Merge pull request #1048 from shelleycat485/master

Both wireguard and openvpn can be installed together (Issue #968)
This commit is contained in:
Orazio 2020-05-19 14:06:58 +02:00 committed by GitHub
commit 35f07b2147
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 294 additions and 124 deletions

View file

@ -5,6 +5,9 @@
About
-----
Modification that allows installing both openvpn and wireguard on the same machine. To do this, run the installer twice locally, makeing sure you are going to pull branch test.
Visit the [PiVPN](https://pivpn.io) site for more information.
This is a set of shell scripts initially developed by **@0-kaladin** that serve to easily turn your Raspberry Pi (TM)
into a VPN server using two free, open-source protocols:

View file

@ -10,10 +10,16 @@
# curl -L https://install.pivpn.io | bash
# Make sure you have `curl` installed
# timestamp 2020/5/14 15:29BST
######## VARIABLES #########
pivpnGitUrl="https://github.com/pivpn/pivpn.git"
setupVars="/etc/pivpn/setupVars.conf"
pivpnFilesDir="/etc/.pivpn"
#pivpnGitUrl="/home/ubuntu/repos/pivpn"
setupVarsFile="setupVars.conf"
setupConfigDir="/etc/pivpn"
tempsetupVarsFile="/tmp/setupVars.conf"
pivpnFilesDir="/etc/.pivpn"
pivpnScriptDir="/opt/pivpn"
piholeSetupVars="/etc/pihole/setupVars.conf"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
@ -118,7 +124,14 @@ main(){
fi
fi
if [ -r "$setupVars" ]; then
# see which setup already exists
if [ -r "${setupConfigDir}/wireguard/${setupVarsFile}" ]; then
setupVars="${setupConfigDir}/wireguard/${setupVarsFile}"
elif [ -r "${setupConfigDir}/openvpn/${setupVarsFile}" ]; then
setupVars="${setupConfigDir}/openvpn/${setupVarsFile}"
fi
if [ -r "$setupVars" ]; then
if [[ "${reconfigure}" == true ]]; then
echo "::: --reconfigure passed to install script, will reinstall PiVPN overwriting existing settings"
UpdateCmd="Reconfigure"
@ -126,18 +139,18 @@ main(){
### What should the script do when passing --unattended to an existing installation?
UpdateCmd="Reconfigure"
else
askAboutExistingInstall
askAboutExistingInstall ${setupVars}
fi
fi
if [ -z "$UpdateCmd" ] || [ "$UpdateCmd" = "Reconfigure" ]; then
:
elif [ "$UpdateCmd" = "Update" ]; then
$SUDO /opt/pivpn/update.sh "$@"
$SUDO ${pivpnScriptDir}/update.sh "$@"
exit 0
elif [ "$UpdateCmd" = "Repair" ]; then
# shellcheck disable=SC1090
source "$setupVars"
source "$setupVars"
runUnattended=true
fi
@ -203,8 +216,10 @@ main(){
fi
# Save installation setting to the final location
echo "INSTALLED_PACKAGES=(${INSTALLED_PACKAGES[*]})" >> /tmp/setupVars.conf
$SUDO cp /tmp/setupVars.conf "$setupVars"
echo "INSTALLED_PACKAGES=(${INSTALLED_PACKAGES[*]})" >> ${tempsetupVarsFile}
echo "::: Setupfiles copied to ${setupConfigDir}/${VPN}/${setupVarsFile}"
$SUDO mkdir "${setupConfigDir}/${VPN}/"
$SUDO cp ${tempsetupVarsFile} "${setupConfigDir}/${VPN}/${setupVarsFile}"
installScripts
@ -229,7 +244,7 @@ askAboutExistingInstall(){
opt3a="Reconfigure"
opt3b="Reinstall PiVPN with new settings"
UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\nWe have detected an existing install.\n\nPlease choose from the following options:" ${r} ${c} 3 \
UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\nWe have detected an existing install.\n$1\n\nPlease choose from the following options:" ${r} ${c} 3 \
"${opt1a}" "${opt1b}" \
"${opt2a}" "${opt2b}" \
"${opt3a}" "${opt3b}" 3>&2 2>&1 1>&3) || \
@ -287,8 +302,8 @@ distroCheck(){
BASE_DEPS+=(dhcpcd5)
fi
echo "PLAT=${PLAT}" > /tmp/setupVars.conf
echo "OSCN=${OSCN}" >> /tmp/setupVars.conf
echo "PLAT=${PLAT}" > ${tempsetupVarsFile}
echo "OSCN=${OSCN}" >> ${tempsetupVarsFile}
}
noOSSupport(){
@ -470,7 +485,7 @@ preconfigurePackages(){
echo iptables-persistent iptables-persistent/autosave_v6 boolean false | $SUDO debconf-set-selections
fi
echo "USING_UFW=${USING_UFW}" >> /tmp/setupVars.conf
