1
1
mirror of https://github.com/namibia/openvpn-install.git synced 2024-11-18 10:15:11 +00:00
Commit Graph

271 Commits

Author SHA1 Message Date
angristan
9716e868a0 Fix service handling on Ubuntu 16.04 2018-09-27 19:57:01 +02:00
angristan
0648e6a0b7 Fix IPv6 connectivity test 2018-09-27 19:52:52 +02:00
angristan
e4a9851b4f Remove revoked client from ifconfig-pool-persist 2018-09-24 15:24:31 +02:00
angristan
0f117352c7 Remove hardcoded ciphers from Fedora systemd service 2018-09-24 14:33:08 +02:00
angristan
bbea708175 Do not modify package-provided systemd service 2018-09-24 14:26:41 +02:00
angristan
071baf477f Update link, DNS name 2018-09-24 11:45:12 +02:00
angristan
73c52daf84 Add Quad9 uncensored 2018-09-24 11:42:29 +02:00
angristan
1dad1579ad Better code 2018-09-24 11:37:13 +02:00
angristan
8d5d080cc0 Remove plaintext metadata from client certificate 2018-09-24 11:32:43 +02:00
angristan
b0fdb24984 Improve Debian/Ubuntu detection 2018-09-23 22:23:13 +02:00
Jun Hui
c14355a34c Update easy-rsa to 3.0.5 (#301) 2018-09-23 17:09:33 +02:00
angristan
70ebe5620d secp256r1 -> prime256v1 2018-09-23 17:06:15 +02:00
angristan
8e1cf382c3 Fix unset usage 2018-09-23 16:33:59 +02:00
angristan
5a67d3b3e7 Fix regex 2018-09-23 16:30:48 +02:00
GoliathLabs
ecf5f0d623 Add Arch Linux support (#303) 2018-09-23 16:27:36 +02:00
angristan
8de3957afb Disable and stop OpenVPN upon removal 2018-09-23 14:32:24 +02:00
angristan
7f35106687 Fix condition 2018-09-23 14:30:08 +02:00
angristan
09b29ddc9c Fix OS condition 2018-09-23 14:26:28 +02:00
angristan
ef30d3c9df Fix service on Ubuntu 16.04 2018-09-23 14:25:18 +02:00
angristan
e2906fd5e4 Use APT repo for Ubuntu 16.04
Ubuntu 16.04 has OpenVPN 2.3.10
2018-09-23 12:47:52 +02:00
angristan
21f15d9aef Little fixes according to OpenVPN 2.4
Yeah, seconds, really :)
2018-09-23 00:47:18 +02:00
angristan
c2a502be92 Add support for tls-crypt
Choice between tls-auth/tls-crypt
2018-09-22 22:34:10 +02:00
angristan
f716380080 Fixes 2018-09-22 22:33:25 +02:00
angristan
62c89af954 Support ncp-ciphers
Since OpenVPN 2.4, there is negotiable crypto parameters (NCP)
It means you can use a cipher suite like with HTTPS. By default the suite is AES-256-GCM:AES-256-CBC, so that means than since 2.4 is out, everyone using a 2.4 client + server was using AES 256 GCM, regardless of the --cipher option. With this commit, the chosen cipher will be the only cipher in the NCP cipher list, thus fixing this issue.
2018-09-22 18:18:36 +02:00
angristan
a85c13e4ec Move setup questions to installQuestions () 2018-09-22 17:59:21 +02:00
angristan
bbdabedbec Add --auth choice (HMAC digest algorithm) 2018-09-22 17:54:30 +02:00
angristan
e0b4a5aae7 Use read -rp 2018-09-22 16:42:48 +02:00
angristan
3a5e23c5c1 Add ECDH support 2018-09-22 16:41:28 +02:00
angristan
cfa5eed6bd Re-add possibility to use a hostname as the endpoint 2018-09-22 16:17:51 +02:00
angristan
db6a253676 Improve tests using regex 2018-09-22 15:23:01 +02:00
angristan
4d1baca0c7 Add ECDSA support and make tls-cipher configurable 2018-09-22 15:17:13 +02:00
angristan
06e7597942 Use AES-128-GCM by default 2018-09-22 14:25:30 +02:00
angristan
c1b069b501 Fix 10a1d04 2018-09-22 14:23:58 +02:00
angristan
7449bfc550 Remove trailing tabs 2018-09-22 14:21:20 +02:00
angristan
11e023b6dc Use 2048 bits RSA key by default 2018-09-22 14:20:57 +02:00
angristan
10a1d04f3b Add AES GCM support 2018-09-22 14:20:20 +02:00
angristan
36af5ec100 Update DH/RSA defaults 2018-09-22 14:19:51 +02:00
angristan
b898a99485 Add compression support
It is disabled by default.
2018-09-22 14:08:42 +02:00
angristan
7ed823cdf2 Remove OpenVPN APT repo during removal 2018-09-22 11:41:31 +02:00
angristan
c96a71c7d6 Fix OpenVPN repo for Debian 8 2018-09-22 11:40:54 +02:00
angristan
80c0b971d6 Improved and safer code
Thanks to shellcheck!
2018-09-21 23:48:11 +02:00
angristan
76607e781c Sorry... 2018-09-21 22:22:09 +02:00
angristan
a0ff4d7cf9 Improve questions for NATed servers 2018-09-21 21:53:39 +02:00
angristan
4144fa9dff Make encryption customization optional
A lot of people don't know much about cryptography.
Since the script already overwrite OpenVPN's default settings, there is no need for most people to modify them.
2018-09-21 17:17:41 +02:00
xiagw
0f67214490 Improve Debian/Ubuntu version checking (#187) 2018-09-20 22:00:16 +02:00
angristan
0a5c3c1401 Rewrite README 2018-09-20 17:16:04 +02:00
Stanislas
e920f7fbc2
Refactoring, cleanup and fixes (#293) 2018-09-20 00:05:02 +02:00
Stanislas
136a46874e
Rework and cleanup systemd service handling (#294)
* Don't hardcode server.conf in systemd service

* Rework and cleanup service handling
2018-09-18 14:55:00 +02:00
angristan
d3974220ef Fix public interface in iptables rules 2018-09-18 12:37:07 +02:00
angristan
974b80dbc1 Remove unused variables 2018-09-17 18:05:51 +02:00