mirror of
https://github.com/pivpn/pivpn.git
synced 2024-12-19 19:30:16 +00:00
Changed variable name, corrected rm typo
This commit is contained in:
Orazio
parent
44feb0b853
commit
4a49787b28
4 changed files with 12 additions and 12 deletions
|
|
@ -1473,8 +1473,8 @@ askPublicIPOrDNS(){
|
||||||
askEncryption(){
|
askEncryption(){
|
||||||
if [ "${runUnattended}" = 'true' ]; then
|
if [ "${runUnattended}" = 'true' ]; then
|
||||||
|
|
||||||
if [ -z "$pivpnTWOPOINTFOUR" ] || [ "$pivpnTWOPOINTFOUR" -eq 1 ]; then
|
if [ -z "$TWO_POINT_FOUR" ] || [ "$TWO_POINT_FOUR" -eq 1 ]; then
|
||||||
pivpnTWOPOINTFOUR=1
|
TWO_POINT_FOUR=1
|
||||||
echo "::: Using OpenVPN 2.4 features"
|
echo "::: Using OpenVPN 2.4 features"
|
||||||
|
|
||||||
if [ -z "$pivpnENCRYPT" ]; then
|
if [ -z "$pivpnENCRYPT" ]; then
|
||||||
|
|
@ -1489,7 +1489,7 @@ askEncryption(){
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
pivpnTWOPOINTFOUR=0
|
TWO_POINT_FOUR=0
|
||||||
echo "::: Using traditional OpenVPN configuration"
|
echo "::: Using traditional OpenVPN configuration"
|
||||||
|
|
||||||
if [ -z "$pivpnENCRYPT" ]; then
|
if [ -z "$pivpnENCRYPT" ]; then
|
||||||
|
|
@ -1512,21 +1512,21 @@ askEncryption(){
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "pivpnTWOPOINTFOUR=${pivpnTWOPOINTFOUR}" >> /tmp/setupVars.conf
|
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf
|
||||||
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
|
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
|
||||||
echo "DOWNLOAD_DH_PARAM=${DOWNLOAD_DH_PARAM}" >> /tmp/setupVars.conf
|
echo "DOWNLOAD_DH_PARAM=${DOWNLOAD_DH_PARAM}" >> /tmp/setupVars.conf
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if (whiptail --backtitle "Setup OpenVPN" --title "Installation mode" --yesno "OpenVPN 2.4 can take advantage of Elliptic Curves to provide higher connection speed and improved security over RSA, while keeping smaller certificates.\\n\\nMoreover, the 'tls-crypt' directive encrypts the certificates being used while authenticating, increasing privacy.\\n\\nIf your clients do run OpenVPN 2.4 or later you can enable these features, otherwise choose 'No' for best compatibility." "${r}" "${c}"); then
|
if (whiptail --backtitle "Setup OpenVPN" --title "Installation mode" --yesno "OpenVPN 2.4 can take advantage of Elliptic Curves to provide higher connection speed and improved security over RSA, while keeping smaller certificates.\\n\\nMoreover, the 'tls-crypt' directive encrypts the certificates being used while authenticating, increasing privacy.\\n\\nIf your clients do run OpenVPN 2.4 or later you can enable these features, otherwise choose 'No' for best compatibility." "${r}" "${c}"); then
|
||||||
pivpnTWOPOINTFOUR=1
|
TWO_POINT_FOUR=1
|
||||||
pivpnENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "ECDSA certificate size" --radiolist \
|
pivpnENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "ECDSA certificate size" --radiolist \
|
||||||
"Choose the desired size of your certificate (press space to select):\\nThis is a certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 256 bits. You can increase the number of bits if you care about, however, consider that 256 bits are already as secure as 3072 bit RSA." ${r} ${c} 3 \
|
"Choose the desired size of your certificate (press space to select):\\nThis is a certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 256 bits. You can increase the number of bits if you care about, however, consider that 256 bits are already as secure as 3072 bit RSA." ${r} ${c} 3 \
|
||||||
"256" "Use a 256-bit certificate (recommended level)" ON \
|
"256" "Use a 256-bit certificate (recommended level)" ON \
|
||||||
"384" "Use a 384-bit certificate" OFF \
|
"384" "Use a 384-bit certificate" OFF \
|
||||||
"521" "Use a 521-bit certificate (paranoid level)" OFF 3>&1 1>&2 2>&3)
|
"521" "Use a 521-bit certificate (paranoid level)" OFF 3>&1 1>&2 2>&3)