echo "USING_UFW=${USING_UFW}" >> ${tempsetupVarsFile}
}
installDependentPackages(){
@ -581,12 +596,12 @@ if [ "${runUnattended}" = 'true' ]; then
exit 1
fi
fi
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf
echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
return
else
if [ "$interfaceCount" -eq 1 ]; then
IPv4dev="${availableInterfaces}"
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf
echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
return
fi
fi
@ -596,7 +611,7 @@ if chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2
for desiredInterface in ${chooseInterfaceOptions}; do
IPv4dev=${desiredInterface}
echo "::: Using interface: $IPv4dev"
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf
echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
done
else
echo "::: Cancel selected, exiting...."
@ -711,9 +726,9 @@ getStaticIPv4Settings() {
echo "::: Skipping setting static IP address"
fi
echo "dhcpReserv=${dhcpReserv}" >> /tmp/setupVars.conf
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf
echo "dhcpReserv=${dhcpReserv}" >> ${tempsetupVarsFile}
echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
return
fi
@ -735,10 +750,10 @@ No: Setup static IP address
Don't know what DHCP Reservation is? Answer No." ${r} ${c}); then
dhcpReserv=1
# shellcheck disable=SC2129
echo "dhcpReserv=${dhcpReserv}" >> /tmp/setupVars.conf
echo "dhcpReserv=${dhcpReserv}" >> ${tempsetupVarsFile}
# We don't really need to save them as we won't set a static IP but they might be useful for debugging
echo "IPv4addr=${CurrentIPv4addr}" >> /tmp/setupVars.conf
echo "IPv4gw=${CurrentIPv4gw}" >> /tmp/setupVars.conf
echo "IPv4addr=${CurrentIPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${CurrentIPv4gw}" >> ${tempsetupVarsFile}
else
# Ask if the user wants to use DHCP settings as their static IP
if (whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno "Do you want to use your current network settings as a static address?
@ -747,8 +762,8 @@ Don't know what DHCP Reservation is? Answer No." ${r} ${c}); then
Gateway: ${CurrentIPv4gw}" ${r} ${c}); then
IPv4addr=${CurrentIPv4addr}
IPv4gw=${CurrentIPv4gw}
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf
echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
# If they choose yes, let the user know that the IP address will not be available via DHCP and may cause a conflict.
whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" "It is possible your router could still try to assign this IP to a device, which would cause a conflict. But in most cases the router is smart enough to not do that.
@ -803,8 +818,8 @@ It is also possible to use a DHCP reservation, but if you are going to do that,
IP address: ${IPv4addr}
Gateway: ${IPv4gw}" ${r} ${c}); then
# If the settings are correct, then we need to set the pivpnIP
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf
echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
# After that's done, the loop ends and we move on
ipSettingsCorrect=True
else
@ -867,8 +882,8 @@ chooseUser(){
fi
install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6)
install_home=${install_home%/}
echo "install_user=${install_user}" >> /tmp/setupVars.conf
echo "install_home=${install_home}" >> /tmp/setupVars.conf
echo "install_user=${install_user}" >> ${tempsetupVarsFile}
echo "install_home=${install_home}" >> ${tempsetupVarsFile}
return
fi
@ -915,8 +930,8 @@ chooseUser(){
echo "::: Using User: $install_user"
install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6)
install_home=${install_home%/} # remove possible trailing slash
echo "install_user=${install_user}" >> /tmp/setupVars.conf
echo "install_home=${install_home}" >> /tmp/setupVars.conf
echo "install_user=${install_user}" >> ${tempsetupVarsFile}
