diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..b4d9ec4
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,3 @@
+[*.sh]
+indent_style = tab
+indent_size = 4
diff --git a/.github/linters/.markdown-lint.yml b/.github/linters/.markdown-lint.yml
new file mode 100644
index 0000000..68d1fdf
--- /dev/null
+++ b/.github/linters/.markdown-lint.yml
@@ -0,0 +1 @@
+{ 'MD013': null, 'MD045': null, 'MD040': null, 'MD036': null }
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index d86031e..082bca5 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -3,20 +3,12 @@ on: [push, pull_request, pull_request_target]
name: Lint
jobs:
- shellcheck:
+ super-linter:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
- - name: shellcheck
- uses: ludeeus/action-shellcheck@0.5.0
+ - name: Checkout Code
+ uses: actions/checkout@v2
+ - name: Lint Code Base
+ uses: github/super-linter@v3.13.1
env:
- SHELLCHECK_OPTS: -e SC1091,SC2164,SC2034,SC1072,SC1073,SC1009
-
- shfmt:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: shfmt
- uses: bltavares/actions/shfmt@master
- env:
- SHFMT_ARGS: -d
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/FAQ.md b/FAQ.md
index 4a7d2de..ee0e51a 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -69,7 +69,7 @@ If your client is <2.3.3, remove `tls-version-min 1.2` from your `/etc/openvpn/s
**Q:** IPv6 is not working on my Hetzner VM
-**A:** This an issue on their side. See https://angristan.xyz/fix-ipv6-hetzner-cloud/
+**A:** This an issue on their side. See
---
@@ -117,11 +117,11 @@ Sysctl options are at `/etc/sysctl.d/20-openvpn.conf`
**A:** Here is a sample bash script to achieve this:
- ```sh
+```sh
userlist=(user1 user2 user3)
for i in ${userlist[@]};do
- MENU_OPTION=1 CLIENT=$i PASS=1 ./openvpn-install.sh
+ MENU_OPTION=1 CLIENT=$i PASS=1 ./openvpn-install.sh
done
```
@@ -137,8 +137,9 @@ done
**A:** You would need to edit the `.ovpn` file. You can edit the template out of which those files are created by editing `/etc/openvpn/client-template.txt` file and adding
- ```sh
+```sh
route-nopull
route 10.0.0.0 255.0.0.0
```
+
So for example - here it would route all traffic of `10.0.0.0/8` to the vpn. And the rest through the internet.
diff --git a/README.md b/README.md
index f1743c6..d9ba9be 100644
--- a/README.md
+++ b/README.md
@@ -249,9 +249,8 @@ By default, OpenVPN uses `BF-CBC` as the data channel cipher. Blowfish is an old
> The default is BF-CBC, an abbreviation for Blowfish in Cipher Block Chaining mode.
>
-> Using BF-CBC is no longer recommended, because of its 64-bit block size. This small block size allows attacks based on collisions, as demonstrated by SWEET32. See https://community.openvpn.net/openvpn/wiki/SWEET32 for details.
-
-> Security researchers at INRIA published an attack on 64-bit block ciphers, such as 3DES and Blowfish. They show that they are able to recover plaintext when the same data is sent often enough, and show how they can use cross-site scripting vulnerabilities to send data of interest often enough. This works over HTTPS, but also works for HTTP-over-OpenVPN. See https://sweet32.info/ for a much better and more elaborate explanation.
+> Using BF-CBC is no longer recommended, because of its 64-bit block size. This small block size allows attacks based on collisions, as demonstrated by SWEET32. See for details.
+> Security researchers at INRIA published an attack on 64-bit block ciphers, such as 3DES and Blowfish. They show that they are able to recover plaintext when the same data is sent often enough, and show how they can use cross-site scripting vulnerabilities to send data of interest often enough. This works over HTTPS, but also works for HTTP-over-OpenVPN. See for a much better and more elaborate explanation.
>
> OpenVPN's default cipher, BF-CBC, is affected by this attack.
diff --git a/openvpn-install.sh b/openvpn-install.sh
index 45d12a4..92bb343 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+# shellcheck disable=SC1091,SC2164,SC2034,SC1072,SC1073,SC1009
# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux
# https://github.com/angristan/openvpn-install