Fabio/openvpn-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge c245389b9c into 80feebed16

Browse source
This commit is contained in:
Guo Yunhe 2023-07-23 10:32:22 +00:00 committed by GitHub
commit 95eda68c21
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 44 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
README.md
View file

@ -4,7 +4,7 @@
![Lint](https://github.com/angristan/openvpn-install/workflows/Lint/badge.svg) ![Lint](https://github.com/angristan/openvpn-install/workflows/Lint/badge.svg)
[![Say Thanks!](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg)](https://saythanks.io/to/angristan) [![Say Thanks!](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg)](https://saythanks.io/to/angristan)
OpenVPN installer for Debian, Ubuntu, Fedora, CentOS, Arch Linux, Oracle Linux, Rocky Linux and AlmaLinux. OpenVPN installer for Debian, Ubuntu, Fedora, openSUSE, CentOS, Arch Linux, Oracle Linux, Rocky Linux and AlmaLinux.
This script will let you setup your own secure VPN server in just a few seconds. This script will let you setup your own secure VPN server in just a few seconds.
@ -115,18 +115,20 @@ export PASS="1"
The script supports these Linux distributions: The script supports these Linux distributions:
| | Support | | | Support |
| ------------------ | ------- | | ------------------- | ------- |
| AlmaLinux 8 | ✅ | | AlmaLinux 8 | ✅ |
| Amazon Linux 2 | ✅ | | Amazon Linux 2 | ✅ |
| Arch Linux | ✅ | | Arch Linux | ✅ |
| CentOS 7 | ✅ 🤖 | | CentOS 7 | ✅ 🤖 |
| CentOS Stream >= 8 | ✅ 🤖 | | CentOS Stream >= 8 | ✅ 🤖 |
| Debian >= 10 | ✅ 🤖 | | Debian >= 10 | ✅ 🤖 |
| Fedora >= 35 | ✅ 🤖 | | Fedora >= 35 | ✅ 🤖 |
| Oracle Linux 8 | ✅ | | openSUSE Leap 15.4+ | ✅ 🤖 |
| Rocky Linux 8 | ✅ | | openSUSE Tumbleweed | ✅ 🤖 |
| Ubuntu >= 18.04 | ✅ 🤖 | | Oracle Linux 8 | ✅ |
| Rocky Linux 8 | ✅ |
| Ubuntu >= 18.04 | ✅ 🤖 |
To be noted: To be noted:

