Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2026-05-05 09:48:01 +02:00
Code Issues Projects Releases Wiki Activity

fix Easy-RSA download when HOME is unset

Browse Source
This commit is contained in:
Stanislas Lange
2026-04-30 15:49:22 +02:00
committed by Stanislas
parent a6ed5e781c
commit 9ff040e6e9
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
openvpn-install.sh
View File

@@ -2715,17 +2715,20 @@ function installOpenVPN() {
# Install the latest version of easy-rsa from source, if not already installed. # Install the latest version of easy-rsa from source, if not already installed.
if [[ ! -d /etc/openvpn/server/easy-rsa/ ]]; then if [[ ! -d /etc/openvpn/server/easy-rsa/ ]]; then
run_cmd_fatal "Downloading Easy-RSA v${EASYRSA_VERSION}" curl -fL --retry 5 -o ~/easy-rsa.tgz "https://github.com/OpenVPN/easy-rsa/releases/download/v${EASYRSA_VERSION}/EasyRSA-${EASYRSA_VERSION}.tgz" local easy_rsa_archive
easy_rsa_archive=$(mktemp /tmp/easy-rsa.XXXXXX.tgz) || log_fatal "Failed to create temporary Easy-RSA archive"
run_cmd_fatal "Downloading Easy-RSA v${EASYRSA_VERSION}" curl -fL --retry 5 -o "$easy_rsa_archive" "https://github.com/OpenVPN/easy-rsa/releases/download/v${EASYRSA_VERSION}/EasyRSA-${EASYRSA_VERSION}.tgz"
log_info "Verifying Easy-RSA checksum..." log_info "Verifying Easy-RSA checksum..."
CHECKSUM_OUTPUT=$(echo "${EASYRSA_SHA256} $HOME/easy-rsa.tgz" | sha256sum -c 2>&1) || { CHECKSUM_OUTPUT=$(echo "${EASYRSA_SHA256} $easy_rsa_archive" | sha256sum -c 2>&1) || {
_log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT" _log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT"
run_cmd "Cleaning up failed download" rm -f ~/easy-rsa.tgz run_cmd "Cleaning up failed download" rm -f "$easy_rsa_archive"
log_fatal "SHA256 checksum verification failed for easy-rsa download!" log_fatal "SHA256 checksum verification failed for easy-rsa download!"
} }
_log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT" _log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT"
run_cmd_fatal "Creating Easy-RSA directory" mkdir -p /etc/openvpn/server/easy-rsa run_cmd_fatal "Creating Easy-RSA directory" mkdir -p /etc/openvpn/server/easy-rsa
run_cmd_fatal "Extracting Easy-RSA" tar xzf ~/easy-rsa.tgz --strip-components=1 --no-same-owner --directory /etc/openvpn/server/easy-rsa run_cmd_fatal "Extracting Easy-RSA" tar xzf "$easy_rsa_archive" --strip-components=1 --no-same-owner --directory /etc/openvpn/server/easy-rsa
run_cmd "Cleaning up archive" rm -f ~/easy-rsa.tgz run_cmd "Cleaning up archive" rm -f "$easy_rsa_archive"
cd /etc/openvpn/server/easy-rsa/ || return cd /etc/openvpn/server/easy-rsa/ || return
case $CERT_TYPE in case $CERT_TYPE in

3
test/server-entrypoint.sh
View File

@@ -128,11 +128,12 @@ fi
echo "Running OpenVPN install script..." echo "Running OpenVPN install script..."
echo "Command: ${INSTALL_CMD[*]}" echo "Command: ${INSTALL_CMD[*]}"
echo "Running install with HOME unset to match cloud-init user-data environments"
# Run in subshell because the script calls 'exit 0' after generating client config # Run in subshell because the script calls 'exit 0' after generating client config
# Capture output to validate logging format, while still displaying it # Capture output to validate logging format, while still displaying it
# Use || true to prevent set -e from exiting on failure, then check exit code # Use || true to prevent set -e from exiting on failure, then check exit code
INSTALL_OUTPUT="/tmp/install-output.log" INSTALL_OUTPUT="/tmp/install-output.log"
("${INSTALL_CMD[@]}") 2>&1 | tee "$INSTALL_OUTPUT" (env -u HOME "${INSTALL_CMD[@]}") 2>&1 | tee "$INSTALL_OUTPUT"
INSTALL_EXIT_CODE=${PIPESTATUS[0]} INSTALL_EXIT_CODE=${PIPESTATUS[0]}
echo "=== Installation complete (exit code: $INSTALL_EXIT_CODE) ===" echo "=== Installation complete (exit code: $INSTALL_EXIT_CODE) ==="