Woodie-07
506c86f720
Fix a very small typo ( #933 )
...
Changed the word 'make' to 'makes' in 'Do you want to use compression? It is not recommended since the VORACLE attack make use of it.'
2021-10-20 14:06:11 +02:00
fabiogiorgione
29deb4cfdf
Delete old client references in easy-rsa PKI index ( #873 )
2021-10-18 10:43:36 +02:00
Łukasz Filipek
7d5c2d962d
Enable oracle-epel-release for Oracle Linux ( #930 )
2021-10-18 10:41:06 +02:00
James Lee
8783719459
Add support for AlmaLinux 8 ( #891 )
2021-08-27 15:24:53 +02:00
Stanislas
bcd1d8a53e
Document Rocky Linux support
2021-07-06 10:56:15 +02:00
derek-j-pitman
1d55f856ae
Add support for Rocky Linux 8 ( #869 )
2021-07-06 10:53:12 +02:00
rvva
bfdf48c392
Add support for Oracle Linux 8 ( #810 )
...
Co-authored-by: Stanislas <stanislas.lange@pm.me>
2021-03-22 10:48:15 +01:00
Stanislas Lange
319459ae77
Fix home dir detection
...
Fix e965518dc7
Fix https://github.com/angristan/openvpn-install/issues/806
2021-03-11 18:59:45 +01:00
Stanislas Lange
e965518dc7
Fix home dir detection when using sudo as root
...
Close https://github.com/angristan/openvpn-install/issues/780
2021-03-10 22:16:16 +01:00
Stanislas Lange
d1de5c64fe
apt: use remove instead of autoremove
...
Close https://github.com/angristan/openvpn-install/issues/794
2021-03-10 21:46:52 +01:00
Christoph Schulz
1cc1978477
Compatibility with RHEL+EPEL ( #796 )
2021-02-14 10:54:53 +01:00
quyleanh
860aaa8bf4
Update with latest Adguard DNS server ( #766 )
...
Update latest Adguard DNS server as [following article](https://kb.adguard.com/en/general/dns-providers#adguard-dns )
2020-12-08 20:56:39 +01:00
Stanislas
bd047c08d7
ci: use super-linter ( #683 )
2020-10-21 13:59:49 +02:00
randomshell
7b7567e7cb
Remove key-direction from tls-crypt option ( #748 )
...
In contrast to --tls-auth, --tls-crypt does *not* require the user to set --key-direction. Thus syntax is `--tls-crypt keyfile`
2020-10-21 13:57:45 +02:00
Dave Eargle
2e193e33cb
increase priority of sysctl conf file ( #750 )
...
Prevents GCP cloud platform's default security policy for instances, which uses prefix 60-, from overriding ip_forward. Also future-proofs against any other such default policy.
2020-10-20 23:44:52 +02:00
Stanislas Lange
73c5304fda
style: format with shfmt
2020-10-20 16:42:35 +02:00
Phonic Mouse
cef199916d
Added automatic NAT public IP discovery ( #735 )
2020-10-20 16:31:12 +02:00
Stanislas Lange
1e3006c9ec
Shellcheck: move excludes to action env
2020-08-03 17:50:40 +02:00
Stanislas
e52a54b92f
Merge pull request #699 from Serpentiel/patch-1
...
Updated client name input restrictions and hint
2020-08-03 17:14:22 +02:00
Stanislas
99ebd3d9bc
Merge pull request #691 from cn3lfs/patch-1
...
change mkdir to mkdir -p for directory not exist
2020-07-30 12:45:38 +02:00
randomshell
5c2a86f27e
Update distro compatibility list and remove Debian 8 support ( #654 )
2020-07-28 12:24:57 +02:00
Aleksander
b4773385a4
Updated client name input restrictions and hint
2020-07-17 22:10:31 +03:00
cn3lfs
a35cd2eca4
change mkdir to mkdir -p for directory not exist
...
change mkdir to mkdir -p for directory /etc/openvpn/easy-rsa not exist
2020-06-30 15:14:19 +08:00
robiiinos
9e1fe367bf
Default DNS to AdGuard
2020-06-29 09:09:38 +02:00
robiiinos
ed26d6a649
Update error message on CentOS install
2020-06-27 12:30:20 +02:00
randomshell
317c4dbdbf
Remove easy-rsa <3.0.7 workaround
...
We have easy-rsa 3.0.7 and it's not needed anymore
2020-05-07 20:07:25 +00:00
Stanislas Lange
5e2e67f78d
style: format with shfmt
2020-05-01 00:10:11 +02:00
Henry N
9096af1677
feat: push IPv6 endpoint with DHCP when self-hosted DNS resolver is in use ( #600 )
...
