First commit of reworked installer

scripts/bash-completion

@@ -0,0 +1,18 @@
+_pivpn() 
+{
+    local cur prev opts
+    COMPREPLY=()
+    cur="${COMP_WORDS[COMP_CWORD]}"
+    prev="${COMP_WORDS[COMP_CWORD-1]}"
+    opts="debug add list revoke uninstall help"
+
+    if [[ ${cur} == -* ]] ; then
+        opts="-a -d -l -r -h -u"
+        COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
+        return 0
+    fi
+
+    COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
+    return 0
+}
+complete -F _pivpn pivpn

scripts/listOVPN.sh

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+# PiVPN: list clients script
+
+INDEX="/etc/openvpn/easy-rsa/keys/index.txt"
+printf "\n"
+if [ ! -f $INDEX ]; then
+        printf "The file: $INDEX \n"
+        printf "Was not Found!\n"
+        exit 1
+fi
+
+printf ": NOTE : You should always have a valid server entry below!\n"
+printf "\n"
+printf "\e[1m::: Certificate Status List :::\e[0m\n"
+printf " ::\e[4m  Status  \e[0m||\e[4m   Name   \e[0m:: \n"
+
+while read -r line || [[ -n "$line" ]]; do
+    status=$(echo $line | awk '{print $1}')
+    if [[ $status = "V" ]]; then
+        printf "     Valid   :: "
+        var=$(echo $line | awk '{print $5}' | cut -d'/' -f7)
+        var=${var#CN=}
+        printf "  $var\n"
+    fi
+    if [[ $status = "R" ]]; then
+        printf "     Revoked :: "
+        var=$(echo $line | awk '{print $6}' | cut -d'/' -f7)
+        var=${var#CN=}
+        printf "  $var\n"
+    fi
+done <$INDEX
+printf "\n"

scripts/makeOVPN.sh

@@ -0,0 +1,81 @@
+#!/bin/bash 
+# Create OVPN Client 
+# Default Variable Declarations 
+DEFAULT="Default.txt" 
+FILEEXT=".ovpn" 
+CRT=".crt" 
+OKEY=".key"
+KEY=".3des.key" 
+CA="ca.crt" 
+TA="ta.key" 
+INSTALL_USER=$(cat /etc/pivpn/INSTALL_USER)
+
+echo "Please enter a Name for the Client:"
+read NAME 
+ 
+#Build the client key and then encrypt the key
+cd /etc/openvpn/easy-rsa
+source /etc/openvpn/easy-rsa/vars
+./build-key-pass $NAME
+cd keys
+openssl rsa -in $NAME$OKEY -des3 -out $NAME$KEY
+ 
+#1st Verify that clients Public Key Exists 
+if [ ! -f $NAME$CRT ]; then 
+ echo "[ERROR]: Client Public Key Certificate not found: $NAME$CRT" 
+ exit 
+fi 
+echo "Client's cert found: $NAME$CRT" 
+ 
+#Then, verify that there is a private key for that client 
+if [ ! -f $NAME$KEY ]; then 
+ echo "[ERROR]: Client 3des Private Key not found: $NAME$KEY" 
+ exit 
+fi 
+echo "Client's Private Key found: $NAME$KEY"
+ 
+#Confirm the CA public key exists 
+if [ ! -f $CA ]; then 
+ echo "[ERROR]: CA Public Key not found: $CA" 
+ exit 
+fi 
+echo "CA public Key found: $CA" 
+ 
+#Confirm the tls-auth ta key file exists 
+if [ ! -f $TA ]; then 
+ echo "[ERROR]: tls-auth Key not found: $TA" 
+ exit 
+fi 
+echo "tls-auth Private Key found: $TA" 
+ 
+#Ready to make a new .ovpn file - Start by populating with the 
+#default file 
+cat $DEFAULT > $NAME$FILEEXT 
+ 
+#Now, append the CA Public Cert 
+echo "<ca>" >> $NAME$FILEEXT 
+cat $CA >> $NAME$FILEEXT 
+echo "</ca>" >> $NAME$FILEEXT
+ 
+#Next append the client Public Cert 
+echo "<cert>" >> $NAME$FILEEXT 
+cat $NAME$CRT | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $NAME$FILEEXT 
+echo "</cert>" >> $NAME$FILEEXT 
+ 
+#Then, append the client Private Key 
+echo "<key>" >> $NAME$FILEEXT 
+cat $NAME$KEY >> $NAME$FILEEXT 
+echo "</key>" >> $NAME$FILEEXT 
+ 
+#Finally, append the TA Private Key 
+echo "<tls-auth>" >> $NAME$FILEEXT 
+cat $TA >> $NAME$FILEEXT 
+echo "</tls-auth>" >> $NAME$FILEEXT 
+
+# Copy the .ovpn profile to the home directory for convenient remote access
+cp /etc/openvpn/easy-rsa/keys/$NAME$FILEEXT /home/$INSTALL_USER/ovpns/$NAME$FILEEXT
+echo "$NAME$FILEEXT moved to home directory."
+whiptail --title "MakeOVPN" --msgbox "Done! $NAME$FILEEXT successfully created and \
+moved to directory /home/$INSTALL_USER/ovpns." 8 78
+ 
+# Original script written by Eric Jodoin.