echo "install_home=${install_home}" >> ${tempsetupVarsFile}
done
else
echo "::: Cancel selected, exiting...."
@ -1034,13 +1049,13 @@ installPiVPN(){
confWireGuard
confNetwork
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf
echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
fi
echo "pivpnDEV=${pivpnDEV}" >> /tmp/setupVars.conf
echo "pivpnNET=${pivpnNET}" >> /tmp/setupVars.conf
echo "subnetClass=${subnetClass}" >> /tmp/setupVars.conf
echo "pivpnDEV=${pivpnDEV}" >> ${tempsetupVarsFile}
echo "pivpnNET=${pivpnNET}" >> ${tempsetupVarsFile}
echo "subnetClass=${subnetClass}" >> ${tempsetupVarsFile}
}
askWhichVPN(){
@ -1093,7 +1108,7 @@ askWhichVPN(){
fi
fi
echo "VPN=${VPN}" >> /tmp/setupVars.conf
echo "VPN=${VPN}" >> ${tempsetupVarsFile}
}
downloadVerifyKey(){
@ -1295,7 +1310,7 @@ askCustomProto(){
exit 1
fi
fi
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf
echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
return
fi
@ -1308,7 +1323,7 @@ askCustomProto(){
# Convert option into lowercase (UDP->udp)
pivpnPROTO="${pivpnPROTO,,}"
echo "::: Using protocol: $pivpnPROTO"
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf
echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
else
echo "::: Cancel selected, exiting...."
exit 1
@ -1338,7 +1353,7 @@ askCustomPort(){
exit 1
fi
fi
echo "pivpnPORT=${pivpnPORT}" >> /tmp/setupVars.conf
echo "pivpnPORT=${pivpnPORT}" >> ${tempsetupVarsFile}
return
fi
@ -1381,7 +1396,7 @@ askCustomPort(){
fi
done
# write out the port
echo "pivpnPORT=${pivpnPORT}" >> /tmp/setupVars.conf
echo "pivpnPORT=${pivpnPORT}" >> ${tempsetupVarsFile}
}
askClientDNS(){
@ -1414,8 +1429,8 @@ askClientDNS(){
exit 1
fi
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf
echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
return
fi
@ -1450,8 +1465,8 @@ askClientDNS(){
# Use the Raspberry Pi VPN IP as DNS server.
pivpnDNS1="$vpnGw"
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf
echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
return
fi
fi
@ -1536,8 +1551,8 @@ askClientDNS(){
exit 1
fi
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf
echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
}
#Call this function to use a regex to check user input for a valid custom domain
@ -1564,7 +1579,7 @@ askCustomDomain(){
else
echo "::: Skipping custom domain"
fi
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> /tmp/setupVars.conf
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> ${tempsetupVarsFile}
return
fi
@ -1593,7 +1608,7 @@ askCustomDomain(){
done
fi
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> /tmp/setupVars.conf
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> ${tempsetupVarsFile}
}
askPublicIPOrDNS(){
@ -1619,7 +1634,7 @@ askPublicIPOrDNS(){
exit 1
fi
fi
echo "pivpnHOST=${pivpnHOST}" >> /tmp/setupVars.conf
echo "pivpnHOST=${pivpnHOST}" >> ${tempsetupVarsFile}
return
fi
@ -1663,7 +1678,7 @@ askPublicIPOrDNS(){
exit 1
fi
echo "pivpnHOST=${pivpnHOST}" >> /tmp/setupVars.conf
echo "pivpnHOST=${pivpnHOST}" >> ${tempsetupVarsFile}
}
askEncryption(){
@ -1712,9 +1727,9 @@ askEncryption(){
fi
fi
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> /tmp/setupVars.conf
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> ${tempsetupVarsFile}
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> ${tempsetupVarsFile}
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> ${tempsetupVarsFile}
return
fi
@ -1746,9 +1761,9 @@ askEncryption(){
USE_PREDEFINED_DH_PARAM=0
fi
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> /tmp/setupVars.conf
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> ${tempsetupVarsFile}
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> ${tempsetupVarsFile}
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> ${tempsetupVarsFile}
}
cidrToMask(){