|
||||||
else
|
else
|
||||||
pivpnTWOPOINTFOUR=0
|
TWO_POINT_FOUR=0
|
||||||
pivpnENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "RSA certificate size" --radiolist \
|
pivpnENCRYPT=$(whiptail --backtitle "Setup OpenVPN" --title "RSA certificate size" --radiolist \
|
||||||
"Choose the desired size of your certificate (press space to select):\\nThis is a certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 2048 bits. If you are paranoid about ... things... then grab a cup of joe and pick 4096 bits." ${r} ${c} 3 \
|
"Choose the desired size of your certificate (press space to select):\\nThis is a certificate that will be generated on your system. The larger the certificate, the more time this will take. For most applications, it is recommended to use 2048 bits. If you are paranoid about ... things... then grab a cup of joe and pick 4096 bits." ${r} ${c} 3 \
|
||||||
"2048" "Use a 2048-bit certificate (recommended level)" ON \
|
"2048" "Use a 2048-bit certificate (recommended level)" ON \
|
||||||
|
|
@ -1546,7 +1546,7 @@ askEncryption(){
|
||||||
DOWNLOAD_DH_PARAM=0
|
DOWNLOAD_DH_PARAM=0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "pivpnTWOPOINTFOUR=${pivpnTWOPOINTFOUR}" >> /tmp/setupVars.conf
|
echo "TWO_POINT_FOUR=${TWO_POINT_FOUR}" >> /tmp/setupVars.conf
|
||||||
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
|
echo "pivpnENCRYPT=${pivpnENCRYPT}" >> /tmp/setupVars.conf
|
||||||
echo "DOWNLOAD_DH_PARAM=${DOWNLOAD_DH_PARAM}" >> /tmp/setupVars.conf
|
echo "DOWNLOAD_DH_PARAM=${DOWNLOAD_DH_PARAM}" >> /tmp/setupVars.conf
|
||||||
}
|
}
|
||||||
|
|
@ -1583,7 +1583,7 @@ confOpenVPN(){
|
||||||
|
|
||||||
cd /etc/openvpn/easy-rsa || exit 1
|
cd /etc/openvpn/easy-rsa || exit 1
|
||||||
|
|
||||||
if [ "$pivpnTWOPOINTFOUR" -eq 1 ]; then
|
if [ "$TWO_POINT_FOUR" -eq 1 ]; then
|
||||||
pivpnCERT="ec"
|
pivpnCERT="ec"
|
||||||
pivpnTLSPROT="tls-crypt"
|
pivpnTLSPROT="tls-crypt"
|
||||||
else
|
else
|
||||||
|
|
|
||||||
|
|
@ -75,7 +75,7 @@ do
|
||||||
DAYS="$_val"
|
DAYS="$_val"
|
||||||
;;
|
;;
|
||||||
-i|--iOS)
|
-i|--iOS)
|
||||||
if [ "$pivpnTWOPOINTFOUR" -ne 1 ]; then
|
if [ "$TWO_POINT_FOUR" -ne 1 ]; then
|
||||||
iOS=1
|
iOS=1
|
||||||
else
|
else
|
||||||
echo "Sorry, can't generate iOS-specific configs for ECDSA certificates"
|
echo "Sorry, can't generate iOS-specific configs for ECDSA certificates"
|
||||||
|
|
@ -391,7 +391,7 @@ else
|
||||||
echo "</key>"
|
echo "</key>"
|
||||||
|
|
||||||
#Finally, append the tls Private Key
|
#Finally, append the tls Private Key
|
||||||
if [ "$pivpnTWOPOINTFOUR" -eq 1 ]; then
|
if [ "$TWO_POINT_FOUR" -eq 1 ]; then
|
||||||
echo "<tls-crypt>"
|
echo "<tls-crypt>"
|
||||||
cat "${TA}"
|
cat "${TA}"
|
||||||
echo "</tls-crypt>"
|
echo "</tls-crypt>"
|
||||||
|
|
|
||||||
|
|
@ -151,7 +151,7 @@ removeAll(){
|
||||||
elif [ "${i}" = "openvpn" ]; then
|
elif [ "${i}" = "openvpn" ]; then
|
||||||
|
|
||||||
if [ "$PLAT" = "Debian" ] || [ "$PLAT" = "Ubuntu" ]; then
|
if [ "$PLAT" = "Debian" ] || [ "$PLAT" = "Ubuntu" ]; then
|
||||||
rm -r /etc/apt/sources.list.d/pivpn-openvpn-repo.list
|
rm -f /etc/apt/sources.list.d/pivpn-openvpn-repo.list
|
||||||
$PKG_MANAGER update &> /dev/null
|
$PKG_MANAGER update &> /dev/null
|
||||||
fi
|
fi
|
||||||
deluser openvpn
|
deluser openvpn
|
||||||
|
|
|
||||||
|
|
@ -7,8 +7,8 @@ pivpnPORT=1194
|
||||||
pivpnDNS1=9.9.9.9
|
pivpnDNS1=9.9.9.9
|
||||||
pivpnDNS2=149.112.112.112
|
pivpnDNS2=149.112.112.112
|
||||||
pivpnHOST=pivpn.example.com
|
pivpnHOST=pivpn.example.com
|
||||||
pivpnTWOPOINTFOUR=1
|
|
||||||
pivpnENCRYPT=256
|
pivpnENCRYPT=256
|
||||||
pivpnSEARCHDOMAIN=searchdomain.example.com
|
pivpnSEARCHDOMAIN=searchdomain.example.com
|
||||||
|
TWO_POINT_FOUR=1
|
||||||
DOWNLOAD_DH_PARAM=0
|
DOWNLOAD_DH_PARAM=0
|
||||||
UNATTUPG=1
|
UNATTUPG=1
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue