octoleo/openvpn-install
1
1
Fork 0
mirror of https://github.com/namibia/openvpn-install.git synced 2024-11-15 16:57:09 +00:00
Code Issues Releases Activity

Merge branch 'sysctl'

Browse Source
This commit is contained in:
angristan 2018-09-16 22:50:24 +02:00
commit 67feb34446
1 changed files with 8 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
openvpn-install.sh
View File

@ -21,7 +21,6 @@ if [[ -e /etc/debian_version ]]; then
# Getting the version number, to verify that a recent version of OpenVPN is available # Getting the version number, to verify that a recent version of OpenVPN is available
VERSION_ID=$(grep "VERSION_ID" /etc/os-release) VERSION_ID=$(grep "VERSION_ID" /etc/os-release)
IPTABLES='/etc/iptables/iptables.rules' IPTABLES='/etc/iptables/iptables.rules'
SYSCTL='/etc/sysctl.conf'
if [[ "$VERSION_ID" != 'VERSION_ID="8"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="9"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="14.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="17.10"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="18.04"' ]]; then if [[ "$VERSION_ID" != 'VERSION_ID="8"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="9"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="14.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="16.04"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="17.10"' ]] && [[ "$VERSION_ID" != 'VERSION_ID="18.04"' ]]; then
echo "Your version of Debian/Ubuntu is not supported." echo "Your version of Debian/Ubuntu is not supported."
echo "I can't install a recent version of OpenVPN on your system." echo "I can't install a recent version of OpenVPN on your system."
@ -40,7 +39,6 @@ if [[ -e /etc/debian_version ]]; then
elif [[ -e /etc/fedora-release ]]; then elif [[ -e /etc/fedora-release ]]; then
OS=fedora OS=fedora
IPTABLES='/etc/iptables/iptables.rules' IPTABLES='/etc/iptables/iptables.rules'
SYSCTL='/etc/sysctl.d/openvpn.conf'
elif [[ -e /etc/centos-release ]]; then elif [[ -e /etc/centos-release ]]; then
if ! grep -qs "^CentOS Linux release 7" /etc/centos-release; then if ! grep -qs "^CentOS Linux release 7" /etc/centos-release; then
echo "Your version of CentOS is not supported." echo "Your version of CentOS is not supported."
@ -57,7 +55,6 @@ elif [[ -e /etc/centos-release ]]; then
fi fi
OS=centos OS=centos
IPTABLES='/etc/iptables/iptables.rules' IPTABLES='/etc/iptables/iptables.rules'
SYSCTL='/etc/sysctl.conf'
else else
echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora or CentOS system" echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora or CentOS system"
exit 4 exit 4
@ -297,13 +294,13 @@ if [[ -e /etc/openvpn/server.conf ]]; then
yum remove openvpn -y yum remove openvpn -y
fi fi
OVPNS=$(ls /etc/openvpn/easy-rsa/pki/issued | awk -F "." {'print $1'}) OVPNS=$(ls /etc/openvpn/easy-rsa/pki/issued | awk -F "." {'print $1'})
for i in $OVPNS for i in $OVPNS;do
do rm $(find /home -maxdepth 2 | grep $i.ovpn) 2>/dev/null
rm $(find /home -maxdepth 2 | grep $i.ovpn) 2>/dev/null rm /root/$i.ovpn 2>/dev/null
rm /root/$i.ovpn 2>/dev/null
done done
rm -rf /etc/openvpn rm -rf /etc/openvpn
rm -rf /usr/share/doc/openvpn* rm -rf /usr/share/doc/openvpn*
rm -f /etc/sysctl.d/20-openvpn.conf
if [[ -e /etc/unbound/openvpn.conf ]]; then if [[ -e /etc/unbound/openvpn.conf ]]; then
@ -773,18 +770,13 @@ tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
status /var/log/openvpn/status.log status /var/log/openvpn/status.log
verb 3" >> /etc/openvpn/server.conf verb 3" >> /etc/openvpn/server.conf
# Create log dir # Create log dir
mkdir -p /var/log/openvpn mkdir -p /var/log/openvpn
# Create the sysctl configuration file if needed
if [[ ! -e $SYSCTL ]]; then
touch $SYSCTL
fi
# Enable routing # Enable routing
echo 'net.ipv4.ip_forward=1' >> $SYSCTL echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.d/20-openvpn.conf
if [[ "$IPV6" = 'y' ]]; then if [[ "$IPV6" = 'y' ]]; then
echo 'net.ipv6.conf.all.forwarding=1' >> $SYSCTL echo 'net.ipv6.conf.all.forwarding=1' >> /etc/sysctl.d/20-openvpn.conf
fi fi
# Avoid an unneeded reboot # Avoid an unneeded reboot