Merge remote-tracking branch 'upstream/master'

This commit is contained in:
jduo 2020-09-10 04:56:09 -03:00
commit aa384c6931
4 changed files with 30 additions and 44 deletions

View File

@ -1,10 +1,4 @@
on: on: push
push:
branches:
- master
pull_request:
branches:
- master
name: Lint name: Lint
@ -14,7 +8,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- name: shellcheck - name: shellcheck
uses: ludeeus/action-shellcheck@0.2.1 uses: ludeeus/action-shellcheck@0.5.0
env: env:
SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009 SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009

View File

@ -21,7 +21,7 @@ jobs:
- centos-7-x64 - centos-7-x64
- centos-8-x64 - centos-8-x64
steps: steps:
- uses: actions/checkout@master - uses: actions/checkout@v2
- name: Setup doctl - name: Setup doctl
uses: digitalocean/action-doctl@v2 uses: digitalocean/action-doctl@v2
@ -51,7 +51,7 @@ jobs:
- name: Setup remote server (Debian/Ubuntu) - name: Setup remote server (Debian/Ubuntu)
if: steps.server_os.outputs.value == 'debian' || steps.server_os.outputs.value == 'ubuntu' if: steps.server_os.outputs.value == 'debian' || steps.server_os.outputs.value == 'ubuntu'
uses: appleboy/ssh-action@master uses: appleboy/ssh-action@v0.1.3
with: with:
host: ${{ steps.server_ip.outputs.value }} host: ${{ steps.server_ip.outputs.value }}
username: root username: root
@ -60,7 +60,7 @@ jobs:
- name: Setup remote server (Fedora) - name: Setup remote server (Fedora)
if: steps.server_os.outputs.value == 'fedora' if: steps.server_os.outputs.value == 'fedora'
uses: appleboy/ssh-action@master uses: appleboy/ssh-action@v0.1.3
with: with:
host: ${{ steps.server_ip.outputs.value }} host: ${{ steps.server_ip.outputs.value }}
username: root username: root
@ -69,7 +69,7 @@ jobs:
- name: Setup remote server (CentOS) - name: Setup remote server (CentOS)
if: steps.server_os.outputs.value == 'centos' if: steps.server_os.outputs.value == 'centos'
uses: appleboy/ssh-action@master uses: appleboy/ssh-action@v0.1.3
with: with:
host: ${{ steps.server_ip.outputs.value }} host: ${{ steps.server_ip.outputs.value }}
username: root username: root
@ -77,7 +77,7 @@ jobs:
script: set -x && yum install -y git script: set -x && yum install -y git
- name: Download repo and checkout current commit - name: Download repo and checkout current commit
uses: appleboy/ssh-action@master uses: appleboy/ssh-action@v0.1.3
with: with:
host: ${{ steps.server_ip.outputs.value }} host: ${{ steps.server_ip.outputs.value }}
username: root username: root
@ -85,7 +85,7 @@ jobs:
script: set -x && git clone https://github.com/angristan/openvpn-install.git && cd openvpn-install && git checkout ${{ github.event.pull_request.head.sha }} script: set -x && git clone https://github.com/angristan/openvpn-install.git && cd openvpn-install && git checkout ${{ github.event.pull_request.head.sha }}
- name: Run openvpn-install.sh in headless mode - name: Run openvpn-install.sh in headless mode
uses: appleboy/ssh-action@master uses: appleboy/ssh-action@v0.1.3
with: with:
host: ${{ steps.server_ip.outputs.value }} host: ${{ steps.server_ip.outputs.value }}
username: root username: root

View File

@ -115,13 +115,12 @@ The script supports these OS and architectures:
| --------------- | ---- | ----- | ----- | ----- | | --------------- | ---- | ----- | ----- | ----- |
| Amazon Linux 2 | ❔ | ✅ | ❔ | ❔ | | Amazon Linux 2 | ❔ | ✅ | ❔ | ❔ |
| Arch Linux | ❔ | ✅ | ❔ | ✅ | | Arch Linux | ❔ | ✅ | ❔ | ✅ |
| CentOS 7 | ❔ | ✅ | ❌ | ✅ | | CentOS 7 | ✅ | ✅ | ✅ | ✅ |
| CentOS 8 | ❌ | ✅ | ❔ | ❔ | | CentOS 8 | ❌ | ✅ | ❌ | ✅ |
| Debian 8 | ✅ | ✅ | ❌ | ❌ | | Debian >= 9 | ✅ | ✅ | ✅ | ✅ |
| Debian >= 9 | ❌ | ✅ | ✅ | ✅ |
| Fedora >= 27 | ❔ | ✅ | ❔ | ❔ | | Fedora >= 27 | ❔ | ✅ | ❔ | ❔ |
| Ubuntu 16.04 | ✅ | ✅ | ❌ | ❌ | | Ubuntu 16.04 | ✅ | ✅ | ❌ | ❌ |
| Ubuntu >= 18.04 | | ✅ | ✅ | ✅ | | Ubuntu >= 18.04 | | ✅ | ✅ | ✅ |
To be noted: To be noted:
@ -144,8 +143,9 @@ More Q&A in [FAQ.md](FAQ.md).
**A:** I recommend these: **A:** I recommend these:
- [Vultr](https://goo.gl/Xyd1Sc): Worldwide locations, IPv6 support, starting at \$3.50/month - [Vultr](https://goo.gl/Xyd1Sc): Worldwide locations, IPv6 support, starting at \$3.50/month
- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month - [Hetzner](https://hetzner.cloud/?ref=ywtlvZsjgeDq): Germany, IPv6, 20 TB of traffic, starting at €3/month
- [Digital Ocean](https://goo.gl/qXrNLK): Worldwide locations, IPv6 support, starting at \$5/month - [Digital Ocean](https://goo.gl/qXrNLK): Worldwide locations, IPv6 support, starting at \$5/month
- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month
--- ---
@ -208,7 +208,7 @@ OpenVPN 2.4 was a great update regarding encryption. It added support for ECDSA,
If you want more information about an option mentioned below, head to the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage). It is very complete. If you want more information about an option mentioned below, head to the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage). It is very complete.
Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.6/easyrsa3/vars.example) file. Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.7/easyrsa3/vars.example) file.
### Compression ### Compression