@ -2091,8 +2106,8 @@ confNetwork(){
;;
esac
echo "INPUT_CHAIN_EDITED=${INPUT_CHAIN_EDITED}" >> /tmp/setupVars.conf
echo "FORWARD_CHAIN_EDITED=${FORWARD_CHAIN_EDITED}" >> /tmp/setupVars.conf
echo "INPUT_CHAIN_EDITED=${INPUT_CHAIN_EDITED}" >> ${tempsetupVarsFile}
echo "FORWARD_CHAIN_EDITED=${FORWARD_CHAIN_EDITED}" >> ${tempsetupVarsFile}
fi
}
@ -2155,7 +2170,7 @@ askUnattendedUpgrades(){
echo "::: Skipping unattended upgrades"
fi
fi
echo "UNATTUPG=${UNATTUPG}" >> /tmp/setupVars.conf
echo "UNATTUPG=${UNATTUPG}" >> ${tempsetupVarsFile}
return
fi
@ -2167,7 +2182,7 @@ askUnattendedUpgrades(){
UNATTUPG=0
fi
echo "UNATTUPG=${UNATTUPG}" >> /tmp/setupVars.conf
echo "UNATTUPG=${UNATTUPG}" >> ${tempsetupVarsFile}
}
confUnattendedUpgrades(){
@ -2220,27 +2235,46 @@ confUnattendedUpgrades(){
installScripts(){
# Install the scripts from /etc/.pivpn to their various locations
echo ":::"
echo -n -e "::: Installing scripts to /opt/pivpn...\n"
if [ ! -d /opt/pivpn ]; then
$SUDO mkdir -p /opt/pivpn
$SUDO chown root:root /opt/pivpn
$SUDO chmod 0755 /opt/pivpn
echo -n -e "::: Installing scripts to ${pivpnScriptDir}...\n"
if [ ! -d "${pivpnScriptDir}/${VPN}" ]; then
$SUDO install -m 0755 -o root -d ${pivpnScriptDir}/${VPN}
fi
$SUDO install -m 755 -t ${pivpnScriptDir} ${pivpnFilesDir}/scripts/*.sh
$SUDO install -m 755 -t ${pivpnScriptDir}/${VPN} ${pivpnFilesDir}/scripts/${VPN}/*.sh
# make a link for a single command being installed
$SUDO ln -s -T ${pivpnScriptDir}/${VPN}/pivpn.sh /usr/local/bin/pivpn
# if the other protocol file exists it has been installed
if [[ ${VPN} == 'wireguard' ]]; then
othervpn='openvpn'
else
othervpn='wireguard'
fi
$SUDO install -m 755 "$pivpnFilesDir"/scripts/*.sh -t /opt/pivpn
$SUDO install -m 755 "$pivpnFilesDir"/scripts/"$VPN"/*.sh -t /opt/pivpn
$SUDO install -m 755 "$pivpnFilesDir"/scripts/"$VPN"/pivpn /usr/local/bin/pivpn
$SUDO install -m 644 "$pivpnFilesDir"/scripts/"$VPN"/bash-completion /etc/bash_completion.d/pivpn
# shellcheck disable=SC1091
. /etc/bash_completion.d/pivpn
if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
# both are installed
# dont need a link, copy the common script to the location instead
$SUDO rm -f /usr/local/bin/pivpn
$SUDO install -m 755 -t /usr/local/bin /${pivpnFilesDir}/scripts/pivpn
fi
if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
# both are installed, no bash completion, delete if already there
$SUDO rm -f /etc/bash_completion.d/pivpn
else
# only one protocol is installed, put bash completion in place
$SUDO cp "${pivpnFilesDir}/scripts/${VPN}/bash-completion" /etc/bash_completion.d/pivpn
$SUDO chown root:root /etc/bash_completion.d/pivpn
$SUDO chmod 755 /etc/bash_completion.d/pivpn
# shellcheck disable=SC1091
. /etc/bash_completion.d/pivpn
fi
echo " done."
}
displayFinalMessage(){
if [ "${runUnattended}" = 'true' ]; then
echo "::: Installation Complete!"
echo "::: Now run 'pivpn add' to create the ovpn profiles."
echo "::: Now run 'pivpn add' to create the client profiles."
echo "::: Run 'pivpn help' to see what else you can do!"
echo
echo "::: If you run into any issue, please read all our documentation carefully."
@ -2252,7 +2286,7 @@ displayFinalMessage(){
fi
# Final completion message to user
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Now run 'pivpn add' to create the ovpn profiles.
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Now run 'pivpn add' to create the client profiles.
Run 'pivpn help' to see what else you can do!\\n\\nIf you run into any issue, please read all our documentation carefully.
All incomplete posts or bug reports will be ignored or deleted.\\n\\nThank you for using PiVPN." ${r} ${c}
if (whiptail --title "Reboot" --yesno --defaultno "It is strongly recommended you reboot after installation. Would you like to reboot now?" ${r} ${c}); then

