mirror of
https://github.com/angristan/openvpn-install.git
synced 2024-11-22 16:59:03 +01:00
Add Arch Linux support (#303)
This commit is contained in:
GoliathLabs
Stanislas
parent
34fd8a2b0a
commit
ecf5f0d623
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
[](https://gitlab.com/angristan/openvpn-install/pipelines)
|
[](https://gitlab.com/angristan/openvpn-install/pipelines)
|
||||||
|
|
||||||
OpenVPN installer for Debian, Ubuntu, Fedora and CentOS.
|
OpenVPN installer for Debian, Ubuntu, Fedora, CentOS and Arch Linux.
|
||||||
|
|
||||||
This script will let you setup your own secure VPN server in just a few seconds.
|
This script will let you setup your own secure VPN server in just a few seconds.
|
||||||
|
|
||||||
@ -66,6 +66,7 @@ The script supports these OS and architectures:
|
|||||||
| CentOS 7 | ❔ | ✅ | ❌ | ❌ |
|
| CentOS 7 | ❔ | ✅ | ❌ | ❌ |
|
||||||
| Fedora 27 | ❔ | ✅ | ❔ | ❔ |
|
| Fedora 27 | ❔ | ✅ | ❔ | ❔ |
|
||||||
| Fedora 28 | ❔ | ✅ | ❔ | ❔ |
|
| Fedora 28 | ❔ | ✅ | ❔ | ❔ |
|
||||||
|
| Arch Linux | ❔ | ✅ | ❔ | ❔ |
|
||||||
|
|
||||||
To be noted:
|
To be noted:
|
||||||
|
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Secure OpenVPN server installer for Debian, Ubuntu, CentOS and Fedora
|
# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Fedora and Arch Linux
|
||||||
# https://github.com/angristan/openvpn-install
|
# https://github.com/angristan/openvpn-install
|
||||||
|
|
||||||
function isRoot () {
|
function isRoot () {
|
||||||
@ -51,8 +51,10 @@ function checkOS () {
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
OS=centos
|
OS=centos
|
||||||
|
elif [[ -e /etc/arch-release ]]; then
|
||||||
|
OS=arch
|
||||||
else
|
else
|
||||||
echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora or CentOS system"
|
echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora, CentOS or Arch Linux system"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@ -102,6 +104,32 @@ prefetch: yes' >> /etc/unbound/unbound.conf
|
|||||||
sed -i 's|# hide-identity: no|hide-identity: yes|' /etc/unbound/unbound.conf
|
sed -i 's|# hide-identity: no|hide-identity: yes|' /etc/unbound/unbound.conf
|
||||||
sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf
|
sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf
|
||||||
sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf
|
sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf
|
||||||
|
|
||||||
|
elif [[ "$OS" = "arch" ]]; then
|
||||||
|
pacman -Syu --noconfirm unbound
|
||||||
|
|
||||||
|
# Get root servers list
|
||||||
|
curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache
|
||||||
|
|
||||||
|
mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
|
||||||
|
|
||||||
|
echo 'server:
|
||||||
|
use-syslog: yes
|
||||||
|
do-daemonize: no
|
||||||
|
username: "unbound"
|
||||||
|
directory: "/etc/unbound"
|
||||||
|
trust-anchor-file: trusted-key.key
|
||||||
|
root-hints: root.hints
|
||||||
|
interface: 10.8.0.1
|
||||||
|
access-control: 10.8.0.1/24 allow
|
||||||
|
port: 53
|
||||||
|
num-threads: 2
|
||||||
|
use-caps-for-id: yes
|
||||||
|
harden-glue: yes
|
||||||
|
hide-identity: yes
|
||||||
|
hide-version: yes
|
||||||
|
qname-minimisation: yes
|
||||||
|
prefetch: yes' > /etc/unbound/unbound.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ ! "$OS" =~ (fedora|centos) ]];then
|
if [[ ! "$OS" =~ (fedora|centos) ]];then
|
||||||
@ -525,6 +553,24 @@ function installOpenVPN () {
|
|||||||
yum install epel-release openvpn iptables openssl wget ca-certificates curl -y
|
yum install epel-release openvpn iptables openssl wget ca-certificates curl -y
|
||||||
elif [[ "$OS" = 'fedora' ]]; then
|
elif [[ "$OS" = 'fedora' ]]; then
|
||||||
dnf install openvpn iptables openssl wget ca-certificates curl -y
|
dnf install openvpn iptables openssl wget ca-certificates curl -y
|
||||||
|
elif [[ "$OS" = 'arch' ]]; then
|
||||||
|
echo ""
|
||||||
|
echo "WARNING: As you're using ArchLinux, I need to update the packages on your system to install those I need."
