Commit Graph

602 Commits

Author SHA1 Message Date
Stanislas
83f70fe71f
ci(workflow): run script in headless mode on VMs (#643)
Run script in headless mode on all supported distributions, on Digital Ocean VMs, with GitHub Actions
2020-04-28 11:26:24 +02:00
Stanislas Lange
0e961a2e6b refactor(install): simplify easy-rsa install process 2020-04-27 19:20:40 +02:00
D. Robin
529d365693
build(easy-rsa): 3.0.6 -> 3.0.7 (#641) 2020-04-27 19:10:49 +02:00
randomshell
c785b230e9
docs(faq): add info for remote LAN access (#630) 2020-04-27 19:02:35 +02:00
Stanislas Lange
369c8dadaa refactor(menu): remove clear console 2020-04-27 18:06:59 +02:00
Henry N
182c43316f
feat(install): get system IPv6 resolvers if enabled (#599) 2020-04-27 18:04:18 +02:00
Stanislas Lange
96e6ea71e9 fix(newClient): exit if client name already taken
fix  #613
2020-04-27 17:45:58 +02:00
Stanislas Lange
f411d9dec7 fix(revokeClient): fix prompt input check
fix #477 #590
2020-04-27 17:36:04 +02:00
Stanislas Lange
c758418c6d style(script) format with shfmt 2020-04-27 16:25:20 +02:00
Henry N
2a35a3db16
refactor(install): simplify detection of public IP4, add fallback to IPv6 (#589) 2020-04-27 16:24:30 +02:00
Stanislas Lange
fdb35b86c6 fix(fedora): install policycoreutils-python-utils for selinux 2020-04-27 16:19:09 +02:00
Stanislas Lange
29980e6bef style(script) format with shfmt 2020-04-27 16:05:51 +02:00
randomshell
3b2c84b94d
fix(selinux): fix deletion of selinux policy (#555) 2020-04-27 16:03:55 +02:00
Stanislas Lange
87bfd046dd docs(readme): fix english punctuation 2020-04-27 15:42:47 +02:00
Stanislas Lange
c2d7729c20 style(faq): format markdown 2020-04-27 15:32:05 +02:00
Stanislas Lange
af3bf12bb6 style(readme): format markdown 2020-04-27 15:31:36 +02:00
Stanislas Lange
08aeed2c5b docs(readme): add notes about bash formatting 2020-04-27 15:26:20 +02:00
Stanislas
b4cbb54320
ci(workflow): don't run jobs twice on PRs (#640) 2020-04-27 15:21:32 +02:00
Stanislas
0f871f26d8
ci(lint): add shfmt job (#639) 2020-04-27 15:01:15 +02:00
Stanislas
6cc0022dff
style(script): format with shfmt (#638)
shfmt -w -s
2020-04-27 14:59:19 +02:00
Stanislas Lange
e3139cd877 Revert "feat(curves): add secp256k1 option (#315)"
This reverts commit 8d5bb43aed.

Tested with Viscosity, doesn't work
2020-04-27 14:36:44 +02:00
Sidd
8d5bb43aed
feat(curves): add secp256k1 option (#315) 2020-04-27 14:22:35 +02:00
randomshell
a3e6652d6d
docs(faq): update DNS not working question (#632) 2020-04-27 14:20:04 +02:00
randomshell
62a4ff3b41
fix(client conf): ignore block-outside-dns if not supported (#628) 2020-04-27 14:19:25 +02:00
randomshell
159ab9af6e
refactor(revoke client): remove uneeded cleanup (#607)
The deletion of issued files is handled by easy-rsa.
See function move_revoked() f0129cfe62/easyrsa3/easyrsa (L1050)
2020-04-27 14:12:23 +02:00
John E
fe0b995bdf
feat(headless): make script idempotent
This set of changes adjusts the script so that you can run it multiple times with the same input and not have any unexpected changes. This makes it appropriate for "enforcing state", as required by automated provisioners like Puppet, Salt, Chef, or Ansible.