View file

@ -2,7 +2,32 @@
backupdir=pivpnbackup
date=$(date +%Y%m%d-%H%M%S)
setupVars="/etc/pivpn/setupVars.conf"
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
columns=$(echo "$screen_size" | awk '{print $2}')
# Divide by two so the dialogs take up half of the screen, which looks nice.
r=$(( rows / 2 ))
c=$(( columns / 2 ))
# Unless the screen is tiny
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "Choose a VPN configuration to backup (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
setupVars="/etc/pivpn/${VPN}/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"

View file

@ -1,7 +1,7 @@
#!/bin/bash
# Create OVPN Client
# Default Variable Declarations
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/openvpn/setupVars.conf"
DEFAULT="Default.txt"
FILEEXT=".ovpn"
CRT=".crt"

View file

@ -10,26 +10,29 @@ if [[ ! $EUID -eq 0 ]];then
fi
fi
scriptDir="/opt/pivpn"
vpn="openvpn"
function makeOVPNFunc {
shift
$SUDO /opt/pivpn/makeOVPN.sh "$@"
$SUDO ${scriptDir}/${vpn}/makeOVPN.sh "$@"
exit 0
}
function listClientsFunc {
shift
$SUDO /opt/pivpn/clientStat.sh "$@"
$SUDO ${scriptDir}/${vpn}/clientStat.sh "$@"
exit 0
}
function listOVPNFunc {
$SUDO /opt/pivpn/listOVPN.sh
$SUDO ${scriptDir}/${vpn}/listOVPN.sh
exit 0
}
function debugFunc {
echo "::: Generating Debug Output"
$SUDO /opt/pivpn/pivpnDebug.sh | tee /tmp/debug.txt
$SUDO ${scriptDir}/${vpn}/pivpnDebug.sh | tee /tmp/debug.txt
echo "::: "
echo "::: Debug output completed above."
echo "::: Copy saved to /tmp/debug.txt"
@ -39,12 +42,12 @@ function debugFunc {
function removeOVPNFunc {
shift
$SUDO /opt/pivpn/removeOVPN.sh "$@"
$SUDO ${scriptDir}/${vpn}/removeOVPN.sh "$@"
exit 0
}
function uninstallFunc {
$SUDO /opt/pivpn/uninstall.sh
$SUDO ${scriptDir}/uninstall.sh
exit 0
}
@ -55,7 +58,7 @@ function versionFunc {
function update {
shift
$SUDO /opt/pivpn/update.sh "$@"
$SUDO ${scriptDir}/update.sh "$@"
exit 0
@ -63,7 +66,7 @@ function update {
function backup {
$SUDO /opt/pivpn/backup.sh
$SUDO ${scriptDir}/backup.sh
exit 0
}

