Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1048 from shelleycat485/master

Browse source 
Both wireguard and openvpn can be installed together (Issue #968)
This commit is contained in:
Orazio 2020-05-19 14:06:58 +02:00 committed by GitHub
commit 35f07b2147
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 294 additions and 124 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -5,6 +5,9 @@
About About
----- -----
Modification that allows installing both openvpn and wireguard on the same machine. To do this, run the installer twice locally, makeing sure you are going to pull branch test.
Visit the [PiVPN](https://pivpn.io) site for more information. Visit the [PiVPN](https://pivpn.io) site for more information.
This is a set of shell scripts initially developed by **@0-kaladin** that serve to easily turn your Raspberry Pi (TM) This is a set of shell scripts initially developed by **@0-kaladin** that serve to easily turn your Raspberry Pi (TM)
into a VPN server using two free, open-source protocols: into a VPN server using two free, open-source protocols:

178
auto_install/install.sh
View file

@ -10,10 +10,16 @@
# curl -L https://install.pivpn.io | bash # curl -L https://install.pivpn.io | bash
# Make sure you have `curl` installed # Make sure you have `curl` installed
# timestamp 2020/5/14 15:29BST
######## VARIABLES ######### ######## VARIABLES #########
pivpnGitUrl="https://github.com/pivpn/pivpn.git" pivpnGitUrl="https://github.com/pivpn/pivpn.git"
setupVars="/etc/pivpn/setupVars.conf" #pivpnGitUrl="/home/ubuntu/repos/pivpn"
pivpnFilesDir="/etc/.pivpn" setupVarsFile="setupVars.conf"
setupConfigDir="/etc/pivpn"
tempsetupVarsFile="/tmp/setupVars.conf"
pivpnFilesDir="/etc/.pivpn"
pivpnScriptDir="/opt/pivpn"
piholeSetupVars="/etc/pihole/setupVars.conf" piholeSetupVars="/etc/pihole/setupVars.conf"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf" dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
@ -118,7 +124,14 @@ main(){
fi fi
fi fi
if [ -r "$setupVars" ]; then # see which setup already exists
if [ -r "${setupConfigDir}/wireguard/${setupVarsFile}" ]; then
setupVars="${setupConfigDir}/wireguard/${setupVarsFile}"
elif [ -r "${setupConfigDir}/openvpn/${setupVarsFile}" ]; then
setupVars="${setupConfigDir}/openvpn/${setupVarsFile}"
fi
if [ -r "$setupVars" ]; then
if [[ "${reconfigure}" == true ]]; then if [[ "${reconfigure}" == true ]]; then
echo "::: --reconfigure passed to install script, will reinstall PiVPN overwriting existing settings" echo "::: --reconfigure passed to install script, will reinstall PiVPN overwriting existing settings"
UpdateCmd="Reconfigure" UpdateCmd="Reconfigure"
@ -126,18 +139,18 @@ main(){
### What should the script do when passing --unattended to an existing installation? ### What should the script do when passing --unattended to an existing installation?
UpdateCmd="Reconfigure" UpdateCmd="Reconfigure"
else else
askAboutExistingInstall askAboutExistingInstall ${setupVars}
fi fi
fi fi
if [ -z "$UpdateCmd" ] || [ "$UpdateCmd" = "Reconfigure" ]; then if [ -z "$UpdateCmd" ] || [ "$UpdateCmd" = "Reconfigure" ]; then
: :
elif [ "$UpdateCmd" = "Update" ]; then elif [ "$UpdateCmd" = "Update" ]; then
$SUDO /opt/pivpn/update.sh "$@" $SUDO ${pivpnScriptDir}/update.sh "$@"
exit 0 exit 0
elif [ "$UpdateCmd" = "Repair" ]; then elif [ "$UpdateCmd" = "Repair" ]; then
# shellcheck disable=SC1090 # shellcheck disable=SC1090
source "$setupVars" source "$setupVars"
runUnattended=true runUnattended=true
fi fi
@ -203,8 +216,10 @@ main(){
fi fi
# Save installation setting to the final location # Save installation setting to the final location
echo "INSTALLED_PACKAGES=(${INSTALLED_PACKAGES[*]})" >> /tmp/setupVars.conf echo "INSTALLED_PACKAGES=(${INSTALLED_PACKAGES[*]})" >> ${tempsetupVarsFile}
$SUDO cp /tmp/setupVars.conf "$setupVars" echo "::: Setupfiles copied to ${setupConfigDir}/${VPN}/${setupVarsFile}"
$SUDO mkdir "${setupConfigDir}/${VPN}/"
