diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md index c649057..6853205 100644 --- a/ISSUE_TEMPLATE.md +++ b/ISSUE_TEMPLATE.md @@ -1,7 +1,5 @@ -PiVPN is no longer maintained, see the README - diff --git a/auto_install/install.sh b/auto_install/install.sh index c5ab41f..ea915f3 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -378,6 +378,18 @@ function valid_ip() return $stat } +#Call this function to use a regex to check user input for a valid custom domain +function valid_domain() +{ + local domain=$1 + local stat=1 + + if [[ $domain =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}\.[a-zA-Z]{2,}$ ]]; then + stat=$? + fi + return $stat +} + installScripts() { # Install the scripts from /etc/.pivpn to their various locations $SUDO echo ":::" @@ -534,7 +546,7 @@ make_repo() { # Remove the non-repos interface and clone the interface echo -n "::: Cloning $2 into $1..." $SUDO rm -rf "${1}" - $SUDO git clone -q "${2}" "${1}" > /dev/null & spinner $! + $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $! if [ -z "${TESTING+x}" ]; then : else @@ -549,9 +561,9 @@ update_repo() { else # Pull the latest commits echo -n "::: Updating repo in $1..." + $SUDO rm -rf "${1}" + $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $! cd "${1}" || exit 1 - $SUDO git stash -q > /dev/null & spinner $! - $SUDO git pull -q > /dev/null & spinner $! if [ -z "${TESTING+x}" ]; then : else @@ -699,6 +711,40 @@ setClientDNS() { fi } +#This procedure allows a user to specify a custom search domain if they have one. +setCustomDomain() { + DomainSettingsCorrect=False + + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Would you like to add a custom search domain? \n (This is only for advanced users who have their own domain)\n" ${r} ${c}); then + + until [[ $DomainSettingsCorrect = True ]] + do + if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" ${r} ${c} --title "Custom Domain" 3>&1 1>&2 2>&3); then + if valid_domain "$CUSTOMDomain"; then + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" ${r} ${c}); then + DomainSettingsCorrect=True + + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" \n&/' /etc/openvpn/server.conf + + else + # If the settings are wrong, the loop continues + DomainSettingsCorrect=False + fi + else + whiptail --msgbox --backtitle "Invalid Domain" --title "Invalid Domain" "Domain is invalid. Please try again.\n\n DOMAIN: $CUSTOMDomain\n" ${r} ${c} + DomainSettingsCorrect=False + fi + else + echo "::: Cancel selected. Exiting..." + exit 1 + fi + done + + else + echo sleep 0.1 + fi +} + confOpenVPN() { # Generate a random, alphanumeric identifier of 16 characters for this server so that we can use verify-x509-name later that is unique for this server installation. Source: Earthgecko (https://gist.github.com/earthgecko/3089509) NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) @@ -1100,6 +1146,7 @@ installPiVPN() { confNetwork confOVPN setClientDNS + setCustomDomain confLogging finalExports } @@ -1272,7 +1319,7 @@ main() { # Clone/Update the repos clone_or_update_repos - # Install and log everything to a file + # Install if installPiVPN; then echo "::: Install Complete..." else diff --git a/scripts/makeOVPN.sh b/scripts/makeOVPN.sh index a92bc7b..48a25ee 100755 --- a/scripts/makeOVPN.sh +++ b/scripts/makeOVPN.sh @@ -241,6 +241,8 @@ echo "tls-auth Private Key found: $TA" # Copy the .ovpn profile to the home directory for convenient remote access cp "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" chown "$INSTALL_USER" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" +chmod o-r "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" +chmod o-r "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" printf "\n\n" printf "========================================================\n" printf "\e[1mDone! %s successfully created!\e[0m \n" "$NAME$FILEEXT" diff --git a/scripts/pivpnDebug.sh b/scripts/pivpnDebug.sh index b13c8ae..849c70d 100755 --- a/scripts/pivpnDebug.sh +++ b/scripts/pivpnDebug.sh @@ -148,8 +148,22 @@ fi if [ "$ERR" -eq 1 ]; then echo -e "[INFO] Run \e[1mpivpn -d\e[0m again to see if we detect issues" fi + printf "=============================================\n" echo -e ":::: \e[4mSnippet of the server log\e[0m ::::" tail -20 /var/log/openvpn.log printf "=============================================\n" echo -e "::::\t\t\e[4mDebug complete\e[0m\t\t ::::" + +# Telekom Hybrid Check +wget -O /tmp/hybcheck http://speedport.ip &>/dev/null +if grep -Fq "Speedport Pro" /tmp/hybcheck || grep -Fq "Speedport Hybrid" /tmp/hybcheck +then + printf ":::\t\t\t\t\t:::\n::\tTelekom Hybrid Check\t\t ::\n:::\t\t\t\t\t:::\n" + echo "Are you using Telekom Hybrid (found a hybrid compatible router)?" + echo "If yes and you have problems with the connections you can test the following:" + echo "Add 'tun-mtu 1316' in /etc/openvpn/easy-rsa/pki/Default.txt to set a hybrid compatible MTU size (new .ovpn files)." + echo "For already existing .ovpn files 'tun-mtu 1316' can also be inserted there manually." + echo "With Telekom hybrid connections, you may have to experiment a little with MTU (tun-mtu, link-mtu and mssfix)." +fi +rm /tmp/hybcheck diff --git a/scripts/removeOVPN.sh b/scripts/removeOVPN.sh index 6bf0610..4438d98 100755 --- a/scripts/removeOVPN.sh +++ b/scripts/removeOVPN.sh @@ -114,6 +114,7 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key" rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt" rm -rf "/home/${INSTALL_USER}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn" + rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn" cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem done printf "::: Completed!\n"