 +3,7 @@
|
||||
![Test](https://github.com/angristan/openvpn-install/workflows/Test/badge.svg)
|
||||
![Lint](https://github.com/angristan/openvpn-install/workflows/Lint/badge.svg)
|
||||
![visitors](https://visitor-badge.glitch.me/badge?page_id=angristan.openvpn-install)
|
||||
[![Say Thanks!](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg)](https://saythanks.io/to/angristan)
|
||||
|
||||
OpenVPN installer for Debian, Ubuntu, Fedora, CentOS, Arch Linux, Oracle Linux, Rocky Linux and AlmaLinux.
|
||||
|
||||
@ -162,7 +163,7 @@ More Q&A in [FAQ.md](FAQ.md).
|
||||
|
||||
- Windows: [The official OpenVPN community client](https://openvpn.net/index.php/download/community-downloads.html).
|
||||
- Linux: The `openvpn` package from your distribution. There is an [official APT repository](https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos) for Debian/Ubuntu based distributions.
|
||||
- macOS: [Tunnelblick](https://tunnelblick.net/), [Viscosity](https://www.sparklabs.com/viscosity/).
|
||||
- macOS: [Tunnelblick](https://tunnelblick.net/), [Viscosity](https://www.sparklabs.com/viscosity/), [OpenVPN for Mac](https://openvpn.net/client-connect-vpn-for-mac-os/).
|
||||
- Android: [OpenVPN for Android](https://play.google.com/store/apps/details?id=de.blinkt.openvpn).
|
||||
- iOS: [The official OpenVPN Connect client](https://itunes.apple.com/us/app/openvpn-connect/id590379981).
|
||||
|
||||
@ -187,6 +188,7 @@ More Q&A in [FAQ.md](FAQ.md).
|
||||
Solutions that provision a ready to use OpenVPN server based on this script in one go are available for:
|
||||
|
||||
- AWS using Terraform at [`openvpn-terraform-install`](https://github.com/dumrauf/openvpn-terraform-install)
|
||||
- Terraform AWS module [`openvpn-ephemeral`](https://registry.terraform.io/modules/paulmarsicloud/openvpn-ephemeral/aws/latest)
|
||||
|
||||
## Contributing
|
||||
|
||||
@ -337,7 +339,7 @@ The script supports both and uses `tls-crypt` by default.
|
||||
|
||||
## Say thanks
|
||||
|
||||
You can [say thanks](https://saythanks.io/to/angristan%40pm.me) if you want!
|
||||
You can [say thanks](https://saythanks.io/to/angristan) if you want!
|
||||
|
||||
## Credits & Licence
|
||||
|
||||
|
@ -369,7 +369,7 @@ function installQuestions() {
|
||||
fi
|
||||
done
|
||||
echo ""
|
||||
echo "Do you want to use compression? It is not recommended since the VORACLE attack make use of it."
|
||||
echo "Do you want to use compression? It is not recommended since the VORACLE attack makes use of it."
|
||||
until [[ $COMPRESSION_ENABLED =~ (y|n) ]]; do
|
||||
read -rp"Enable compression? [y/n]: " -e -i n COMPRESSION_ENABLED
|
||||
done
|
||||
@ -640,14 +640,14 @@ function installOpenVPN() {
|
||||
|
||||
# Behind NAT, we'll default to the publicly reachable IPv4/IPv6.
|
||||
if [[ $IPV6_SUPPORT == "y" ]]; then
|
||||
PUBLIC_IP=$(curl https://ifconfig.co)
|
||||
PUBLIC_IP=$(curl --retry 5 --retry-connrefused https://ifconfig.co)
|
||||
else
|
||||
PUBLIC_IP=$(curl -4 https://ifconfig.co)
|
||||
PUBLIC_IP=$(curl --retry 5 --retry-connrefused -4 https://ifconfig.co)
|
||||
fi
|
||||
ENDPOINT=${ENDPOINT:-$PUBLIC_IP}
|
||||
fi
|
||||
|
||||
# Run setup questions first, and set other variales if auto-install
|
||||
# Run setup questions first, and set other variables if auto-install
|
||||
installQuestions
|
||||
|
||||
# Get the "public" interface from the default route
|
||||
@ -688,8 +688,9 @@ function installOpenVPN() {
|
||||
yum install -y epel-release
|
||||
yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*'
|
||||
elif [[ $OS == 'oracle' ]]; then
|
||||
yum install -y 'oracle-epel-release-*'
|
||||
yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*'
|
||||
yum install -y oracle-epel-release-el8
|
||||
yum-config-manager --enable ol8_developer_EPEL
|
||||
yum install -y openvpn iptables openssl wget ca-certificates curl tar policycoreutils-python-utils
|
||||
elif [[ $OS == 'amzn' ]]; then
|
||||
amazon-linux-extras install -y epel
|
||||
yum install -y openvpn iptables openssl wget ca-certificates curl
|
||||
@ -942,10 +943,6 @@ verb 3" >>/etc/openvpn/server.conf
|
||||
sed -i 's|LimitNPROC|#LimitNPROC|' /etc/systemd/system/openvpn-server@.service
|
||||
# Another workaround to keep using /etc/openvpn/
|
||||
sed -i 's|/etc/openvpn/server|/etc/openvpn|' /etc/systemd/system/openvpn-server@.service
|
||||
# On fedora, the service hardcodes the ciphers. We want to manage the cipher ourselves, so we remove it from the service
|
||||
if [[ $OS == "fedora" ]]; then
|
||||
sed -i 's|--cipher AES-256-GCM --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC||' /etc/systemd/system/openvpn-server@.service
|
||||
fi
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable openvpn-server@server
|
||||
@ -1198,6 +1195,7 @@ function revokeClient() {
|
||||
find /home/ -maxdepth 2 -name "$CLIENT.ovpn" -delete
|
||||
rm -f "/root/$CLIENT.ovpn"
|
||||
sed -i "/^$CLIENT,.*/d" /etc/openvpn/ipp.txt
|
||||
cp /etc/openvpn/easy-rsa/pki/index.txt{,.bk}
|
||||
|
||||
echo ""
|
||||
echo "Certificate for client $CLIENT revoked."
|
||||
|
Loading…
Reference in New Issue
Block a user