Fabio/openvpn-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
521 commits 5 branches 0 tags 1.7 MiB
Commit graph

521 commits

This branch
This branch
All branches
Author SHA1 Message Date
John E
e8074a485d
Fix easy-rsa old version removal 
The removal of an old version of easy-rsa should only happen if OpenVPN is being installed for the first time.
 2020-04-25 17:40:36 -07:00
John E
5805cc03b2 Change PUBLIC_IPV4 to PUBLIC_IP for IPv4/v6 2020-04-19 08:20:15 -07:00
John E
b983e721ed Use HTTPS when determining public IPv4/IPv6 2020-04-19 08:20:04 -07:00
John E
6db5c2e6ad Use original easy-rsa name (round 2) 
Co-Authored-By: randomshell <43271778+randomshell@users.noreply.github.com>
 2020-04-19 08:19:54 -07:00
John E
6abaf59a23 Use original easy-rsa name instead of easy-rsa-auto 
Co-Authored-By: randomshell <43271778+randomshell@users.noreply.github.com>
 2020-04-19 08:19:21 -07:00
John E
5bfaf384f8 Mention Ansible in README under idempotent headless mode 2020-04-19 08:18:53 -07:00
John E
a939ac72a9 Idempotent in headless mode 
This set of changes adjusts the script so that you can run it multiple times with the same input and not have any unexpected changes. This makes it appropriate for "enforcing state", as required by automated provisioners like Puppet, Salt, Chef, or Ansible.

 - Unbound, OpenVPN, easy-rsa, and other dependencies are only installed from upstream if they are not already present. This prevents multiple runs of the script from causing unexpected version upgrades.
 - The easy-rsa system is put in a folder called "easy-rsa-auto" so it can't conflict with the "easy-rsa" folder from some older OpenVPN packages
 - The easy-rsa CA is only initialized once
 - SERVER_CN and SERVER_NAME are randomly generated once and saved for future reference
 - File append ('>>') is only done strictly after a file is created with '>' (e.g. /etc/sysctl.d/20-openvpn.conf)
 - Clients are only added to easy-rsa once
 - If AUTO_INSTALL == y, then the script operates in install mode and doesn't enter manageMenu
 2020-04-19 08:18:33 -07:00
Stanislas
c2a4edc714
Re-add SayThanks.io 2020-04-18 21:18:54 +02:00
randomshell
6989b0d326
Add support for client-configuration-dir (#609) 2020-04-10 17:49:07 +02:00
randomshell
2c9c0ed0c3
Improve sed line deletion (#608) 2020-04-10 11:42:57 +02:00
randomshell
ef5d5faf30
Change = conditional to == (#591) 2020-04-06 14:51:58 +02:00
Henry N
6e8aeb3505
Uninstallation: restart unbound only if not removed (#612) 2020-04-06 14:41:10 +02:00
Stanislas
7e7a494f59
Remove wiki link 2020-04-04 11:55:08 +02:00
Stanislas
d31efe9e7b
Move FAQ from wiki to git to allow contributions (#611) 
Signed-off-by: Stanislas Lange <angristan@pm.me>
 2020-04-04 11:54:17 +02:00
Stanislas
d958c15909
🤦‍♂️ 2020-04-03 11:13:57 +02:00
Henry N
e123635e7c
Add comments to some DNS options in code (#598) 2020-04-02 16:30:50 +02:00
randomshell
7ed9cac8d7
Change Adguard DNS to Anycast (#596) 
See map at https://adguard.com/en/adguard-dns/overview.html
 2020-03-31 23:05:44 +02:00
Henry N
44105eb060 Fix systemd unit issue on Debian 9 (#585) 
On Debian 9 the copy of unit file `/etc/systemd/system/openvpn@.service` has no effect, see #583.
Same problem as #129 and #378, unit can not start on OpenVZ.

It must execute `systemctl enable` before `systemctl restart`.
So the new link to `/etc/systemd/system/openvpn@.service` was created before `systemctl restart`.

