From 5c16324a62df83933e9e2490426fd840f34e1263 Mon Sep 17 00:00:00 2001 From: Ufuk Date: Tue, 25 Aug 2020 13:53:40 +0300 Subject: [PATCH 1/2] Fix a bug with dpkg lock prevents apt commands run --- openvpn-install.sh | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 685f607..414cb07 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -99,8 +99,7 @@ function installUnbound() { if [[ ! -e /etc/unbound/unbound.conf ]]; then if [[ $OS =~ (debian|ubuntu) ]]; then - apt-get install -y unbound - + until apt-get install -y unbound; do sleep 1; done # Configuration echo 'interface: 10.8.0.1 access-control: 10.8.0.1/24 allow @@ -648,16 +647,16 @@ function installOpenVPN() { # the first time. if [[ ! -e /etc/openvpn/server.conf ]]; then if [[ $OS =~ (debian|ubuntu) ]]; then - apt-get update - apt-get -y install ca-certificates gnupg + until apt-get update; do sleep 1; done + until apt-get -y install ca-certificates gnupg; do sleep 1; done # We add the OpenVPN repo to get the latest version. if [[ $VERSION_ID == "16.04" ]]; then echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - - apt-get update + until apt-get update; do sleep 1; done fi # Ubuntu > 16.04 and Debian > 8 have OpenVPN >= 2.4 without the need of a third party repository. - apt-get install -y openvpn iptables openssl wget ca-certificates curl + until apt-get install -y openvpn iptables openssl wget ca-certificates curl; do sleep 1; done elif [[ $OS == 'centos' ]]; then yum install -y epel-release yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*' @@ -1182,7 +1181,7 @@ function removeUnbound() { systemctl stop unbound if [[ $OS =~ (debian|ubuntu) ]]; then - apt-get autoremove --purge -y unbound + until apt-get autoremove --purge -y unbound; do sleep 1; done elif [[ $OS == 'arch' ]]; then pacman --noconfirm -R unbound elif [[ $OS =~ (centos|amzn) ]]; then @@ -1245,10 +1244,10 @@ function removeOpenVPN() { fi if [[ $OS =~ (debian|ubuntu) ]]; then - apt-get autoremove --purge -y openvpn + until apt-get autoremove --purge -y openvpn; do sleep 1; done if [[ -e /etc/apt/sources.list.d/openvpn.list ]]; then rm /etc/apt/sources.list.d/openvpn.list - apt-get update + until apt-get update; do sleep 1; done fi elif [[ $OS == 'arch' ]]; then pacman --noconfirm -R openvpn From d4c8e96ef73e3554640cdb8afa0bbd6a794e17cf Mon Sep 17 00:00:00 2001 From: Ufuk Date: Sat, 12 Sep 2020 22:43:45 +0300 Subject: [PATCH 2/2] replace until apt-get loop with separate function --- openvpn-install.sh | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 414cb07..57224ae 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -3,6 +3,19 @@ # Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux # https://github.com/angristan/openvpn-install +function apt_get_with_retry() { + attempts=0 + until apt-get $@; do + attempts=$((attempts + 1)) + if [[ $attempts -gt 10 ]]; then + echo "apt-get is busy right now, please try again later" + exit 1 + fi + echo "Failed to run apt-get, trying again..." + sleep 1 + done +} + function isRoot() { if [ "$EUID" -ne 0 ]; then return 1 @@ -99,7 +112,7 @@ function installUnbound() { if [[ ! -e /etc/unbound/unbound.conf ]]; then if [[ $OS =~ (debian|ubuntu) ]]; then - until apt-get install -y unbound; do sleep 1; done + apt_get_with_retry install -y unbound # Configuration echo 'interface: 10.8.0.1 access-control: 10.8.0.1/24 allow @@ -226,7 +239,7 @@ function installQuestions() { if [[ $APPROVE_IP =~ n ]]; then read -rp "IP address: " -e -i "$IP" IP fi - # If $IP is a private IP address, the server must be behind NAT + # If $IP is a private IP address, the server must be behind NAT if echo "$IP" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then echo "" echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?" @@ -647,16 +660,16 @@ function installOpenVPN() { # the first time. if [[ ! -e /etc/openvpn/server.conf ]]; then if [[ $OS =~ (debian|ubuntu) ]]; then - until apt-get update; do sleep 1; done - until apt-get -y install ca-certificates gnupg; do sleep 1; done + apt_get_with_retry update + apt_get_with_retry -y install ca-certificates gnupg # We add the OpenVPN repo to get the latest version. if [[ $VERSION_ID == "16.04" ]]; then echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - - until apt-get update; do sleep 1; done + apt_get_with_retry update fi # Ubuntu > 16.04 and Debian > 8 have OpenVPN >= 2.4 without the need of a third party repository. - until apt-get install -y openvpn iptables openssl wget ca-certificates curl; do sleep 1; done + apt_get_with_retry install -y openvpn iptables openssl wget ca-certificates curl elif [[ $OS == 'centos' ]]; then yum install -y epel-release yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*' @@ -1181,7 +1194,7 @@ function removeUnbound() { systemctl stop unbound if [[ $OS =~ (debian|ubuntu) ]]; then - until apt-get autoremove --purge -y unbound; do sleep 1; done + apt_get_with_retry autoremove --purge -y unbound elif [[ $OS == 'arch' ]]; then pacman --noconfirm -R unbound elif [[ $OS =~ (centos|amzn) ]]; then @@ -1244,10 +1257,10 @@ function removeOpenVPN() { fi if [[ $OS =~ (debian|ubuntu) ]]; then - until apt-get autoremove --purge -y openvpn; do sleep 1; done + apt_get_with_retry autoremove --purge -y openvpn if [[ -e /etc/apt/sources.list.d/openvpn.list ]]; then rm /etc/apt/sources.list.d/openvpn.list - until apt-get update; do sleep 1; done + apt_get_with_retry update fi elif [[ $OS == 'arch' ]]; then pacman --noconfirm -R openvpn