View File

@ -18,14 +18,13 @@ function tunAvailable() {
function checkOS() { function checkOS() {
if [[ -e /etc/debian_version ]]; then if [[ -e /etc/debian_version ]]; then
OS="debian" OS="debian"
# shellcheck disable=SC1091
source /etc/os-release source /etc/os-release
if [[ $ID == "debian" || $ID == "raspbian" ]]; then if [[ $ID == "debian" || $ID == "raspbian" ]]; then
if [[ $VERSION_ID -lt 8 ]]; then if [[ $VERSION_ID -lt 9 ]]; then
echo "⚠️ Your version of Debian is not supported." echo "⚠️ Your version of Debian is not supported."
echo "" echo ""
echo "However, if you're using Debian >= 8 or unstable/testing then you can continue, at your own risk." echo "However, if you're using Debian >= 9 or unstable/testing then you can continue, at your own risk."
echo "" echo ""
until [[ $CONTINUE =~ (y|n) ]]; do until [[ $CONTINUE =~ (y|n) ]]; do
read -rp "Continue? [y/n]: " -e CONTINUE read -rp "Continue? [y/n]: " -e CONTINUE
@ -51,7 +50,6 @@ function checkOS() {
fi fi
fi fi
elif [[ -e /etc/system-release ]]; then elif [[ -e /etc/system-release ]]; then
# shellcheck disable=SC1091
source /etc/os-release source /etc/os-release
if [[ $ID == "fedora" ]]; then if [[ $ID == "fedora" ]]; then
OS="fedora" OS="fedora"
@ -315,7 +313,7 @@ function installQuestions() {
echo " 12) NextDNS (Anycast: worldwide)" echo " 12) NextDNS (Anycast: worldwide)"
echo " 13) Custom" echo " 13) Custom"
until [[ $DNS =~ ^[0-9]+$ ]] && [ "$DNS" -ge 1 ] && [ "$DNS" -le 13 ]; do until [[ $DNS =~ ^[0-9]+$ ]] && [ "$DNS" -ge 1 ] && [ "$DNS" -le 13 ]; do
read -rp "DNS [1-12]: " -e -i 3 DNS read -rp "DNS [1-12]: " -e -i 11 DNS
if [[ $DNS == 2 ]] && [[ -e /etc/unbound/unbound.conf ]]; then if [[ $DNS == 2 ]] && [[ -e /etc/unbound/unbound.conf ]]; then
echo "" echo ""
echo "Unbound is already installed." echo "Unbound is already installed."
@ -653,11 +651,6 @@ function installOpenVPN() {
apt-get update apt-get update
apt-get -y install ca-certificates gnupg apt-get -y install ca-certificates gnupg
# We add the OpenVPN repo to get the latest version. # We add the OpenVPN repo to get the latest version.
if [[ $VERSION_ID == "8" ]]; then
echo "deb http://build.openvpn.net/debian/openvpn/stable jessie main" >/etc/apt/sources.list.d/openvpn.list
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
apt-get update
fi
if [[ $VERSION_ID == "16.04" ]]; then if [[ $VERSION_ID == "16.04" ]]; then
echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
@ -694,7 +687,7 @@ function installOpenVPN() {
if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then
local version="3.0.7" local version="3.0.7"
wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz
mkdir /etc/openvpn/easy-rsa mkdir -p /etc/openvpn/easy-rsa
tar xzf ~/easy-rsa.tgz --strip-components=1 --directory /etc/openvpn/easy-rsa tar xzf ~/easy-rsa.tgz --strip-components=1 --directory /etc/openvpn/easy-rsa
rm -f ~/easy-rsa.tgz rm -f ~/easy-rsa.tgz
@ -1052,9 +1045,9 @@ verb 3" >>/etc/openvpn/client-template.txt
function newClient() { function newClient() {
echo "" echo ""
echo "Tell me a name for the client." echo "Tell me a name for the client."
echo "Use one word only, no special characters." echo "The name must consist of alphanumeric character. It may also include an underscore or a dash."
until [[ $CLIENT =~ ^[a-zA-Z0-9_]+$ ]]; do until [[ $CLIENT =~ ^[a-zA-Z0-9_-]+$ ]]; do
read -rp "Client name: " -e CLIENT read -rp "Client name: " -e CLIENT
done done
@ -1211,7 +1204,6 @@ function removeUnbound() {
function removeOpenVPN() { function removeOpenVPN() {
echo "" echo ""
# shellcheck disable=SC2034
read -rp "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE read -rp "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE
if [[ $REMOVE == 'y' ]]; then if [[ $REMOVE == 'y' ]]; then
# Get OpenVPN port from the configuration # Get OpenVPN port from the configuration