View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash
# This scripts runs as root
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/openvpn/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"

View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash
# PiVPN: revoke client script
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/openvpn/setupVars.conf"
INDEX="/etc/openvpn/easy-rsa/pki/index.txt"
if [ ! -f "${setupVars}" ]; then

36
scripts/pivpn Executable file
View file

@ -0,0 +1,36 @@
#!/bin/bash
# Must be root to use this tool
if [ $EUID -ne 0 ];then
if dpkg-query -s sudo &> /dev/null; then
export SUDO="sudo"
else
echo "::: Please install sudo or run this as root."
exit 1
fi
fi
scriptDir="/opt/pivpn"
vpn="wireguard"
showHelp(){
echo "::: To pass off to the pivpn command for each protocol"
echo ":::"
echo "::: Usage: pivpn wg <command> [option]"
echo "::: Usage: pivpn opv <command> [option]"
echo ":::"
echo "::: -h, help Show this help dialog"
exit 0
}
if [ $# = 0 ]; then
showHelp
fi
# Handle redirecting to specific functions based on arguments
case "$1" in
wg ) "${scriptDir}/wireguard/pivpn.sh" "${@:2}";;
opv ) "${scriptDir}/openvpn/pivpn.sh" "${@:2}";;
"-h" | "help" ) showHelp;;
* ) showHelp;;
esac

View file

@ -4,19 +4,6 @@
### FIXME: global: config storage, refactor all scripts to adhere to the storage
### FIXME: use variables where appropriate, reduce magic numbers by 99.9%, at least.
PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
setupVars="/etc/pivpn/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
# shellcheck disable=SC1090
source "${setupVars}"
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
@ -29,6 +16,39 @@ c=$(( columns / 2 ))
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "WireGuard is a new kind of VPN that provides near-instantaneous connection speed, high performance, and modern cryptography.\\n\\nIt's the recommended choice especially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\\n\\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol or if you need features like TCP and custom search domain.\\n\\nChoose a VPN to uninstall (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
setupConfigDir="/etc/pivpn"
setupVarsFile="setupVars.conf"
setupVars="${setupConfigDir}/${VPN}/${setupVarsFile}"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
# shellcheck disable=SC1090
source "${setupVars}"
if [[ ${VPN} == 'wireguard' ]]; then
othervpn='openvpn'
else
othervpn='wireguard'
fi
### FIXME: introduce global lib
spinner(){
local pid=$1
@ -85,9 +105,25 @@ removeAll(){
fi
vpnStillExists='no'
if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
vpnStillExists='yes'
$SUDO rm -f /usr/local/bin/pivpn
$SUDO ln -s -T /opt/pivpn/${othervpn}/pivpn.sh /usr/local/bin/pivpn
echo ":::"
echo "::: Two VPN protocols exist, you should remove ${othervpn} too"
echo ":::"
else
rm -f /etc/bash_completion.d/pivpn
fi
# Disable IPv4 forwarding
sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
sysctl -p
if [ ${vpnStillExists} == 'no' ]; then
sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
sysctl -p
fi
# Purge dependencies
echo "::: Purge dependencies..."
@ -143,22 +179,12 @@ removeAll(){
printf "::: Auto cleaning remaining dependencies..."
$PKG_MANAGER -y autoclean &> /dev/null & spinner $!; printf "done!\\n";
echo ":::"
# Removing pivpn files
echo "::: Removing pivpn system files..."
if [ -f "$dnsmasqConfig" ]; then
rm -f "$dnsmasqConfig"
pihole restartdns
fi
rm -rf /opt/pivpn
rm -rf /etc/.pivpn
rm -rf /etc/pivpn
rm -f /var/log/*pivpn*
rm -f /usr/local/bin/pivpn
rm -f /etc/bash_completion.d/pivpn
echo ":::"
echo "::: Removing VPN configuration files..."
@ -177,6 +203,21 @@ removeAll(){
rm -rf "$install_home/ovpns"
fi
if [ ${vpnStillExists} == 'no' ]; then
echo ":::"
echo "::: Removing pivpn system files..."
rm -rf /etc/.pivpn
rm -rf /etc/pivpn
rm -f /var/log/*pivpn*
rm -rf /opt/pivpn
rm -f /usr/local/bin/pivpn
else
echo ":::"
echo "::: Other protocol still present, so not"
echo "::: removing pivpn system files"
rm -f "${setupConfigDir}/${VPN}/${setupVarsFile}"
fi
echo ":::"
printf "::: Finished removing PiVPN from your system.\\n"
printf "::: Reinstall by simpling running\\n:::\\n:::\\tcurl -L https://install.pivpn.io | bash\\n:::\\n::: at any time!\\n:::\\n"