$SUDO cp ${tempsetupVarsFile} "${setupConfigDir}/${VPN}/${setupVarsFile}"
installScripts installScripts
@ -229,7 +244,7 @@ askAboutExistingInstall(){
opt3a="Reconfigure" opt3a="Reconfigure"
opt3b="Reinstall PiVPN with new settings" opt3b="Reinstall PiVPN with new settings"
UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\nWe have detected an existing install.\n\nPlease choose from the following options:" ${r} ${c} 3 \ UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\nWe have detected an existing install.\n$1\n\nPlease choose from the following options:" ${r} ${c} 3 \
"${opt1a}" "${opt1b}" \ "${opt1a}" "${opt1b}" \
"${opt2a}" "${opt2b}" \ "${opt2a}" "${opt2b}" \
"${opt3a}" "${opt3b}" 3>&2 2>&1 1>&3) || \ "${opt3a}" "${opt3b}" 3>&2 2>&1 1>&3) || \
@ -287,8 +302,8 @@ distroCheck(){
BASE_DEPS+=(dhcpcd5) BASE_DEPS+=(dhcpcd5)
fi fi
echo "PLAT=${PLAT}" > /tmp/setupVars.conf echo "PLAT=${PLAT}" > ${tempsetupVarsFile}
echo "OSCN=${OSCN}" >> /tmp/setupVars.conf echo "OSCN=${OSCN}" >> ${tempsetupVarsFile}
} }
noOSSupport(){ noOSSupport(){
@ -470,7 +485,7 @@ preconfigurePackages(){
echo iptables-persistent iptables-persistent/autosave_v6 boolean false | $SUDO debconf-set-selections echo iptables-persistent iptables-persistent/autosave_v6 boolean false | $SUDO debconf-set-selections
fi fi
echo "USING_UFW=${USING_UFW}" >> /tmp/setupVars.conf echo "USING_UFW=${USING_UFW}" >> ${tempsetupVarsFile}
} }
installDependentPackages(){ installDependentPackages(){
@ -581,12 +596,12 @@ if [ "${runUnattended}" = 'true' ]; then
exit 1 exit 1
fi fi
fi fi
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
return return
else else
if [ "$interfaceCount" -eq 1 ]; then if [ "$interfaceCount" -eq 1 ]; then
IPv4dev="${availableInterfaces}" IPv4dev="${availableInterfaces}"
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
return return
fi fi
fi fi
@ -596,7 +611,7 @@ if chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2
for desiredInterface in ${chooseInterfaceOptions}; do for desiredInterface in ${chooseInterfaceOptions}; do
IPv4dev=${desiredInterface} IPv4dev=${desiredInterface}
echo "::: Using interface: $IPv4dev" echo "::: Using interface: $IPv4dev"
echo "IPv4dev=${IPv4dev}" >> /tmp/setupVars.conf echo "IPv4dev=${IPv4dev}" >> ${tempsetupVarsFile}
done done
else else
echo "::: Cancel selected, exiting...." echo "::: Cancel selected, exiting...."
@ -711,9 +726,9 @@ getStaticIPv4Settings() {
echo "::: Skipping setting static IP address" echo "::: Skipping setting static IP address"
fi fi
echo "dhcpReserv=${dhcpReserv}" >> /tmp/setupVars.conf echo "dhcpReserv=${dhcpReserv}" >> ${tempsetupVarsFile}
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
return return
fi fi
@ -735,10 +750,10 @@ No: Setup static IP address
Don't know what DHCP Reservation is? Answer No." ${r} ${c}); then Don't know what DHCP Reservation is? Answer No." ${r} ${c}); then
dhcpReserv=1 dhcpReserv=1
# shellcheck disable=SC2129 # shellcheck disable=SC2129
echo "dhcpReserv=${dhcpReserv}" >> /tmp/setupVars.conf echo "dhcpReserv=${dhcpReserv}" >> ${tempsetupVarsFile}
# We don't really need to save them as we won't set a static IP but they might be useful for debugging # We don't really need to save them as we won't set a static IP but they might be useful for debugging
echo "IPv4addr=${CurrentIPv4addr}" >> /tmp/setupVars.conf echo "IPv4addr=${CurrentIPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${CurrentIPv4gw}" >> /tmp/setupVars.conf echo "IPv4gw=${CurrentIPv4gw}" >> ${tempsetupVarsFile}
else else
# Ask if the user wants to use DHCP settings as their static IP # Ask if the user wants to use DHCP settings as their static IP
if (whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno "Do you want to use your current network settings as a static address? if (whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno "Do you want to use your current network settings as a static address?