41
openvpn-install.sh
View file

@ -50,12 +50,13 @@ function checkOS() {
fi fi
fi fi
fi fi
elif [[ -e /etc/system-release ]]; then elif [[ -e /etc/os-release ]]; then
source /etc/os-release source /etc/os-release
if [[ $ID == "fedora" || $ID_LIKE == "fedora" ]]; then if [[ $ID == "fedora" || $ID_LIKE == "fedora" ]]; then
OS="fedora" OS="fedora"
fi elif [[ $ID == "opensuse-leap" || $ID == "opensuse-tumbleweed" ]]; then
if [[ $ID == "centos" || $ID == "rocky" || $ID == "almalinux" ]]; then OS="opensuse"
elif [[ $ID == "centos" || $ID == "rocky" || $ID == "almalinux" ]]; then
OS="centos" OS="centos"
if [[ $VERSION_ID -lt 7 ]]; then if [[ $VERSION_ID -lt 7 ]]; then
echo "⚠️ Your version of CentOS is not supported." echo "⚠️ Your version of CentOS is not supported."
@ -64,8 +65,7 @@ function checkOS() {
echo "" echo ""
exit 1 exit 1
fi fi
fi elif [[ $ID == "ol" ]]; then
if [[ $ID == "ol" ]]; then
OS="oracle" OS="oracle"
if [[ ! $VERSION_ID =~ (8) ]]; then if [[ ! $VERSION_ID =~ (8) ]]; then
echo "Your version of Oracle Linux is not supported." echo "Your version of Oracle Linux is not supported."
@ -73,8 +73,7 @@ function checkOS() {
echo "The script only support Oracle Linux 8." echo "The script only support Oracle Linux 8."
exit 1 exit 1
fi fi
fi elif [[ $ID == "amzn" ]]; then
if [[ $ID == "amzn" ]]; then
OS="amzn" OS="amzn"
if [[ $VERSION_ID != "2" ]]; then if [[ $VERSION_ID != "2" ]]; then
echo "⚠️ Your version of Amazon Linux is not supported." echo "⚠️ Your version of Amazon Linux is not supported."
@ -86,8 +85,10 @@ function checkOS() {
fi fi
elif [[ -e /etc/arch-release ]]; then elif [[ -e /etc/arch-release ]]; then
OS=arch OS=arch
else fi
echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora, CentOS, Amazon Linux 2, Oracle Linux 8 or Arch Linux system"
if [[ -z "$OS" ]]; then
echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora, openSUSE, CentOS, Amazon Linux 2, Oracle Linux 8 or Arch Linux system"
exit 1 exit 1
fi fi
} }
@ -139,6 +140,16 @@ prefetch: yes' >>/etc/unbound/unbound.conf
sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf
sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf
elif [[ $OS == "opensuse" ]]; then
zypper install -y unbound
# Configuration
sed -i 's|# interface: 0.0.0.0$|interface: 10.8.0.1|' /etc/unbound/unbound.conf
sed -i 's|# access-control: 127.0.0.0/8 allow|access-control: 10.8.0.1/24 allow|' /etc/unbound/unbound.conf
sed -i 's|# hide-identity: no|hide-identity: yes|' /etc/unbound/unbound.conf
sed -i 's|# hide-version: no|hide-version: yes|' /etc/unbound/unbound.conf
sed -i 's|# use-caps-for-id: no|use-caps-for-id: yes|' /etc/unbound/unbound.conf
elif [[ $OS == "arch" ]]; then elif [[ $OS == "arch" ]]; then
pacman -Syu --noconfirm unbound pacman -Syu --noconfirm unbound
@ -174,7 +185,7 @@ prefetch: yes' >>/etc/unbound/unbound.conf
access-control: fd42:42:42:42::/112 allow' >>/etc/unbound/unbound.conf access-control: fd42:42:42:42::/112 allow' >>/etc/unbound/unbound.conf
fi fi
if [[ ! $OS =~ (fedora|centos|amzn|oracle) ]]; then if [[ ! $OS =~ (fedora|opensuse|centos|amzn|oracle) ]]; then
# DNS Rebinding fix # DNS Rebinding fix
echo "private-address: 10.0.0.0/8 echo "private-address: 10.0.0.0/8
private-address: fd42:42:42:42::/112 private-address: fd42:42:42:42::/112
@ -687,6 +698,8 @@ function installOpenVPN() {
yum install -y openvpn iptables openssl wget ca-certificates curl yum install -y openvpn iptables openssl wget ca-certificates curl
elif [[ $OS == 'fedora' ]]; then elif [[ $OS == 'fedora' ]]; then
dnf install -y openvpn iptables openssl wget ca-certificates curl policycoreutils-python-utils dnf install -y openvpn iptables openssl wget ca-certificates curl policycoreutils-python-utils
elif [[ $OS == 'opensuse' ]]; then
zypper install -y openvpn iptables openssl wget ca-certificates curl policycoreutils-python-utils
elif [[ $OS == 'arch' ]]; then elif [[ $OS == 'arch' ]]; then
# Install required dependencies and upgrade the system # Install required dependencies and upgrade the system
pacman --needed --noconfirm -Syu openvpn iptables openssl wget ca-certificates curl pacman --needed --noconfirm -Syu openvpn iptables openssl wget ca-certificates curl
@ -924,7 +937,7 @@ verb 3" >>/etc/openvpn/server.conf
fi fi
# Finally, restart and enable OpenVPN # Finally, restart and enable OpenVPN
if [[ $OS == 'arch' || $OS == 'fedora' || $OS == 'centos' || $OS == 'oracle' ]]; then if [[ $OS == 'arch' || $OS == 'fedora' || $OS == 'opensuse' || $OS == 'centos' || $OS == 'oracle' ]]; then
# Don't modify package-provided service # Don't modify package-provided service
cp /usr/lib/systemd/system/openvpn-server@.service /etc/systemd/system/openvpn-server@.service cp /usr/lib/systemd/system/openvpn-server@.service /etc/systemd/system/openvpn-server@.service
@ -1213,6 +1226,8 @@ function removeUnbound() {
yum remove -y unbound yum remove -y unbound
elif [[ $OS == 'fedora' ]]; then elif [[ $OS == 'fedora' ]]; then
dnf remove -y unbound dnf remove -y unbound
elif [[ $OS == 'opensuse' ]]; then
zypper remove -y unbound
fi fi
rm -rf /etc/unbound/ rm -rf /etc/unbound/
@ -1235,7 +1250,7 @@ function removeOpenVPN() {
PROTOCOL=$(grep '^proto ' /etc/openvpn/server.conf | cut -d " " -f 2) PROTOCOL=$(grep '^proto ' /etc/openvpn/server.conf | cut -d " " -f 2)
# Stop OpenVPN # Stop OpenVPN
if [[ $OS =~ (fedora|arch|centos|oracle) ]]; then if [[ $OS =~ (fedora|opensuse|arch|centos|oracle) ]]; then
systemctl disable openvpn-server@server systemctl disable openvpn-server@server
systemctl stop openvpn-server@server systemctl stop openvpn-server@server
# Remove customised service # Remove customised service
@ -1280,6 +1295,8 @@ function removeOpenVPN() {
yum remove -y openvpn yum remove -y openvpn
elif [[ $OS == 'fedora' ]]; then elif [[ $OS == 'fedora' ]]; then
dnf remove -y openvpn dnf remove -y openvpn
elif [[ $OS == 'opensuse' ]]; then
zypper remove -y openvpn
fi fi
# Cleanup # Cleanup