View file

@ -6,7 +6,32 @@ pivpnrepo="https://github.com/pivpn/pivpn.git"
pivpnlocalpath="/etc/.pivpn"
pivpnscripts="/opt/pivpn/"
bashcompletiondir="/etc/bash_completion.d/"
setupVars="/etc/pivpn/setupVars.conf"
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
columns=$(echo "$screen_size" | awk '{print $2}')
# Divide by two so the dialogs take up half of the screen, which looks nice.
r=$(( rows / 2 ))
c=$(( columns / 2 ))
# Unless the screen is tiny
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "Choose a VPN to update (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
setupVars="/etc/pivpn/${VPN}/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"

View file

@ -4,8 +4,8 @@ _pivpn()
COMPREPLY=()
cur="${COMP_WORDS[COMP_CWORD]}"
prev="${COMP_WORDS[COMP_CWORD-1]}"
dashopts="-a -c -d -l -qr -r -h -u -up -wg -bk"
opts="add clients debug list qrcode remove help uninstall update wgupdate backup"
dashopts="-a -c -d -l -qr -r -h -u -up -bk"
opts="add clients debug list qrcode remove help uninstall update backup"
if [ "${#COMP_WORDS[@]}" -eq 2 ]
then
if [[ ${cur} == -* ]] ; then

View file

@ -1,6 +1,6 @@
#!/bin/bash
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"

View file

@ -10,53 +10,56 @@ if [ $EUID -ne 0 ];then
fi
fi
scriptdir="/opt/pivpn"
vpn="wireguard"
makeConf(){
shift
$SUDO /opt/pivpn/makeCONF.sh "$@"
$SUDO ${scriptdir}/${vpn}/makeCONF.sh "$@"
exit 0
}
listConnected(){
shift
$SUDO /opt/pivpn/clientSTAT.sh "$@"
$SUDO ${scriptdir}/${vpn}/clientSTAT.sh "$@"
exit 0
}
debug(){
$SUDO /opt/pivpn/pivpnDEBUG.sh
$SUDO ${scriptdir}/${vpn}/pivpnDEBUG.sh
exit 0
}
listClients(){
$SUDO /opt/pivpn/listCONF.sh
$SUDO ${scriptdir}/${vpn}/listCONF.sh
exit 0
}
showQrcode(){
shift
$SUDO /opt/pivpn/qrcodeCONF.sh "$@"
$SUDO ${scriptdir}/${vpn}/qrcodeCONF.sh "$@"
exit 0
}
removeClient(){
shift
$SUDO /opt/pivpn/removeCONF.sh "$@"
$SUDO ${scriptdir}/${vpn}/removeCONF.sh "$@"
exit 0
}
uninstallServer(){
$SUDO /opt/pivpn/uninstall.sh
$SUDO ${scriptdir}/uninstall.sh
exit 0
}
updateScripts(){
shift
$SUDO /opt/pivpn/update.sh "$@"
$SUDO ${scriptdir}/update.sh "$@"
exit 0
}
backup(){
$SUDO /opt/pivpn/backup.sh
$SUDO ${scriptdir}/backup.sh
}
showHelp(){

View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash
# This scripts runs as root
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"

View file

@ -1,6 +1,6 @@
#!/bin/bash
setupVars="/etc/pivpn/setupVars.conf"
setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"