From eacd9a93be50d61b8d539733bbc4f5c585991257 Mon Sep 17 00:00:00 2001 From: Ben Sykes Date: Fri, 2 Oct 2020 16:58:01 -0400 Subject: [PATCH] added tun install for apt based systems on auto-install --- .github/FUNDING.yml | 3 -- .github/dependabot.yml | 4 +- .github/workflows/test.yml | 97 -------------------------------------- .gitignore | 1 + openvpn-install.sh | 22 ++++++++- 5 files changed, 24 insertions(+), 103 deletions(-) delete mode 100644 .github/FUNDING.yml delete mode 100644 .github/workflows/test.yml create mode 100644 .gitignore diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index d5689d8..0000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,3 +0,0 @@ -patreon: stanislas -liberapay: stanislas -ko_fi: stanislas diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f4d737f..4bc9fdc 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,6 +5,6 @@ updates: schedule: interval: "daily" assignees: - - "angristan" + - "SystemFiles" reviewers: - - "angristan" + - "SystemFiles" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 52a4307..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,97 +0,0 @@ -on: - push: - branches: - - master - -name: Test -jobs: - install: - runs-on: ubuntu-latest - if: github.repository == 'angristan/openvpn-install' && github.actor == 'angristan' - strategy: - matrix: - os-image: - - debian-9-x64 - - debian-10-x64 - - ubuntu-18-04-x64 - - ubuntu-16-04-x64 - - ubuntu-20-04-x64 - - fedora-30-x64 - - fedora-31-x64 - - centos-7-x64 - - centos-8-x64 - steps: - - uses: actions/checkout@v2 - - - name: Setup doctl - uses: digitalocean/action-doctl@v2 - with: - token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} - - - name: Create server - run: doctl compute droplet create openvpn-action-$GITHUB_RUN_ID-$GITHUB_RUN_NUMBER-${{ matrix.os-image }} --size s-1vcpu-1gb --image ${{ matrix.os-image }} --region lon1 --enable-ipv6 --ssh-keys be:66:76:61:a8:71:93:aa:e3:19:ba:d8:0d:d2:2d:d4 --wait - - - name: Get server ID - run: echo ::set-output name=value::$(doctl compute droplet list -o json | jq -r '.[] | select(.name == "'openvpn-action-$GITHUB_RUN_ID-$GITHUB_RUN_NUMBER-${{ matrix.os-image }}'").id') - id: server_id - - - name: Move server to dedicated project - run: doctl projects resources assign ${{ secrets.DIGITALOCEAN_PROJECT_ID }} --resource=do:droplet:${{ steps.server_id.outputs.value }} - - - name: Wait for server to boot - run: sleep 90 - - - name: Get server IP - run: echo ::set-output name=value::$(doctl compute droplet list -o json | jq -r '.[] | select(.name == "'openvpn-action-$GITHUB_RUN_ID-$GITHUB_RUN_NUMBER-${{ matrix.os-image }}'").networks.v4 | .[0].ip_address') - id: server_ip - - - name: Get server OS - run: echo ::set-output name=value::$(echo ${{ matrix.os-image }} | cut -d '-' -f1) - id: server_os - - - name: Setup remote server (Debian/Ubuntu) - if: steps.server_os.outputs.value == 'debian' || steps.server_os.outputs.value == 'ubuntu' - uses: appleboy/ssh-action@v0.1.3 - with: - host: ${{ steps.server_ip.outputs.value }} - username: root - key: ${{ secrets.SSH_KEY }} - script: set -x && apt-get update && apt-get install -y git - - - name: Setup remote server (Fedora) - if: steps.server_os.outputs.value == 'fedora' - uses: appleboy/ssh-action@v0.1.3 - with: - host: ${{ steps.server_ip.outputs.value }} - username: root - key: ${{ secrets.SSH_KEY }} - script: set -x && dnf install -y git - - - name: Setup remote server (CentOS) - if: steps.server_os.outputs.value == 'centos' - uses: appleboy/ssh-action@v0.1.3 - with: - host: ${{ steps.server_ip.outputs.value }} - username: root - key: ${{ secrets.SSH_KEY }} - script: set -x && yum install -y git - - - name: Download repo and checkout current commit - uses: appleboy/ssh-action@v0.1.3 - with: - host: ${{ steps.server_ip.outputs.value }} - username: root - key: ${{ secrets.SSH_KEY }} - script: set -x && git clone https://github.com/angristan/openvpn-install.git && cd openvpn-install && git checkout ${{ github.event.pull_request.head.sha }} - - - name: Run openvpn-install.sh in headless mode - uses: appleboy/ssh-action@v0.1.3 - with: - host: ${{ steps.server_ip.outputs.value }} - username: root - key: ${{ secrets.SSH_KEY }} - script: 'set -x && AUTO_INSTALL=y bash -x ~/openvpn-install/openvpn-install.sh && ps aux | grep openvpn | grep -v grep > /dev/null 2>&1 && echo "Success: OpenVPN is running" && exit 0 || echo "Failure: OpenVPN is not running" && exit 1' - - - name: Delete server - run: doctl compute droplet delete -f openvpn-action-$GITHUB_RUN_ID-$GITHUB_RUN_NUMBER-${{ matrix.os-image }} - if: always() diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..496ee2c --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.DS_Store \ No newline at end of file diff --git a/openvpn-install.sh b/openvpn-install.sh index 685f607..0a36da8 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -1,8 +1,25 @@ #!/bin/bash -# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux +# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux (Modified by: SystemFiles) # https://github.com/angristan/openvpn-install +function setupTunTap() { + if [ -z $TUN_SETUP ]; then + echo "Skipping TUN/TAP setup since you have not enabled it through the use of the TUN_SETUP environment variable" + else + echo "Setting up TUN/TAP with APT..." + # Install/verify requirements + apt-get update && \ + apt-get clean && apt-get -y update && \ + apt-get install -y locales curl openvpn bridge-utils && \ + + # Make TUN adapter configuration + mkdir -p /dev/net && \ + mknod /dev/net/tun c 10 200 && \ + chmod 600 /dev/net/tun + fi +} + function isRoot() { if [ "$EUID" -ne 0 ]; then return 1 @@ -619,6 +636,9 @@ function installOpenVPN() { PUBLIC_IP=$(curl -4 https://ifconfig.co) fi ENDPOINT=${ENDPOINT:-$PUBLIC_IP} + + # Install and Enable TUN/TAP + setupTunTap fi # Run setup questions first, and set other variales if auto-install