@ -747,8 +762,8 @@ Don't know what DHCP Reservation is? Answer No." ${r} ${c}); then
Gateway: ${CurrentIPv4gw}" ${r} ${c}); then Gateway: ${CurrentIPv4gw}" ${r} ${c}); then
IPv4addr=${CurrentIPv4addr} IPv4addr=${CurrentIPv4addr}
IPv4gw=${CurrentIPv4gw} IPv4gw=${CurrentIPv4gw}
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
# If they choose yes, let the user know that the IP address will not be available via DHCP and may cause a conflict. # If they choose yes, let the user know that the IP address will not be available via DHCP and may cause a conflict.
whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" "It is possible your router could still try to assign this IP to a device, which would cause a conflict. But in most cases the router is smart enough to not do that. whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" "It is possible your router could still try to assign this IP to a device, which would cause a conflict. But in most cases the router is smart enough to not do that.
@ -803,8 +818,8 @@ It is also possible to use a DHCP reservation, but if you are going to do that,
IP address: ${IPv4addr} IP address: ${IPv4addr}
Gateway: ${IPv4gw}" ${r} ${c}); then Gateway: ${IPv4gw}" ${r} ${c}); then
# If the settings are correct, then we need to set the pivpnIP # If the settings are correct, then we need to set the pivpnIP
echo "IPv4addr=${IPv4addr}" >> /tmp/setupVars.conf echo "IPv4addr=${IPv4addr}" >> ${tempsetupVarsFile}
echo "IPv4gw=${IPv4gw}" >> /tmp/setupVars.conf echo "IPv4gw=${IPv4gw}" >> ${tempsetupVarsFile}
# After that's done, the loop ends and we move on # After that's done, the loop ends and we move on
ipSettingsCorrect=True ipSettingsCorrect=True
else else
@ -867,8 +882,8 @@ chooseUser(){
fi fi
install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6) install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6)
install_home=${install_home%/} install_home=${install_home%/}
echo "install_user=${install_user}" >> /tmp/setupVars.conf echo "install_user=${install_user}" >> ${tempsetupVarsFile}
echo "install_home=${install_home}" >> /tmp/setupVars.conf echo "install_home=${install_home}" >> ${tempsetupVarsFile}
return return
fi fi
@ -915,8 +930,8 @@ chooseUser(){
echo "::: Using User: $install_user" echo "::: Using User: $install_user"
install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6) install_home=$(grep -m1 "^${install_user}:" /etc/passwd | cut -d: -f6)
install_home=${install_home%/} # remove possible trailing slash install_home=${install_home%/} # remove possible trailing slash
echo "install_user=${install_user}" >> /tmp/setupVars.conf echo "install_user=${install_user}" >> ${tempsetupVarsFile}
echo "install_home=${install_home}" >> /tmp/setupVars.conf echo "install_home=${install_home}" >> ${tempsetupVarsFile}
done done
else else
echo "::: Cancel selected, exiting...." echo "::: Cancel selected, exiting...."
@ -1034,13 +1049,13 @@ installPiVPN(){
confWireGuard confWireGuard
confNetwork confNetwork
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
fi fi
echo "pivpnDEV=${pivpnDEV}" >> /tmp/setupVars.conf echo "pivpnDEV=${pivpnDEV}" >> ${tempsetupVarsFile}
echo "pivpnNET=${pivpnNET}" >> /tmp/setupVars.conf echo "pivpnNET=${pivpnNET}" >> ${tempsetupVarsFile}
echo "subnetClass=${subnetClass}" >> /tmp/setupVars.conf echo "subnetClass=${subnetClass}" >> ${tempsetupVarsFile}
} }
askWhichVPN(){ askWhichVPN(){
@ -1093,7 +1108,7 @@ askWhichVPN(){
fi fi
fi fi
echo "VPN=${VPN}" >> /tmp/setupVars.conf echo "VPN=${VPN}" >> ${tempsetupVarsFile}
} }
downloadVerifyKey(){ downloadVerifyKey(){
@ -1295,7 +1310,7 @@ askCustomProto(){
exit 1 exit 1
fi fi
fi fi
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1308,7 +1323,7 @@ askCustomProto(){
# Convert option into lowercase (UDP->udp) # Convert option into lowercase (UDP->udp)
pivpnPROTO="${pivpnPROTO,,}" pivpnPROTO="${pivpnPROTO,,}"
echo "::: Using protocol: $pivpnPROTO" echo "::: Using protocol: $pivpnPROTO"
