Merge d4c8e96ef7 into 29d4dc20f8
This commit is contained in:
Ufuk Tan
GitHub
commit
69101234c1
1 changed files with 22 additions and 10 deletions
|
|
@ -4,6 +4,19 @@
|
||||||
# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux
|
# Secure OpenVPN server installer for Debian, Ubuntu, CentOS, Amazon Linux 2, Fedora and Arch Linux
|
||||||
# https://github.com/angristan/openvpn-install
|
# https://github.com/angristan/openvpn-install
|
||||||
|
|
||||||
|
function apt_get_with_retry() {
|
||||||
|
attempts=0
|
||||||
|
until apt-get $@; do
|
||||||
|
attempts=$((attempts + 1))
|
||||||
|
if [[ $attempts -gt 10 ]]; then
|
||||||
|
echo "apt-get is busy right now, please try again later"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Failed to run apt-get, trying again..."
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
function isRoot() {
|
function isRoot() {
|
||||||
if [ "$EUID" -ne 0 ]; then
|
if [ "$EUID" -ne 0 ]; then
|
||||||
return 1
|
return 1
|
||||||
|
|
@ -100,8 +113,7 @@ function installUnbound() {
|
||||||
if [[ ! -e /etc/unbound/unbound.conf ]]; then
|
if [[ ! -e /etc/unbound/unbound.conf ]]; then
|
||||||
|
|
||||||
if [[ $OS =~ (debian|ubuntu) ]]; then
|
if [[ $OS =~ (debian|ubuntu) ]]; then
|
||||||
apt-get install -y unbound
|
apt_get_with_retry install -y unbound
|
||||||
|
|
||||||
# Configuration
|
# Configuration
|
||||||
echo 'interface: 10.8.0.1
|
echo 'interface: 10.8.0.1
|
||||||
access-control: 10.8.0.1/24 allow
|
access-control: 10.8.0.1/24 allow
|
||||||
|
|
@ -229,7 +241,7 @@ function installQuestions() {
|
||||||
if [[ $APPROVE_IP =~ n ]]; then
|
if [[ $APPROVE_IP =~ n ]]; then
|
||||||
read -rp "IP address: " -e -i "$IP" IP
|
read -rp "IP address: " -e -i "$IP" IP
|
||||||
fi
|
fi
|
||||||
# If $IP is a private IP address, the server must be behind NAT
|
# If $IP is a private IP address, the server must be behind NAT
|
||||||
if echo "$IP" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then
|
if echo "$IP" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then
|
||||||
echo ""
|
echo ""
|
||||||
echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
|
echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
|
||||||
|
|
@ -652,16 +664,16 @@ function installOpenVPN() {
|
||||||
# the first time.
|
# the first time.
|
||||||
if [[ ! -e /etc/openvpn/server.conf ]]; then
|
if [[ ! -e /etc/openvpn/server.conf ]]; then
|
||||||
if [[ $OS =~ (debian|ubuntu) ]]; then
|
if [[ $OS =~ (debian|ubuntu) ]]; then
|
||||||
apt-get update
|
apt_get_with_retry update
|
||||||
apt-get -y install ca-certificates gnupg
|
apt_get_with_retry -y install ca-certificates gnupg
|
||||||
# We add the OpenVPN repo to get the latest version.
|
# We add the OpenVPN repo to get the latest version.
|
||||||
if [[ $VERSION_ID == "16.04" ]]; then
|
if [[ $VERSION_ID == "16.04" ]]; then
|
||||||
echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list
|
echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" >/etc/apt/sources.list.d/openvpn.list
|
||||||
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
|
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
|
||||||
apt-get update
|
apt_get_with_retry update
|
||||||
fi
|
fi
|
||||||
# Ubuntu > 16.04 and Debian > 8 have OpenVPN >= 2.4 without the need of a third party repository.
|
# Ubuntu > 16.04 and Debian > 8 have OpenVPN >= 2.4 without the need of a third party repository.
|
||||||
apt-get install -y openvpn iptables openssl wget ca-certificates curl
|
apt_get_with_retry install -y openvpn iptables openssl wget ca-certificates curl
|
||||||
elif [[ $OS == 'centos' ]]; then
|
elif [[ $OS == 'centos' ]]; then
|
||||||
yum install -y epel-release
|
yum install -y epel-release
|
||||||
yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*'
|
yum install -y openvpn iptables openssl wget ca-certificates curl tar 'policycoreutils-python*'
|
||||||
|
|
@ -1186,7 +1198,7 @@ function removeUnbound() {
|
||||||
systemctl stop unbound
|
systemctl stop unbound
|
||||||
|
|
||||||
if [[ $OS =~ (debian|ubuntu) ]]; then
|
if [[ $OS =~ (debian|ubuntu) ]]; then
|
||||||
apt-get autoremove --purge -y unbound
|
apt_get_with_retry autoremove --purge -y unbound
|
||||||
elif [[ $OS == 'arch' ]]; then
|
elif [[ $OS == 'arch' ]]; then
|
||||||
pacman --noconfirm -R unbound
|
pacman --noconfirm -R unbound
|
||||||
elif [[ $OS =~ (centos|amzn) ]]; then
|
elif [[ $OS =~ (centos|amzn) ]]; then
|
||||||
|
|
@ -1249,10 +1261,10 @@ function removeOpenVPN() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $OS =~ (debian|ubuntu) ]]; then
|
if [[ $OS =~ (debian|ubuntu) ]]; then
|
||||||
apt-get autoremove --purge -y openvpn
|
apt_get_with_retry autoremove --purge -y openvpn
|
||||||
if [[ -e /etc/apt/sources.list.d/openvpn.list ]]; then
|
if [[ -e /etc/apt/sources.list.d/openvpn.list ]]; then
|
||||||
rm /etc/apt/sources.list.d/openvpn.list
|
rm /etc/apt/sources.list.d/openvpn.list
|
||||||
apt-get update
|
apt_get_with_retry update
|
||||||
fi
|
fi
|
||||||
elif [[ $OS == 'arch' ]]; then
|
elif [[ $OS == 'arch' ]]; then
|
||||||
pacman --noconfirm -R openvpn
|
pacman --noconfirm -R openvpn
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue