diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 13ffd36..7aaf095 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,10 +1,4 @@ -on: - push: - branches: - - master - pull_request: - branches: - - master +on: push name: Lint @@ -12,17 +6,17 @@ jobs: shellcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: shellcheck - uses: ludeeus/action-shellcheck@0.2.1 - env: - SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009 + - uses: actions/checkout@v2 + - name: shellcheck + uses: ludeeus/action-shellcheck@0.5.0 + env: + SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009 shfmt: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: shfmt - uses: bltavares/actions/shfmt@master - env: - SHFMT_ARGS: -d + - uses: actions/checkout@v2 + - name: shfmt + uses: bltavares/actions/shfmt@master + env: + SHFMT_ARGS: -d diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e7b1e1c..52a4307 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,7 @@ jobs: - centos-7-x64 - centos-8-x64 steps: - - uses: actions/checkout@master + - uses: actions/checkout@v2 - name: Setup doctl uses: digitalocean/action-doctl@v2 @@ -51,7 +51,7 @@ jobs: - name: Setup remote server (Debian/Ubuntu) if: steps.server_os.outputs.value == 'debian' || steps.server_os.outputs.value == 'ubuntu' - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v0.1.3 with: host: ${{ steps.server_ip.outputs.value }} username: root @@ -60,7 +60,7 @@ jobs: - name: Setup remote server (Fedora) if: steps.server_os.outputs.value == 'fedora' - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v0.1.3 with: host: ${{ steps.server_ip.outputs.value }} username: root @@ -69,7 +69,7 @@ jobs: - name: Setup remote server (CentOS) if: steps.server_os.outputs.value == 'centos' - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v0.1.3 with: host: ${{ steps.server_ip.outputs.value }} username: root @@ -77,7 +77,7 @@ jobs: script: set -x && yum install -y git - name: Download repo and checkout current commit - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v0.1.3 with: host: ${{ steps.server_ip.outputs.value }} username: root @@ -85,7 +85,7 @@ jobs: script: set -x && git clone https://github.com/angristan/openvpn-install.git && cd openvpn-install && git checkout ${{ github.event.pull_request.head.sha }} - name: Run openvpn-install.sh in headless mode - uses: appleboy/ssh-action@master + uses: appleboy/ssh-action@v0.1.3 with: host: ${{ steps.server_ip.outputs.value }} username: root diff --git a/README.md b/README.md index 1b8577a..59e884f 100644 --- a/README.md +++ b/README.md @@ -115,13 +115,12 @@ The script supports these OS and architectures: | --------------- | ---- | ----- | ----- | ----- | | Amazon Linux 2 | ❔ | ✅ | ❔ | ❔ | | Arch Linux | ❔ | ✅ | ❔ | ✅ | -| CentOS 7 | ❔ | ✅ | ❌ | ✅ | -| CentOS 8 | ❌ | ✅ | ❔ | ❔ | -| Debian 8 | ✅ | ✅ | ❌ | ❌ | -| Debian >= 9 | ❌ | ✅ | ✅ | ✅ | +| CentOS 7 | ✅ | ✅ | ✅ | ✅ | +| CentOS 8 | ❌ | ✅ | ❌ | ✅ | +| Debian >= 9 | ✅ | ✅ | ✅ | ✅ | | Fedora >= 27 | ❔ | ✅ | ❔ | ❔ | | Ubuntu 16.04 | ✅ | ✅ | ❌ | ❌ | -| Ubuntu >= 18.04 | ❌ | ✅ | ✅ | ✅ | +| Ubuntu >= 18.04 | ✅ | ✅ | ✅ | ✅ | To be noted: @@ -144,8 +143,9 @@ More Q&A in [FAQ.md](FAQ.md). **A:** I recommend these: - [Vultr](https://goo.gl/Xyd1Sc): Worldwide locations, IPv6 support, starting at \$3.50/month -- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month +- [Hetzner](https://hetzner.cloud/?ref=ywtlvZsjgeDq): Germany, IPv6, 20 TB of traffic, starting at €3/month - [Digital Ocean](https://goo.gl/qXrNLK): Worldwide locations, IPv6 support, starting at \$5/month +- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month --- @@ -208,7 +208,7 @@ OpenVPN 2.4 was a great update regarding encryption. It added support for ECDSA, If you want more information about an option mentioned below, head to the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage). It is very complete. -Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.6/easyrsa3/vars.example) file. +Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.7/easyrsa3/vars.example) file. ### Compression diff --git a/openvpn-install.sh b/openvpn-install.sh index 9ddcbb8..685f607 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -18,14 +18,13 @@ function tunAvailable() { function checkOS() { if [[ -e /etc/debian_version ]]; then OS="debian" - # shellcheck disable=SC1091 source /etc/os-release if [[ $ID == "debian" || $ID == "raspbian" ]]; then - if [[ $VERSION_ID -lt 8 ]]; then + if [[ $VERSION_ID -lt 9 ]]; then echo "⚠️ Your version of Debian is not supported." echo "" - echo "However, if you're using Debian >= 8 or unstable/testing then you can continue, at your own risk." + echo "However, if you're using Debian >= 9 or unstable/testing then you can continue, at your own risk." echo "" until [[ $CONTINUE =~ (y|n) ]]; do read -rp "Continue? [y/n]: " -e CONTINUE @@ -51,7 +50,6 @@ function checkOS() { fi fi elif [[ -e /etc/system-release ]]; then - # shellcheck disable=SC1091 source /etc/os-release if [[ $ID == "fedora" ]]; then OS="fedora" @@ -315,7 +313,7 @@ function installQuestions() { echo " 12) NextDNS (Anycast: worldwide)" echo " 13) Custom" until [[ $DNS =~ ^[0-9]+$ ]] && [ "$DNS" -ge 1 ] && [ "$DNS" -le 13 ]; do - read -rp "DNS [1-12]: " -e -i 3 DNS + read -rp "DNS [1-12]: " -e -i 11 DNS if [[ $DNS == 2 ]] && [[ -e /etc/unbound/unbound.conf ]]; then echo "" echo "Unbound is already installed." @@ -653,11 +651,6 @@ function installOpenVPN() { apt-get update apt-get -y install ca-certificates gnupg # We add the OpenVPN repo to get the latest version. - if [[ $VERSION_ID == "8" ]]; then - echo "deb http://build.openvpn.net/debian/openvpn/stable jessie main" >/etc/apt/sources.list.d/openvpn.list - wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - - apt-get update - fi if [[ $VERSION_ID == "16.04" ]]; then echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - @@ -694,7 +687,7 @@ function installOpenVPN() { if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then local version="3.0.7" wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz - mkdir /etc/openvpn/easy-rsa + mkdir -p /etc/openvpn/easy-rsa tar xzf ~/easy-rsa.tgz --strip-components=1 --directory /etc/openvpn/easy-rsa rm -f ~/easy-rsa.tgz @@ -1052,9 +1045,9 @@ verb 3" >>/etc/openvpn/client-template.txt function newClient() { echo "" echo "Tell me a name for the client." - echo "Use one word only, no special characters." + echo "The name must consist of alphanumeric character. It may also include an underscore or a dash." - until [[ $CLIENT =~ ^[a-zA-Z0-9_]+$ ]]; do + until [[ $CLIENT =~ ^[a-zA-Z0-9_-]+$ ]]; do read -rp "Client name: " -e CLIENT done @@ -1211,7 +1204,6 @@ function removeUnbound() { function removeOpenVPN() { echo "" - # shellcheck disable=SC2034 read -rp "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE if [[ $REMOVE == 'y' ]]; then # Get OpenVPN port from the configuration