Improve automated install (#395)

#390 follow up, fixes #261

README.md

@@ -43,20 +43,34 @@ It's also possible to run the script headless, e.g. without waiting for user inp
 
 Example usage:
 ```bash
-export APPROVE_INSTALL=y
+AUTO_INSTALL=y ./openvpn-install.sh
-export APPROVE_IP=y
+
-export IPV6_SUPPORT=n
+# or
-export PORT_CHOICE=1
+
-export PROTOCOL_CHOICE=1
+export AUTO_INSTALL=y
-export DNS=1
-export COMPRESSION_ENABLED=n
-export CUSTOMIZE_ENC=n
-export CLIENT=clientname
-export PASS=1
 ./openvpn-install.sh
 ```
 
-If the server is behind NAT, you can specify its endpoint with the `PUBLICIP` variable. It the endpoint is the public IP address which it is behind, you can use `export PUBLICIP=$(curl ifconfig.co)`.
+A default set of variables will then be set, by passing the need for user input.
+
+If you want to customise your installation, you can export them or specify them on the same line, as shown above.
+
+- `APPROVE_INSTALL=y`
+- `APPROVE_IP=y`
+- `IPV6_SUPPORT=n`
+- `PORT_CHOICE=1`
+- `PROTOCOL_CHOICE=1`
+- `DNS=1`
+- `COMPRESSION_ENABLED=n`
+- `CUSTOMIZE_ENC=n`
+- `CLIENT=clientname`
+- `PASS=1`
+
+If the server is behind NAT, you can specify its endpoint with the `ENDPOINT` variable. It the endpoint is the public IP address which it is behind, you can use `ENDPOINT=$(curl ifconfig.co)` (the script will default to this.)
+
+Other variables can be set depending on your choice (encryption, compression). You can search for then in the `installQuestions()` function of the script.
+
+Password-protected clients are not supported by the headless installation method since user input is expected by OpenSSL.
 
 ## Features
 

openvpn-install.sh

@@ -206,8 +206,8 @@ function installQuestions () {
 		echo ""
 		echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
 		echo "We need it for the clients to connect to the server."
-		until [[ "$PUBLICIP" != "" ]]; do
+		until [[ "$ENDPOINT" != "" ]]; do
-			read -rp "Public IPv4 address or hostname: " -e PUBLICIP
+			read -rp "Public IPv4 address or hostname: " -e ENDPOINT
 		done
 	fi
 
@@ -556,8 +556,26 @@ function installQuestions () {
 }
 
 function installOpenVPN () {
+	if [[ $AUTO_INSTALL == "y" ]]; then
+		# Set default choices so that no questions will be asked.
+		APPROVE_INSTALL=${APPROVE_INSTALL:-y}
+		APPROVE_IP=${APPROVE_IP:-y}
+		IPV6_SUPPORT=${IPV6_SUPPORT:-n}
+		PORT_CHOICE=${PORT_CHOICE:-1}
+		PROTOCOL_CHOICE=${PROTOCOL_CHOICE:-1}
+		DNS=${DNS:-1}
+		COMPRESSION_ENABLED=${COMPRESSION_ENABLED:-n}
+		CUSTOMIZE_ENC=${CUSTOMIZE_ENC:-n}
+		CLIENT=${CLIENT:-client}
+		PASS=${PASS:-1}
+
+		# Behind NAT, we'll default to the publicly reachable IPv4.
+		PUBLIC_IPV4=$(curl ifconfig.co)
+		ENDPOINT=${ENDPOINT:-PUBLIC_IPV4}
+	else
 		# Run setup questions first
 		installQuestions
+	fi
 
 	# Get the "public" interface from the default route
 	NIC=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)
@@ -905,8 +923,8 @@ WantedBy=multi-user.target" > /etc/systemd/system/iptables-openvpn.service
 	systemctl start iptables-openvpn
 
 	# If the server is behind a NAT, use the correct IP address for the clients to connect to
-	if [[ "$PUBLICIP" != "" ]]; then
+	if [[ "$ENDPOINT" != "" ]]; then
-		IP=$PUBLICIP
+		IP=$ENDPOINT
 	fi
 
 	# client-template.txt is created so we have a template to add further users later