echo "pivpnPROTO=${pivpnPROTO}" >> /tmp/setupVars.conf echo "pivpnPROTO=${pivpnPROTO}" >> ${tempsetupVarsFile}
else else
echo "::: Cancel selected, exiting...." echo "::: Cancel selected, exiting...."
exit 1 exit 1
@ -1338,7 +1353,7 @@ askCustomPort(){
exit 1 exit 1
fi fi
fi fi
echo "pivpnPORT=${pivpnPORT}" >> /tmp/setupVars.conf echo "pivpnPORT=${pivpnPORT}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1381,7 +1396,7 @@ askCustomPort(){
fi fi
done done
# write out the port # write out the port
echo "pivpnPORT=${pivpnPORT}" >> /tmp/setupVars.conf echo "pivpnPORT=${pivpnPORT}" >> ${tempsetupVarsFile}
} }
askClientDNS(){ askClientDNS(){
@ -1414,8 +1429,8 @@ askClientDNS(){
exit 1 exit 1
fi fi
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1450,8 +1465,8 @@ askClientDNS(){
# Use the Raspberry Pi VPN IP as DNS server. # Use the Raspberry Pi VPN IP as DNS server.
pivpnDNS1="$vpnGw" pivpnDNS1="$vpnGw"
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
return return
fi fi
fi fi
@ -1536,8 +1551,8 @@ askClientDNS(){
exit 1 exit 1
fi fi
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf echo "pivpnDNS1=${pivpnDNS1}" >> ${tempsetupVarsFile}
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf echo "pivpnDNS2=${pivpnDNS2}" >> ${tempsetupVarsFile}
} }
#Call this function to use a regex to check user input for a valid custom domain #Call this function to use a regex to check user input for a valid custom domain
@ -1564,7 +1579,7 @@ askCustomDomain(){
else else
echo "::: Skipping custom domain" echo "::: Skipping custom domain"
fi fi
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> /tmp/setupVars.conf echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1593,7 +1608,7 @@ askCustomDomain(){
done done
fi fi
echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> /tmp/setupVars.conf echo "pivpnSEARCHDOMAIN=${pivpnSEARCHDOMAIN}" >> ${tempsetupVarsFile}
} }
askPublicIPOrDNS(){ askPublicIPOrDNS(){
@ -1619,7 +1634,7 @@ askPublicIPOrDNS(){
exit 1 exit 1
fi fi
fi fi
echo "pivpnHOST=${pivpnHOST}" >> /tmp/setupVars.conf echo "pivpnHOST=${pivpnHOST}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1663,7 +1678,7 @@ askPublicIPOrDNS(){
exit 1 exit 1
fi fi
echo "pivpnHOST=${pivpnHOST}" >> /tmp/setupVars.conf echo "pivpnHOST=${pivpnHOST}" >> ${tempsetupVarsFile}
} }
askEncryption(){ askEncryption(){
@ -1712,9 +1727,9 @@ askEncryption(){
fi fi
fi fi
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> ${tempsetupVarsFile}
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf echo "pivpnENCRYPT=${pivpnENCRYPT}" >> ${tempsetupVarsFile}
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> /tmp/setupVars.conf echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> ${tempsetupVarsFile}
return return
fi fi
@ -1746,9 +1761,9 @@ askEncryption(){
USE_PREDEFINED_DH_PARAM=0 USE_PREDEFINED_DH_PARAM=0
fi fi
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> ${tempsetupVarsFile}
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf echo "pivpnENCRYPT=${pivpnENCRYPT}" >> ${tempsetupVarsFile}
echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> /tmp/setupVars.conf echo "USE_PREDEFINED_DH_PARAM=${USE_PREDEFINED_DH_PARAM}" >> ${tempsetupVarsFile}
} }
cidrToMask(){ cidrToMask(){
@ -2091,8 +2106,8 @@ confNetwork(){
;; ;;
esac esac
echo "INPUT_CHAIN_EDITED=${INPUT_CHAIN_EDITED}" >> /tmp/setupVars.conf echo "INPUT_CHAIN_EDITED=${INPUT_CHAIN_EDITED}" >> ${tempsetupVarsFile}
echo "FORWARD_CHAIN_EDITED=${FORWARD_CHAIN_EDITED}" >> /tmp/setupVars.conf echo "FORWARD_CHAIN_EDITED=${FORWARD_CHAIN_EDITED}" >> ${tempsetupVarsFile}
fi fi
} }
@ -2155,7 +2170,7 @@ askUnattendedUpgrades(){
echo "::: Skipping unattended upgrades" echo "::: Skipping unattended upgrades"
fi fi
fi fi
echo "UNATTUPG=${UNATTUPG}" >> /tmp/setupVars.conf echo "UNATTUPG=${UNATTUPG}" >> ${tempsetupVarsFile}
return return
fi fi
@ -2167,7 +2182,7 @@ askUnattendedUpgrades(){
UNATTUPG=0 UNATTUPG=0
fi fi
