Merge remote-tracking branch 'upstream/master'

.github/workflows/lint.yml

@@ -1,10 +1,4 @@
-on:
+on: push
-  push:
-    branches:
-    - master
-  pull_request:
-    branches:
-    - master
 
 name: Lint
 
@@ -12,17 +6,17 @@ jobs:
   shellcheck:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+      - uses: actions/checkout@v2
-    - name: shellcheck
+      - name: shellcheck
-      uses: ludeeus/action-shellcheck@0.2.1
+        uses: ludeeus/action-shellcheck@0.5.0
-      env:
+        env:
-        SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009
+          SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009
 
   shfmt:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+      - uses: actions/checkout@v2
-    - name: shfmt
+      - name: shfmt
-      uses: bltavares/actions/shfmt@master
+        uses: bltavares/actions/shfmt@master
-      env:
+        env:
-        SHFMT_ARGS: -d
+          SHFMT_ARGS: -d

.github/workflows/test.yml

@@ -21,7 +21,7 @@ jobs:
           - centos-7-x64
           - centos-8-x64
     steps:
-    - uses: actions/checkout@master
+    - uses: actions/checkout@v2
 
     - name: Setup doctl
       uses: digitalocean/action-doctl@v2
@@ -51,7 +51,7 @@ jobs:
 
     - name: Setup remote server (Debian/Ubuntu)
       if: steps.server_os.outputs.value == 'debian' || steps.server_os.outputs.value == 'ubuntu'
-      uses: appleboy/ssh-action@master
+      uses: appleboy/ssh-action@v0.1.3
       with:
         host: ${{ steps.server_ip.outputs.value }}
         username: root
@@ -60,7 +60,7 @@ jobs:
 
     - name: Setup remote server (Fedora)
       if: steps.server_os.outputs.value == 'fedora'
-      uses: appleboy/ssh-action@master
+      uses: appleboy/ssh-action@v0.1.3
       with:
         host: ${{ steps.server_ip.outputs.value }}
         username: root
@@ -69,7 +69,7 @@ jobs:
 
     - name: Setup remote server (CentOS)
       if: steps.server_os.outputs.value == 'centos'
-      uses: appleboy/ssh-action@master
+      uses: appleboy/ssh-action@v0.1.3
       with:
         host: ${{ steps.server_ip.outputs.value }}
         username: root
@@ -77,7 +77,7 @@ jobs:
         script: set -x && yum install -y git
 
     - name: Download repo and checkout current commit
-      uses: appleboy/ssh-action@master
+      uses: appleboy/ssh-action@v0.1.3
       with:
         host: ${{ steps.server_ip.outputs.value }}
         username: root
@@ -85,7 +85,7 @@ jobs:
         script: set -x && git clone https://github.com/angristan/openvpn-install.git && cd openvpn-install && git checkout ${{ github.event.pull_request.head.sha }}
 
     - name: Run openvpn-install.sh in headless mode
-      uses: appleboy/ssh-action@master
+      uses: appleboy/ssh-action@v0.1.3
       with:
         host: ${{ steps.server_ip.outputs.value }}
         username: root

README.md

@@ -115,13 +115,12 @@ The script supports these OS and architectures:
 | --------------- | ---- | ----- | ----- | ----- |
 | Amazon Linux 2  | ❔   | ✅    | ❔    | ❔    |
 | Arch Linux      | ❔   | ✅    | ❔    | ✅    |
-| CentOS 7        | ❔   | ✅    | ❌    | ✅    |
+| CentOS 7        | ✅   | ✅    | ✅    | ✅    |
-| CentOS 8        | ❌   | ✅    | ❔    | ❔    |
+| CentOS 8        | ❌   | ✅    | ❌    | ✅    |
-| Debian 8        | ✅   | ✅    | ❌    | ❌    |
+| Debian >= 9     | ✅   | ✅    | ✅    | ✅    |
-| Debian >= 9     | ❌   | ✅    | ✅    | ✅    |
 | Fedora >= 27    | ❔   | ✅    | ❔    | ❔    |
 | Ubuntu 16.04    | ✅   | ✅    | ❌    | ❌    |
-| Ubuntu >= 18.04 | ❌   | ✅    | ✅    | ✅    |
+| Ubuntu >= 18.04 | ✅   | ✅    | ✅    | ✅    |
 
 To be noted:
 
@@ -144,8 +143,9 @@ More Q&A in [FAQ.md](FAQ.md).
 **A:** I recommend these:
 
 - [Vultr](https://goo.gl/Xyd1Sc): Worldwide locations, IPv6 support, starting at \$3.50/month
-- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month
+- [Hetzner](https://hetzner.cloud/?ref=ywtlvZsjgeDq): Germany, IPv6, 20 TB of traffic, starting at €3/month
 - [Digital Ocean](https://goo.gl/qXrNLK): Worldwide locations, IPv6 support, starting at \$5/month
+- [PulseHeberg](https://goo.gl/76yqW5): France, unlimited bandwidth, starting at €3/month
 
 ---
 
@@ -208,7 +208,7 @@ OpenVPN 2.4 was a great update regarding encryption. It added support for ECDSA,
 
 If you want more information about an option mentioned below, head to the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage). It is very complete.
 
-Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.6/easyrsa3/vars.example) file.
+Most of OpenVPN's encryption-related stuff is managed by [Easy-RSA](https://github.com/OpenVPN/easy-rsa). Defaults parameters are in the [vars.example](https://github.com/OpenVPN/easy-rsa/blob/v3.0.7/easyrsa3/vars.example) file.
 
 ### Compression
 

openvpn-install.sh

@@ -18,14 +18,13 @@ function tunAvailable() {
 function checkOS() {
 	if [[ -e /etc/debian_version ]]; then
 		OS="debian"
-		# shellcheck disable=SC1091
 		source /etc/os-release
 
 		if [[ $ID == "debian" || $ID == "raspbian" ]]; then
-			if [[ $VERSION_ID -lt 8 ]]; then
+			if [[ $VERSION_ID -lt 9 ]]; then
 				echo "⚠️ Your version of Debian is not supported."
 				echo ""
-				echo "However, if you're using Debian >= 8 or unstable/testing then you can continue, at your own risk."
+				echo "However, if you're using Debian >= 9 or unstable/testing then you can continue, at your own risk."
 				echo ""
 				until [[ $CONTINUE =~ (y|n) ]]; do
 					read -rp "Continue? [y/n]: " -e CONTINUE
@@ -51,7 +50,6 @@ function checkOS() {
 			fi
 		fi
 	elif [[ -e /etc/system-release ]]; then
-		# shellcheck disable=SC1091
 		source /etc/os-release
 		if [[ $ID == "fedora" ]]; then
 			OS="fedora"
@@ -315,7 +313,7 @@ function installQuestions() {
 	echo "   12) NextDNS (Anycast: worldwide)"
 	echo "   13) Custom"
 	until [[ $DNS =~ ^[0-9]+$ ]] && [ "$DNS" -ge 1 ] && [ "$DNS" -le 13 ]; do
-		read -rp "DNS [1-12]: " -e -i 3 DNS
+		read -rp "DNS [1-12]: " -e -i 11 DNS
 		if [[ $DNS == 2 ]] && [[ -e /etc/unbound/unbound.conf ]]; then
 			echo ""
 			echo "Unbound is already installed."
@@ -653,11 +651,6 @@ function installOpenVPN() {
 			apt-get update
 			apt-get -y install ca-certificates gnupg
 			# We add the OpenVPN repo to get the latest version.
-			if [[ $VERSION_ID == "8" ]]; then
-				echo "deb http://build.openvpn.net/debian/openvpn/stable jessie main" >/etc/apt/sources.list.d/openvpn.list
-				wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
-				apt-get update
-			fi
 			if [[ $VERSION_ID == "16.04" ]]; then
 				echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list
 				wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
@@ -694,7 +687,7 @@ function installOpenVPN() {
 	if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then
 		local version="3.0.7"
 		wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz
-		mkdir /etc/openvpn/easy-rsa
+		mkdir -p /etc/openvpn/easy-rsa
 		tar xzf ~/easy-rsa.tgz --strip-components=1 --directory /etc/openvpn/easy-rsa
 		rm -f ~/easy-rsa.tgz
 
@@ -1052,9 +1045,9 @@ verb 3" >>/etc/openvpn/client-template.txt
 function newClient() {
 	echo ""
 	echo "Tell me a name for the client."
-	echo "Use one word only, no special characters."
+	echo "The name must consist of alphanumeric character. It may also include an underscore or a dash."
 
-	until [[ $CLIENT =~ ^[a-zA-Z0-9_]+$ ]]; do
+	until [[ $CLIENT =~ ^[a-zA-Z0-9_-]+$ ]]; do
 		read -rp "Client name: " -e CLIENT
 	done
 
@@ -1211,7 +1204,6 @@ function removeUnbound() {
 
 function removeOpenVPN() {
 	echo ""
-	# shellcheck disable=SC2034
 	read -rp "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE
 	if [[ $REMOVE == 'y' ]]; then
 		# Get OpenVPN port from the configuration