1
1
mirror of https://github.com/namibia/openvpn-install.git synced 2025-01-05 12:32:09 +00:00

Combine latest and legacy version

This commit is contained in:
Angristan 2016-03-15 19:11:35 +01:00
parent f5ebe9d01d
commit 157c27512a

View File

@ -169,8 +169,15 @@ else
echo "I need to ask you a few questions before starting the setup" echo "I need to ask you a few questions before starting the setup"
echo "You can leave the default options and just press enter if you are ok with them" echo "You can leave the default options and just press enter if you are ok with them"
echo "" echo ""
echo "First I need to know the IPv4 address of the network interface you want OpenVPN" echo "First, choose which variant of the script you want to use."
echo "listening to." echo "Read carefully the README on GitHub before choosing. Use legacy of you're not sure."
echo " 1) Latest (High encryption, not compatible with all servers and clients)"
echo " 2) Legacy (Work with most devices)"
read -p "Variant [1-2]: " -e -i 2 VER
echo ""
echo "I need to know the IPv4 address of the network interface you want OpenVPN listening to."
echo "If you server is running behind a NAT, (e.g. LowEndSpirit, Scaleway) leave the IP adress as it is. (10.x.x.x)"
echo "Otherwise, it sould be your public IPv4 address."
read -p "IP address: " -e -i $IP IP read -p "IP address: " -e -i $IP IP
echo "" echo ""
echo "What port do you want for OpenVPN?" echo "What port do you want for OpenVPN?"
@ -232,11 +239,18 @@ ca ca.crt
cert server.crt cert server.crt
key server.key key server.key
dh dh.pem dh dh.pem
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
tls-version-min 1.2
topology subnet topology subnet
server 10.8.0.0 255.255.255.0 server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf
if [[ "$VER" = '1' ]]; then
#If we're using the latest variant
echo "tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
tls-version-min 1.2" >> /etc/openvpn/server.conf
else
# If the user slected legacy
# Or if the user selected a non-existant variant, we fallback to legacy
echo "cipher AES-256-CBC" >> /etc/openvpn/server.conf
fi
echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf
# DNS # DNS
case $DNS in case $DNS in
@ -361,9 +375,16 @@ nobind
persist-key persist-key
persist-tun persist-tun
remote-cert-tls server remote-cert-tls server
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
tls-version-min 1.2
comp-lzo" > /etc/openvpn/client-common.txt comp-lzo" > /etc/openvpn/client-common.txt
if [[ "$VER" = '1' ]]; then
#If we're using the latest variant
echo "tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
tls-version-min 1.2" >> /etc/openvpn/client-common.txt
else
# If the user slected legacy
# Or if the user selected a non-existant variant, we fallback to legacy
echo "cipher AES-256-CBC" >> /etc/openvpn/client-common.txt
fi
# Generates the custom client.ovpn # Generates the custom client.ovpn
newclient "$CLIENT" newclient "$CLIENT"
echo "" echo ""