echo "UNATTUPG=${UNATTUPG}" >> /tmp/setupVars.conf echo "UNATTUPG=${UNATTUPG}" >> ${tempsetupVarsFile}
} }
confUnattendedUpgrades(){ confUnattendedUpgrades(){
@ -2220,27 +2235,46 @@ confUnattendedUpgrades(){
installScripts(){ installScripts(){
# Install the scripts from /etc/.pivpn to their various locations # Install the scripts from /etc/.pivpn to their various locations
echo ":::" echo -n -e "::: Installing scripts to ${pivpnScriptDir}...\n"
echo -n -e "::: Installing scripts to /opt/pivpn...\n" if [ ! -d "${pivpnScriptDir}/${VPN}" ]; then
if [ ! -d /opt/pivpn ]; then $SUDO install -m 0755 -o root -d ${pivpnScriptDir}/${VPN}
$SUDO mkdir -p /opt/pivpn
$SUDO chown root:root /opt/pivpn
$SUDO chmod 0755 /opt/pivpn
fi fi
$SUDO install -m 755 -t ${pivpnScriptDir} ${pivpnFilesDir}/scripts/*.sh
$SUDO install -m 755 -t ${pivpnScriptDir}/${VPN} ${pivpnFilesDir}/scripts/${VPN}/*.sh
# make a link for a single command being installed
$SUDO ln -s -T ${pivpnScriptDir}/${VPN}/pivpn.sh /usr/local/bin/pivpn
# if the other protocol file exists it has been installed
if [[ ${VPN} == 'wireguard' ]]; then
othervpn='openvpn'
else
othervpn='wireguard'
fi
$SUDO install -m 755 "$pivpnFilesDir"/scripts/*.sh -t /opt/pivpn if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
$SUDO install -m 755 "$pivpnFilesDir"/scripts/"$VPN"/*.sh -t /opt/pivpn # both are installed
$SUDO install -m 755 "$pivpnFilesDir"/scripts/"$VPN"/pivpn /usr/local/bin/pivpn # dont need a link, copy the common script to the location instead
$SUDO install -m 644 "$pivpnFilesDir"/scripts/"$VPN"/bash-completion /etc/bash_completion.d/pivpn $SUDO rm -f /usr/local/bin/pivpn
# shellcheck disable=SC1091 $SUDO install -m 755 -t /usr/local/bin /${pivpnFilesDir}/scripts/pivpn
. /etc/bash_completion.d/pivpn fi
if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
# both are installed, no bash completion, delete if already there
$SUDO rm -f /etc/bash_completion.d/pivpn
else
# only one protocol is installed, put bash completion in place
$SUDO cp "${pivpnFilesDir}/scripts/${VPN}/bash-completion" /etc/bash_completion.d/pivpn
$SUDO chown root:root /etc/bash_completion.d/pivpn
$SUDO chmod 755 /etc/bash_completion.d/pivpn
# shellcheck disable=SC1091
. /etc/bash_completion.d/pivpn
fi
echo " done." echo " done."
} }
displayFinalMessage(){ displayFinalMessage(){
if [ "${runUnattended}" = 'true' ]; then if [ "${runUnattended}" = 'true' ]; then
echo "::: Installation Complete!" echo "::: Installation Complete!"
echo "::: Now run 'pivpn add' to create the ovpn profiles." echo "::: Now run 'pivpn add' to create the client profiles."
echo "::: Run 'pivpn help' to see what else you can do!" echo "::: Run 'pivpn help' to see what else you can do!"
echo echo
echo "::: If you run into any issue, please read all our documentation carefully." echo "::: If you run into any issue, please read all our documentation carefully."
@ -2252,7 +2286,7 @@ displayFinalMessage(){
fi fi
# Final completion message to user # Final completion message to user
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Now run 'pivpn add' to create the ovpn profiles. whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Now run 'pivpn add' to create the client profiles.
Run 'pivpn help' to see what else you can do!\\n\\nIf you run into any issue, please read all our documentation carefully. Run 'pivpn help' to see what else you can do!\\n\\nIf you run into any issue, please read all our documentation carefully.
All incomplete posts or bug reports will be ignored or deleted.\\n\\nThank you for using PiVPN." ${r} ${c} All incomplete posts or bug reports will be ignored or deleted.\\n\\nThank you for using PiVPN." ${r} ${c}
if (whiptail --title "Reboot" --yesno --defaultno "It is strongly recommended you reboot after installation. Would you like to reboot now?" ${r} ${c}); then if (whiptail --title "Reboot" --yesno --defaultno "It is strongly recommended you reboot after installation. Would you like to reboot now?" ${r} ${c}); then