Fix https://github.com/angristan/openvpn-install/issues/583
 2020-03-28 15:41:37 +01:00
Henry N
3d075c8708
Print warning about empty public interface (#581) 
Warning, if cannot detect public interface, and give user a choice to continue or abord.
 2020-03-26 21:27:16 +01:00
Henry N
23e533431a
Fix error messag mkdir /etc/iptables (#580) 
Fix this error message:
mkdir: cannot create directory ‘/etc/iptables’: File exists
 2020-03-26 21:24:50 +01:00
Henry N
130659b003
Add explicit-exit-notify for UDP (#579) 
For faster reconnects with UDP is better to send the the explicit-exit-notify to server. With this the server can directly see, that the client will exit.
 2020-03-26 21:24:20 +01:00
Stanislas
14bcfbd531
Run action on PRs (#582) 2020-03-26 21:22:48 +01:00
Henry N
aab5e7b2ff
Fix getting pulic interface in IPv6 only (#578) 
In a IPv6 only environment, the variable $NIC would be empty and iptables in add-openvpn-rules.sh will fail by missing argument.
 2020-03-26 21:22:22 +01:00
randomshell
6bb87ae716
Install semanage command on CentoOS (#554) 
CentOS has selinux enabled by default but it hasn't the `semanage` command required to run OpenVPN on another port.
'policycoreutils-python*' match `policycoreutils-python' in CentOS 7 and `policycoreutils-python-utils` in Centos 8.
 2020-03-14 20:25:22 +01:00
xPakrikx
3f2ad88cbf
Custom DNS option wrong value fix (#559) 
Custom DNS option wrong value fix
 2020-03-10 10:43:13 +01:00
Stanislas Lange
7a4f9278e7 Add new DNS option: NextDNS 2020-03-03 23:04:18 +01:00
Stanislas
006167b3c7
Doc: Add Viscosity as a supported macOS client 2020-02-20 23:57:43 +01:00
angristan
4b0f47b534 Fix Fedora detection 2020-01-27 18:08:06 +01:00
Stanislas
69c4751236
Remove saythanks.io :( 
RIP https://github.com/BlitzKraft/saythanks.io/issues/60
 2020-01-27 17:40:40 +01:00
Stanislas
caa571f768
Fix GitHub action (#515) 2019-11-11 15:37:09 +09:00
Safa Bayar
12ba1a9d9a Add Centos 8 Support (#506) 2019-11-11 15:18:34 +09:00
Dominic Dumrauf
40a9fb975a Documenting One-Stop Solution for AWS (#490) 2019-10-02 11:40:49 +09:00
Rhys Perry
a3ed51df0c Update supported architectures (#492) 2019-09-23 16:41:58 +09:00
Dominic Dumrauf
7e8fd767aa Updating documentation around existing headless user addition feature (#488) 
This closes #422
 2019-09-19 16:59:20 +09:00
Stanislas
bc109db04f
Add support for custom DNS input (#470) 
Close #258 #260

Co-authored-by: Sayem Chowdhury <sayem314@gmail.com>
 2019-08-20 21:02:47 +02:00
Stanislas
4080585ab5
Workaround to remove unharmful easy-rsa error (#469) 
Until easy-rsa 3.0.7.

https://github.com/OpenVPN/easy-rsa/issues/261

Fix #454
 2019-08-20 21:02:05 +02:00
Stanislas
04141c6c91
Support Raspbian (#462) 
Fix #382
 2019-08-20 21:01:35 +02:00
angristan
0e3e7f2705 Update sysctl comment 2019-08-20 17:58:51 +02:00
Stanislas
cee02eb803
Fix CentOS detection during install (#468) 
Fix #463
 2019-08-20 13:36:16 +02:00
Stanislas
1acab15a26
Insert iptables rules at the top (#466) 
Fix #346 #465
 2019-08-20 11:55:43 +02:00
Stanislas Lange
f207302334 Revert "Insert iptables rules at the top (#461)" 
This reverts commit de021b67d5.
 2019-08-20 11:20:24 +02:00
Stanislas
de021b67d5
Insert iptables rules at the top (#461) 
Fix #346
 2019-08-20 00:24:01 +02:00
angristan
6c4104c25d Update ISSUE_TEMPLATE.md 2019-08-19 23:50:17 +02:00
Stanislas
30735c91d8
Add Amazon Linux 2 support (#459) 2019-08-19 23:25:48 +02:00
Stanislas
2aab3792ca
Remove Travis Badge from README 
Since we use Actions now.
 2019-08-16 18:33:16 +02:00
angristan
d904476647 Fix github action 2019-08-16 18:31:46 +02:00
angristan
85c3f77d01 Fix workflows path 2019-08-16 18:30:25 +02:00
Stanislas
4fe6541a8d
Add GitHub actions workflow for shellcheck (#458) 
* Remove Travis

* Add GitHub actions workflow for shellcheck
 2019-08-16 18:28:12 +02:00
Stanislas
b095c23496
Update README.md 
My username is lowercase now
 2019-07-28 23:31:34 +02:00
Stanislas
a57f5e69ba
Debian 10 + armhf = OK (#450) 2019-07-17 18:14:24 +02:00