|
||||||
|
echo "Not doing that could cause problems between dependencies, or missing files in repositories (Arch Linux does not support partial upgrades)."
|
||||||
|
echo ""
|
||||||
|
echo "Continuing will update your installed packages and install needed ones."
|
||||||
|
echo ""
|
||||||
|
unset $CONTINUE
|
||||||
|
until [[ $CONTINUE =~ (y|n) ]]; do
|
||||||
|
read -rp "Continue? [y/n]: " -e -i y CONTINUE
|
||||||
|
done
|
||||||
|
if [[ "$CONTINUE" = "n" ]]; then
|
||||||
|
echo "Exiting because user did not permit updating the system."
|
||||||
|
exit 4
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Install required dependencies and upgrade the system
|
||||||
|
pacman --needed --noconfirm -Syu openvpn iptables openssl wget ca-certificates curl
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Find out if the machine uses nogroup or nobody for the permissionless group
|
# Find out if the machine uses nogroup or nobody for the permissionless group
|
||||||
@ -729,7 +775,7 @@ verb 3" >> /etc/openvpn/server.conf
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Finally, restart and enable OpenVPN
|
# Finally, restart and enable OpenVPN
|
||||||
if [[ "$OS" == 'fedora' ]]; then
|
if [[ "$OS" = 'arch' || "$OS" = 'fedora' ]]; then
|
||||||
# Workaround to fix OpenVPN service on OpenVZ
|
# Workaround to fix OpenVPN service on OpenVZ
|
||||||
sed -i 's|LimitNPROC|#LimitNPROC|' /usr/lib/systemd/system/openvpn-server@.service
|
sed -i 's|LimitNPROC|#LimitNPROC|' /usr/lib/systemd/system/openvpn-server@.service
|
||||||
# Another workaround to keep using /etc/openvpn/
|
# Another workaround to keep using /etc/openvpn/
|
||||||
@ -984,6 +1030,8 @@ function removeUnbound () {
|
|||||||
|
|
||||||
if [[ "$OS" = 'debian' ]]; then
|
if [[ "$OS" = 'debian' ]]; then
|
||||||
apt-get autoremove --purge -y unbound
|
apt-get autoremove --purge -y unbound
|
||||||
|
elif [[ "$OS" = 'arch' ]]; then
|
||||||
|
pacman --noconfirm -R unbound
|
||||||
elif [[ "$OS" = 'centos' ]]; then
|
elif [[ "$OS" = 'centos' ]]; then
|
||||||
yum remove unbound -y
|
yum remove unbound -y
|
||||||
elif [[ "$OS" = 'fedora' ]]; then
|
elif [[ "$OS" = 'fedora' ]]; then
|
||||||
@ -1008,7 +1056,7 @@ function removeOpenVPN () {
|
|||||||
PORT=$(grep '^port ' /etc/openvpn/server.conf | cut -d " " -f 2)
|
PORT=$(grep '^port ' /etc/openvpn/server.conf | cut -d " " -f 2)
|
||||||
|
|
||||||
# Stop OpenVPN
|
# Stop OpenVPN
|
||||||
if [[ "$OS" = 'fedora' ]]; then
|
if [[ "$OS" = (fedora|arch) ]]; then
|
||||||
systemctl disable openvpn-server@server
|
systemctl disable openvpn-server@server
|
||||||
systemctl stop openvpn-server@server
|
systemctl stop openvpn-server@server
|
||||||
elif [[ "$OS" == 'debian' ]] && [[ "$VERSION_ID" == "16.04" ]]; then
|
elif [[ "$OS" == 'debian' ]] && [[ "$VERSION_ID" == "16.04" ]]; then
|
||||||
@ -1043,6 +1091,8 @@ function removeOpenVPN () {
|
|||||||
rm /etc/apt/sources.list.d/openvpn.list
|
rm /etc/apt/sources.list.d/openvpn.list
|
||||||
apt-get update
|
apt-get update
|
||||||
fi
|
fi
|
||||||
|
elif [[ "$OS" = 'arch' ]]; then
|
||||||
|
pacman --noconfirm -R openvpn
|
||||||
elif [[ "$OS" = 'centos' ]]; then
|
elif [[ "$OS" = 'centos' ]]; then
|
||||||
yum remove openvpn -y
|
yum remove openvpn -y
|
||||||
elif [[ "$OS" = 'fedora' ]]; then
|
elif [[ "$OS" = 'fedora' ]]; then
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user