27
scripts/backup.sh
View file

@ -2,7 +2,32 @@
backupdir=pivpnbackup backupdir=pivpnbackup
date=$(date +%Y%m%d-%H%M%S) date=$(date +%Y%m%d-%H%M%S)
setupVars="/etc/pivpn/setupVars.conf"
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
columns=$(echo "$screen_size" | awk '{print $2}')
# Divide by two so the dialogs take up half of the screen, which looks nice.
r=$(( rows / 2 ))
c=$(( columns / 2 ))
# Unless the screen is tiny
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "Choose a VPN configuration to backup (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
setupVars="/etc/pivpn/${VPN}/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"

2
scripts/openvpn/makeOVPN.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Create OVPN Client # Create OVPN Client
# Default Variable Declarations # Default Variable Declarations
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/openvpn/setupVars.conf"
DEFAULT="Default.txt" DEFAULT="Default.txt"
FILEEXT=".ovpn" FILEEXT=".ovpn"
CRT=".crt" CRT=".crt"

19
scripts/openvpn/pivpn → scripts/openvpn/pivpn.sh
View file

@ -10,26 +10,29 @@ if [[ ! $EUID -eq 0 ]];then
fi fi
fi fi
scriptDir="/opt/pivpn"
vpn="openvpn"
function makeOVPNFunc { function makeOVPNFunc {
shift shift
$SUDO /opt/pivpn/makeOVPN.sh "$@" $SUDO ${scriptDir}/${vpn}/makeOVPN.sh "$@"
exit 0 exit 0
} }
function listClientsFunc { function listClientsFunc {
shift shift
$SUDO /opt/pivpn/clientStat.sh "$@" $SUDO ${scriptDir}/${vpn}/clientStat.sh "$@"
exit 0 exit 0
} }
function listOVPNFunc { function listOVPNFunc {
$SUDO /opt/pivpn/listOVPN.sh $SUDO ${scriptDir}/${vpn}/listOVPN.sh
exit 0 exit 0
} }
function debugFunc { function debugFunc {
echo "::: Generating Debug Output" echo "::: Generating Debug Output"
$SUDO /opt/pivpn/pivpnDebug.sh | tee /tmp/debug.txt $SUDO ${scriptDir}/${vpn}/pivpnDebug.sh | tee /tmp/debug.txt
echo "::: " echo "::: "
echo "::: Debug output completed above." echo "::: Debug output completed above."
echo "::: Copy saved to /tmp/debug.txt" echo "::: Copy saved to /tmp/debug.txt"
@ -39,12 +42,12 @@ function debugFunc {
function removeOVPNFunc { function removeOVPNFunc {
shift shift
$SUDO /opt/pivpn/removeOVPN.sh "$@" $SUDO ${scriptDir}/${vpn}/removeOVPN.sh "$@"
exit 0 exit 0
} }
function uninstallFunc { function uninstallFunc {
$SUDO /opt/pivpn/uninstall.sh $SUDO ${scriptDir}/uninstall.sh
exit 0 exit 0
} }
@ -55,7 +58,7 @@ function versionFunc {
function update { function update {
shift shift
$SUDO /opt/pivpn/update.sh "$@" $SUDO ${scriptDir}/update.sh "$@"
exit 0 exit 0
@ -63,7 +66,7 @@ function update {
function backup { function backup {
$SUDO /opt/pivpn/backup.sh $SUDO ${scriptDir}/backup.sh
exit 0 exit 0
} }

2
scripts/openvpn/pivpnDebug.sh
View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# This scripts runs as root # This scripts runs as root
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/openvpn/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"

2
scripts/openvpn/removeOVPN.sh
View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# PiVPN: revoke client script # PiVPN: revoke client script
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/openvpn/setupVars.conf"
INDEX="/etc/openvpn/easy-rsa/pki/index.txt" INDEX="/etc/openvpn/easy-rsa/pki/index.txt"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then

36
scripts/pivpn Executable file
View file

@ -0,0 +1,36 @@
#!/bin/bash
# Must be root to use this tool
if [ $EUID -ne 0 ];then
if dpkg-query -s sudo &> /dev/null; then
export SUDO="sudo"
else
echo "::: Please install sudo or run this as root."
exit 1
fi
fi
scriptDir="/opt/pivpn"
vpn="wireguard"
showHelp(){
echo "::: To pass off to the pivpn command for each protocol"
echo ":::"
echo "::: Usage: pivpn wg <command> [option]"
echo "::: Usage: pivpn opv <command> [option]"
echo ":::"
echo "::: -h, help Show this help dialog"
exit 0
}
if [ $# = 0 ]; then
showHelp
fi
# Handle redirecting to specific functions based on arguments
case "$1" in
wg ) "${scriptDir}/wireguard/pivpn.sh" "${@:2}";;
opv ) "${scriptDir}/openvpn/pivpn.sh" "${@:2}";;
"-h" | "help" ) showHelp;;
* ) showHelp;;
esac