Co-authored-by: randomshell <43271778+randomshell@users.noreply.github.com>
Co-authored-by: Stanislas <angristan@pm.me>
2020-05-01 00:04:38 +02:00
Henry N
80e89836f1
fix: add IPv6 INPUT iptables rule on incoming port ( #601 )
...
Co-authored-by: Stanislas <angristan@pm.me>
2020-04-30 23:42:09 +02:00
Stanislas Lange
ec36253e75
Revert "refactor(install): update policycoreutils-python package name on CentOS"
...
This reverts commit 2370f802b7
.
2020-04-28 11:51:23 +02:00
Stanislas Lange
2370f802b7
refactor(install): update policycoreutils-python package name on CentOS
2020-04-28 11:44:53 +02:00
Stanislas Lange
0e961a2e6b
refactor(install): simplify easy-rsa install process
2020-04-27 19:20:40 +02:00
D. Robin
529d365693
build(easy-rsa): 3.0.6 -> 3.0.7 ( #641 )
2020-04-27 19:10:49 +02:00
Stanislas Lange
369c8dadaa
refactor(menu): remove clear console
2020-04-27 18:06:59 +02:00
Henry N
182c43316f
feat(install): get system IPv6 resolvers if enabled ( #599 )
2020-04-27 18:04:18 +02:00
Stanislas Lange
96e6ea71e9
fix(newClient): exit if client name already taken
...
fix #613
2020-04-27 17:45:58 +02:00
Stanislas Lange
f411d9dec7
fix(revokeClient): fix prompt input check
...
fix #477 #590
2020-04-27 17:36:04 +02:00
Stanislas Lange
c758418c6d
style(script) format with shfmt
2020-04-27 16:25:20 +02:00
Henry N
2a35a3db16
refactor(install): simplify detection of public IP4, add fallback to IPv6 ( #589 )
2020-04-27 16:24:30 +02:00
Stanislas Lange
fdb35b86c6
fix(fedora): install policycoreutils-python-utils for selinux
2020-04-27 16:19:09 +02:00
Stanislas Lange
29980e6bef
style(script) format with shfmt
2020-04-27 16:05:51 +02:00
randomshell
3b2c84b94d
fix(selinux): fix deletion of selinux policy ( #555 )
2020-04-27 16:03:55 +02:00
Stanislas
6cc0022dff
style(script): format with shfmt ( #638 )
...
shfmt -w -s
2020-04-27 14:59:19 +02:00
Stanislas Lange
e3139cd877
Revert "feat(curves): add secp256k1 option ( #315 )"
...
This reverts commit 8d5bb43aed
.
Tested with Viscosity, doesn't work
2020-04-27 14:36:44 +02:00
Sidd
8d5bb43aed
feat(curves): add secp256k1 option ( #315 )
2020-04-27 14:22:35 +02:00
randomshell
62a4ff3b41
fix(client conf): ignore block-outside-dns if not supported ( #628 )
2020-04-27 14:19:25 +02:00
randomshell
159ab9af6e
refactor(revoke client): remove uneeded cleanup ( #607 )
...
The deletion of issued files is handled by easy-rsa.
See function move_revoked() f0129cfe62/easyrsa3/easyrsa (L1050)
2020-04-27 14:12:23 +02:00
John E
fe0b995bdf
feat(headless): make script idempotent
...
This set of changes adjusts the script so that you can run it multiple times with the same input and not have any unexpected changes. This makes it appropriate for "enforcing state", as required by automated provisioners like Puppet, Salt, Chef, or Ansible.
- Unbound, OpenVPN, easy-rsa, and other dependencies are only installed from upstream if they are not already present. This prevents multiple runs of the script from causing unexpected version upgrades.
- The easy-rsa system is put in a folder called "easy-rsa-auto" so it can't conflict with the "easy-rsa" folder from some older OpenVPN packages
- The easy-rsa CA is only initialized once
- SERVER_CN and SERVER_NAME are randomly generated once and saved for future reference
- File append ('>>') is only done strictly after a file is created with '>' (e.g. /etc/sysctl.d/20-openvpn.conf)
- Clients are only added to easy-rsa once
- If AUTO_INSTALL == y, then the script operates in install mode and doesn't enter manageMenu
2020-04-27 13:56:34 +02:00
Stanislas Lange
3b0c2ace90
fix(checkOS): update Ubuntu/Debian compatibility check
2020-04-27 13:37:52 +02:00
randomshell
6989b0d326
Add support for client-configuration-dir ( #609 )
2020-04-10 17:49:07 +02:00