scripts/pivpnDebug.sh

@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+echo "::: This feature is not yet implemented... stay tuned!"

scripts/removeOVPN.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+# PiVPN: revoke client script
+
+INSTALL_USER=$(cat /etc/pivpn/INSTALL_USER)
+REVOKE_STATUS=$(cat /etc/pivpn/REVOKE_STATUS)
+INDEX="/etc/openvpn/easy-rsa/keys/index.txt"
+
+if [ ! -f $INDEX ]; then
+        printf "The file: $INDEX \n"
+        printf "Was not Found!\n"
+        exit 1
+fi
+
+printf "\n"
+printf " ::\e[4m  Certificate List  \e[0m:: \n"
+
+while read -r line || [[ -n "$line" ]]; do
+    status=$(echo $line | awk '{print $1}')
+    if [[ $status = "V" ]]; then
+        var=$(echo $line | awk '{print $5}' | cut -d'/' -f7)
+        var=${var#CN=}
+        if [ "$var" != "server" ]; then
+            printf "  $var\n"
+        fi
+    fi
+done <$INDEX
+printf "\n"
+
+echo "::: Please enter the Name of the client to be revoked from the list above:"
+read NAME
+
+cd /etc/openvpn/easy-rsa
+source /etc/openvpn/easy-rsa/vars
+
+./revoke-full $NAME
+echo "::: Certificate revoked, removing ovpns from /home/$INSTALL_USER/ovpns"
+rm /home/$INSTALL_USER/ovpns/$NAME.ovpn
+cp /etc/openvpn/easy-rsa/keys/crl.pem /etc/openvpn/crl.pem
+echo "::: Completed!"
+
+if [ $REVOKE_STATUS == 0 ]; then
+        echo 1 > /etc/pivpn/REVOKE_STATUS
+        printf "\nThis seems to be the first time you have revoked a cert.\n"
+        printf "We are adding the CRL to the server.conf and restarting openvpn.\n"
+        sed -i '/#crl-verify/c\crl-verify /etc/openvpn/crl.pem' /etc/openvpn/server.conf
+        systemctl restart openvpn.service
+fi