91
scripts/uninstall.sh
View file

@ -4,19 +4,6 @@
### FIXME: global: config storage, refactor all scripts to adhere to the storage ### FIXME: global: config storage, refactor all scripts to adhere to the storage
### FIXME: use variables where appropriate, reduce magic numbers by 99.9%, at least. ### FIXME: use variables where appropriate, reduce magic numbers by 99.9%, at least.
PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
setupVars="/etc/pivpn/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
# shellcheck disable=SC1090
source "${setupVars}"
# Find the rows and columns. Will default to 80x24 if it can not be detected. # Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80) screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}') rows=$(echo "$screen_size" | awk '{print $1}')
@ -29,6 +16,39 @@ c=$(( columns / 2 ))
r=$(( r < 20 ? 20 : r )) r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c )) c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "WireGuard is a new kind of VPN that provides near-instantaneous connection speed, high performance, and modern cryptography.\\n\\nIt's the recommended choice especially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\\n\\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol or if you need features like TCP and custom search domain.\\n\\nChoose a VPN to uninstall (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
setupConfigDir="/etc/pivpn"
setupVarsFile="setupVars.conf"
setupVars="${setupConfigDir}/${VPN}/${setupVarsFile}"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
# shellcheck disable=SC1090
source "${setupVars}"
if [[ ${VPN} == 'wireguard' ]]; then
othervpn='openvpn'
else
othervpn='wireguard'
fi
### FIXME: introduce global lib ### FIXME: introduce global lib
spinner(){ spinner(){
local pid=$1 local pid=$1
@ -85,9 +105,25 @@ removeAll(){
fi fi
vpnStillExists='no'
if [ -r "${setupConfigDir}/${othervpn}/${setupVarsFile}" ]; then
vpnStillExists='yes'
$SUDO rm -f /usr/local/bin/pivpn
$SUDO ln -s -T /opt/pivpn/${othervpn}/pivpn.sh /usr/local/bin/pivpn
echo ":::"
echo "::: Two VPN protocols exist, you should remove ${othervpn} too"
echo ":::"
else
rm -f /etc/bash_completion.d/pivpn
fi
# Disable IPv4 forwarding # Disable IPv4 forwarding
sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf if [ ${vpnStillExists} == 'no' ]; then
sysctl -p sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
sysctl -p
fi
# Purge dependencies # Purge dependencies
echo "::: Purge dependencies..." echo "::: Purge dependencies..."
@ -143,22 +179,12 @@ removeAll(){
printf "::: Auto cleaning remaining dependencies..." printf "::: Auto cleaning remaining dependencies..."
$PKG_MANAGER -y autoclean &> /dev/null & spinner $!; printf "done!\\n"; $PKG_MANAGER -y autoclean &> /dev/null & spinner $!; printf "done!\\n";
echo ":::"
# Removing pivpn files
echo "::: Removing pivpn system files..."
if [ -f "$dnsmasqConfig" ]; then if [ -f "$dnsmasqConfig" ]; then
rm -f "$dnsmasqConfig" rm -f "$dnsmasqConfig"
pihole restartdns pihole restartdns
fi fi
rm -rf /opt/pivpn
rm -rf /etc/.pivpn
rm -rf /etc/pivpn
rm -f /var/log/*pivpn*
rm -f /usr/local/bin/pivpn
rm -f /etc/bash_completion.d/pivpn
echo ":::" echo ":::"
echo "::: Removing VPN configuration files..." echo "::: Removing VPN configuration files..."
@ -177,6 +203,21 @@ removeAll(){
rm -rf "$install_home/ovpns" rm -rf "$install_home/ovpns"
fi fi
if [ ${vpnStillExists} == 'no' ]; then
echo ":::"
echo "::: Removing pivpn system files..."
rm -rf /etc/.pivpn
rm -rf /etc/pivpn
rm -f /var/log/*pivpn*
rm -rf /opt/pivpn
rm -f /usr/local/bin/pivpn
else
echo ":::"
echo "::: Other protocol still present, so not"
echo "::: removing pivpn system files"
rm -f "${setupConfigDir}/${VPN}/${setupVarsFile}"
fi
echo ":::" echo ":::"
printf "::: Finished removing PiVPN from your system.\\n" printf "::: Finished removing PiVPN from your system.\\n"
printf "::: Reinstall by simpling running\\n:::\\n:::\\tcurl -L https://install.pivpn.io | bash\\n:::\\n::: at any time!\\n:::\\n" printf "::: Reinstall by simpling running\\n:::\\n:::\\tcurl -L https://install.pivpn.io | bash\\n:::\\n::: at any time!\\n:::\\n"