 - Unbound, OpenVPN, easy-rsa, and other dependencies are only installed from upstream if they are not already present. This prevents multiple runs of the script from causing unexpected version upgrades.
 - The easy-rsa system is put in a folder called "easy-rsa-auto" so it can't conflict with the "easy-rsa" folder from some older OpenVPN packages
 - The easy-rsa CA is only initialized once
 - SERVER_CN and SERVER_NAME are randomly generated once and saved for future reference
 - File append ('>>') is only done strictly after a file is created with '>' (e.g. /etc/sysctl.d/20-openvpn.conf)
 - Clients are only added to easy-rsa once
 - If AUTO_INSTALL == y, then the script operates in install mode and doesn't enter manageMenu
2020-04-27 13:56:34 +02:00
Stanislas Lange
3b0c2ace90 fix(checkOS): update Ubuntu/Debian compatibility check 2020-04-27 13:37:52 +02:00
Stanislas Lange
957712e73d docs(readme): update compatibility matrix 2020-04-27 13:11:11 +02:00
randomshell
0481e10bce
Add FAQ for client-to-client (#631) 2020-04-27 10:39:33 +02:00
Stanislas
ecd2b45c9f
Delete issue template (blank still available) 2020-04-26 15:50:57 +02:00
randomshell
72c99f3e8f
Add FAQ for router clients (#629) 2020-04-24 18:00:59 +02:00
Stanislas Lange
0188c442a2 FAQ: Remove obsolete entry
Fix #634
2020-04-23 18:49:26 +02:00
randomshell
fcc4cc4afd
Add FAQ entry for sysctl and iptables changes (#626) 2020-04-22 11:39:42 +02:00
randomshell
777bedaa38
Add FAQ for DNS Leaks blocking (#627) 2020-04-22 11:38:31 +02:00
Stanislas Lange
2e17007cb3 Update issue templates 2020-04-22 11:35:24 +02:00
Stanislas Lange
124606468d Update issue templates 2020-04-22 11:33:47 +02:00
Stanislas
2b9c108232
Delete ISSUE_TEMPLATE.md 2020-04-22 11:27:12 +02:00
Stanislas
8e9ca3ad10 Update issue templates 2020-04-22 11:26:57 +02:00
Stanislas
c2a4edc714
Re-add SayThanks.io 2020-04-18 21:18:54 +02:00
randomshell
6989b0d326
Add support for client-configuration-dir (#609) 2020-04-10 17:49:07 +02:00
randomshell
2c9c0ed0c3
Improve sed line deletion (#608) 2020-04-10 11:42:57 +02:00
randomshell
ef5d5faf30
Change = conditional to == (#591) 2020-04-06 14:51:58 +02:00
Henry N
6e8aeb3505
Uninstallation: restart unbound only if not removed (#612) 2020-04-06 14:41:10 +02:00
Stanislas
7e7a494f59
Remove wiki link 2020-04-04 11:55:08 +02:00
Stanislas
d31efe9e7b
Move FAQ from wiki to git to allow contributions (#611)
Signed-off-by: Stanislas Lange <angristan@pm.me>
2020-04-04 11:54:17 +02:00
Stanislas
d958c15909
🤦‍♂️ 2020-04-03 11:13:57 +02:00
Henry N
e123635e7c
Add comments to some DNS options in code (#598) 2020-04-02 16:30:50 +02:00
randomshell
7ed9cac8d7
Change Adguard DNS to Anycast (#596)
See map at https://adguard.com/en/adguard-dns/overview.html
2020-03-31 23:05:44 +02:00
Henry N
44105eb060 Fix systemd unit issue on Debian 9 (#585)
On Debian 9 the copy of unit file `/etc/systemd/system/openvpn@.service` has no effect, see #583.
Same problem as #129 and #378, unit can not start on OpenVZ.

It must execute `systemctl enable` before `systemctl restart`.
So the new link to `/etc/systemd/system/openvpn@.service` was created before `systemctl restart`.

Fix https://github.com/angristan/openvpn-install/issues/583
2020-03-28 15:41:37 +01:00
Henry N
3d075c8708
Print warning about empty public interface (#581)
Warning, if cannot detect public interface, and give user a choice to continue or abord.
2020-03-26 21:27:16 +01:00