scripts/uninstall.sh

@@ -0,0 +1,117 @@
+#!/usr/bin/env bash
+# PiVPN: Uninstall Script
+
+# Must be root to uninstall
+if [[ $EUID -eq 0 ]];then
+    echo "::: You are root."
+else
+    echo "::: Sudo will be used for the uninstall."
+  # Check if it is actually installed
+  # If it isn't, exit because the unnstall cannot complete
+  if [[ $(dpkg-query -s sudo) ]];then
+        export SUDO="sudo"
+  else
+    echo "::: Please install sudo or run this as root."
+    exit 1
+  fi
+fi
+
+INSTALL_USER=$(cat /etc/pivpn/INSTALL_USER)
+
+# Find the rows and columns
+rows=$(tput lines)
+columns=$(tput cols)
+
+# Divide by two so the dialogs take up half of the screen, which looks nice.
+r=$(( rows / 2 ))
+c=$(( columns / 2 ))
+
+spinner()
+{
+    local pid=$1
+    local delay=0.50
+    local spinstr='/-\|'
+    while [ "$(ps a | awk '{print $1}' | grep "$pid")" ]; do
+        local temp=${spinstr#?}
+        printf " [%c]  " "$spinstr"
+        local spinstr=$temp${spinstr%"$temp"}
+        sleep $delay
+        printf "\b\b\b\b\b\b"
+    done
+    printf "    \b\b\b\b"
+}
+
+function removeAll {
+    # Purge dependencies
+echo ":::"
+    dependencies=( openvpn easy-rsa git iptables-persistent dnsutils )
+    for i in "${dependencies[@]}"; do
+        if [ "$(dpkg-query -W --showformat='${Status}\n' "$i" 2> /dev/null | grep -c "ok installed")" -eq 1 ]; then
+            while true; do
+                read -rp "::: Do you wish to remove $i from your system? [y/n]: " yn
+                case $yn in
+                    [Yy]* ) printf ":::\tRemoving %s..." "$i"; $SUDO apt-get -y remove --purge "$i" &> /dev/null & spinner $!; printf "done!\n"; 
+                            if [ "$i" == "openvpn" ]; then UINST_OVPN=1 ; fi
+                            break;;
+                    [Nn]* ) printf ":::\tSkipping %s" "$i\n"; break;;
+                    * ) printf "::: You must answer yes or no!\n";;
+                esac
+            done
+        else
+            printf ":::\tPackage %s not installed... Not removing.\n" "$i"
+        fi
+    done
+
+    # Take care of any additional package cleaning
+    printf "::: Auto removing remaining dependencies..."
+    $SUDO apt-get -y autoremove &> /dev/null & spinner $!; printf "done!\n";
+    printf "::: Auto cleaning remaining dependencies..."
+    $SUDO apt-get -y autoclean &> /dev/null & spinner $!; printf "done!\n";
+
+    echo ":::"
+    # Removing pivpn files
+    echo "::: Removing pivpn system files..."
+    $SUDO rm -rf /opt/pivpn &> /dev/null
+    $SUDO rm -rf /etc/.pivpn &> /dev/null
+    $SUDO rm -rf /etc/pivpn &> /dev/null
+    $SUDO rm -rf /home/$INSTALL_USER/ovpns &> /dev/null
+
+    $SUDO rm -rf /var/log/*pivpn* &> /dev/null
+    $SUDO rm -rf /var/log/*openvpn* &> /dev/null
+    if [[ $UINST_OVPN = 1 ]]; then
+        $SUDO rm -rf /etc/openvpn &> /dev/null
+    fi
+    $SUDO rm /usr/local/bin/pivpn &> /dev/null
+    $SUDO rm /etc/bash_completion.d/pivpn
+
+    # Disable IPv4 forwarding
+    sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
+    sysctl -p
+    
+    echo ":::"
+    printf "::: Finished removing PiVPN from your system.\n"
+    printf "::: Reinstall by simpling running\n:::\n:::\tcurl -L vigilcode.com/pivpnsetup | bash\n:::\n::: at any time!\n:::\n"
+}
+
+function askreboot() {
+    printf "It is \e[1mstrongly\e[0m recommended to reboot after un-installation.\n"
+    read -p "Would you like to reboot now (y/n)? " -n 1 -r
+    echo
+    if [[ $REPLY =~ ^[Yy]$ ]]; then
+        printf "\nRebooting system...\n"
+        sleep 3
+        shutdown -r now
+    fi
+}
+
+######### SCRIPT ###########
+echo "::: Preparing to remove packages, be sure that each may be safely removed depending on your operating system."
+echo "::: (SAFE TO REMOVE ALL ON RASPBIAN)"
+while true; do
+    read -rp "::: Do you wish to completely remove PiVPN configuration and installed packages from your system? (You will be prompted for each package) [y/n]: " yn
+    case $yn in
+        [Yy]* ) removeAll; askreboot; break;;
+    
+        [Nn]* ) printf "::: Not removing anything, exiting...\n"; break;;
+    esac
+done