27
scripts/update.sh
View file

@ -6,7 +6,32 @@ pivpnrepo="https://github.com/pivpn/pivpn.git"
pivpnlocalpath="/etc/.pivpn" pivpnlocalpath="/etc/.pivpn"
pivpnscripts="/opt/pivpn/" pivpnscripts="/opt/pivpn/"
bashcompletiondir="/etc/bash_completion.d/" bashcompletiondir="/etc/bash_completion.d/"
setupVars="/etc/pivpn/setupVars.conf"
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
columns=$(echo "$screen_size" | awk '{print $2}')
# Divide by two so the dialogs take up half of the screen, which looks nice.
r=$(( rows / 2 ))
c=$(( columns / 2 ))
# Unless the screen is tiny
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "Choose a VPN to update (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
setupVars="/etc/pivpn/${VPN}/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"

4
scripts/wireguard/bash-completion
View file

@ -4,8 +4,8 @@ _pivpn()
COMPREPLY=() COMPREPLY=()
cur="${COMP_WORDS[COMP_CWORD]}" cur="${COMP_WORDS[COMP_CWORD]}"
prev="${COMP_WORDS[COMP_CWORD-1]}" prev="${COMP_WORDS[COMP_CWORD-1]}"
dashopts="-a -c -d -l -qr -r -h -u -up -wg -bk" dashopts="-a -c -d -l -qr -r -h -u -up -bk"
opts="add clients debug list qrcode remove help uninstall update wgupdate backup" opts="add clients debug list qrcode remove help uninstall update backup"
if [ "${#COMP_WORDS[@]}" -eq 2 ] if [ "${#COMP_WORDS[@]}" -eq 2 ]
then then
if [[ ${cur} == -* ]] ; then if [[ ${cur} == -* ]] ; then

2
scripts/wireguard/makeCONF.sh
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"

21
scripts/wireguard/pivpn → scripts/wireguard/pivpn.sh
View file

@ -10,53 +10,56 @@ if [ $EUID -ne 0 ];then
fi fi
fi fi
scriptdir="/opt/pivpn"
vpn="wireguard"
makeConf(){ makeConf(){
shift shift
$SUDO /opt/pivpn/makeCONF.sh "$@" $SUDO ${scriptdir}/${vpn}/makeCONF.sh "$@"
exit 0 exit 0
} }
listConnected(){ listConnected(){
shift shift
$SUDO /opt/pivpn/clientSTAT.sh "$@" $SUDO ${scriptdir}/${vpn}/clientSTAT.sh "$@"
exit 0 exit 0
} }
debug(){ debug(){
$SUDO /opt/pivpn/pivpnDEBUG.sh $SUDO ${scriptdir}/${vpn}/pivpnDEBUG.sh
exit 0 exit 0
} }
listClients(){ listClients(){
$SUDO /opt/pivpn/listCONF.sh $SUDO ${scriptdir}/${vpn}/listCONF.sh
exit 0 exit 0
} }
showQrcode(){ showQrcode(){
shift shift
$SUDO /opt/pivpn/qrcodeCONF.sh "$@" $SUDO ${scriptdir}/${vpn}/qrcodeCONF.sh "$@"
exit 0 exit 0
} }
removeClient(){ removeClient(){
shift shift
$SUDO /opt/pivpn/removeCONF.sh "$@" $SUDO ${scriptdir}/${vpn}/removeCONF.sh "$@"
exit 0 exit 0
} }
uninstallServer(){ uninstallServer(){
$SUDO /opt/pivpn/uninstall.sh $SUDO ${scriptdir}/uninstall.sh
exit 0 exit 0
} }
updateScripts(){ updateScripts(){
shift shift
$SUDO /opt/pivpn/update.sh "$@" $SUDO ${scriptdir}/update.sh "$@"
exit 0 exit 0
} }
backup(){ backup(){
$SUDO /opt/pivpn/backup.sh $SUDO ${scriptdir}/backup.sh
} }
showHelp(){ showHelp(){

2
scripts/wireguard/pivpnDEBUG.sh
View file

@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# This scripts runs as root # This scripts runs as root
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"

2
scripts/wireguard/removeCONF.sh
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
setupVars="/etc/pivpn/setupVars.conf" setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!" echo "::: Missing setup vars file!"