From d0f85e34292bceb3a9d4ac4d496de6898386e116 Mon Sep 17 00:00:00 2001 From: LMS235 Date: Mon, 24 Dec 2018 14:24:20 +0100 Subject: [PATCH 01/12] right adjustment -read for "other" withdrawn from .ovpn files - delete also /etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn after remove certificate --- scripts/makeOVPN.sh | 2 ++ scripts/removeOVPN.sh | 1 + 2 files changed, 3 insertions(+) diff --git a/scripts/makeOVPN.sh b/scripts/makeOVPN.sh index a92bc7b..48a25ee 100755 --- a/scripts/makeOVPN.sh +++ b/scripts/makeOVPN.sh @@ -241,6 +241,8 @@ echo "tls-auth Private Key found: $TA" # Copy the .ovpn profile to the home directory for convenient remote access cp "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" chown "$INSTALL_USER" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" +chmod o-r "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" +chmod o-r "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" printf "\n\n" printf "========================================================\n" printf "\e[1mDone! %s successfully created!\e[0m \n" "$NAME$FILEEXT" diff --git a/scripts/removeOVPN.sh b/scripts/removeOVPN.sh index 6bf0610..4438d98 100644 --- a/scripts/removeOVPN.sh +++ b/scripts/removeOVPN.sh @@ -114,6 +114,7 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key" rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt" rm -rf "/home/${INSTALL_USER}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn" + rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn" cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem done printf "::: Completed!\n" From 996c5469f3b7b309c6194f6eb06a21a6708e80e3 Mon Sep 17 00:00:00 2001 From: LMS235 Date: Mon, 24 Dec 2018 15:49:44 +0100 Subject: [PATCH 02/12] Telekom Hybrid Check Small check whether Telekom Hybrid will be used to give helpful tips. --- scripts/pivpnDebug.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/scripts/pivpnDebug.sh b/scripts/pivpnDebug.sh index a5d4f77..b850032 100644 --- a/scripts/pivpnDebug.sh +++ b/scripts/pivpnDebug.sh @@ -20,4 +20,16 @@ if [[ ${noUFW} -eq 1 ]]; then printf ":::\t\t\t\t\t:::\n::\tOutput of iptables\t\t ::\n:::\t\t\t\t\t:::\n" iptables -t nat -L -n -v fi +# Telekom Hybrid Check +wget -O /tmp/hybcheck http://speedport.ip &>/dev/null +if grep -Fq "Speedport Pro" /tmp/hybcheck || grep -Fq "Speedport Hybrid" /tmp/hybcheck +then + printf ":::\t\t\t\t\t:::\n::\tTelekom Hybrid Check\t\t ::\n:::\t\t\t\t\t:::\n" + echo "Are you using Telekom Hybrid (found a hybrid compatible router)?" + echo "If yes and you have problems with the connections you can test the following:" + echo "Add 'tun-mtu 1316' in /etc/openvpn/easy-rsa/pki/Default.txt to set a hybrid compatible MTU size (new .ovpn files)." + echo "For already existing .ovpn files 'tun-mtu 1316' can also be inserted there manually." + echo "With Telekom hybrid connections, you may have to experiment a little with MTU (tun-mtu, link-mtu and mssfix)." +fi +rm /tmp/hybcheck printf ":::\t\t\t\t\t:::\n::\tDebug Output Complete\t\t ::\n:::\t\t\t\t\t:::\n" From 24db1bc2e20aa4a521638a4496748a3b4a9856b9 Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Tue, 5 Mar 2019 11:32:49 -0500 Subject: [PATCH 03/12] Initial commit with comment --- auto_install/install.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index f743d05..46b1ca8 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -10,6 +10,8 @@ # curl -L https://install.pivpn.io | bash # Make sure you have `curl` installed +#Adding custom search domain - atlasalex + set -e ######## VARIABLES ######### @@ -32,7 +34,7 @@ pivpnFilesDir="/etc/.pivpn" easyrsaVer="3.0.4" easyrsaRel="https://github.com/OpenVPN/easy-rsa/releases/download/v${easyrsaVer}/EasyRSA-${easyrsaVer}.tgz" -# Raspbian's unattended-upgrades package downloads Debian's config, so this is the link for the proper config +# Raspbian's unattended-upgrades package downloads Debian's config, so this is the link for the proper config UNATTUPG_CONFIG="https://github.com/mvo5/unattended-upgrades/archive/1.4.tar.gz" # Find the rows and columns. Will default to 80x24 if it can not be detected. From 3364f76790a7e2eff6b6e7cb41428db121474211 Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Sun, 10 Mar 2019 13:55:14 -0400 Subject: [PATCH 04/12] Added procedure to allow users to set custom search domain. --- auto_install/install.sh | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index 46b1ca8..fb52306 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -10,8 +10,6 @@ # curl -L https://install.pivpn.io | bash # Make sure you have `curl` installed -#Adding custom search domain - atlasalex - set -e ######## VARIABLES ######### @@ -704,6 +702,36 @@ setClientDNS() { fi } +#This procedure allows a user to specify a custom search domain if they have one. +setCustomDomain() { + DomainSettingsCorrect=False + + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Would you like to add a custom search domain? \n (This is only for advanced users who have their own domain)\n" 8 78); then + + until [[ $DomainSettingsCorrect = True ]] + do + if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" 8 78 --title "Test" 3>&1 1>&2 2>&3); then + + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" 8 78); then + DomainSettingsCorrect=True + + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' server.conf + + else + # If the settings are wrong, the loop continues + DomainSettingsCorrect=False + fi + else + echo "::: Cancel selected. Exiting..." + exit 1 + fi + done + + else + echo sleep 0.1 + fi +} + confOpenVPN() { # Generate a random, alphanumeric identifier of 16 characters for this server so that we can use verify-x509-name later that is unique for this server installation. Source: Earthgecko (https://gist.github.com/earthgecko/3089509) NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) @@ -1106,6 +1134,7 @@ installPiVPN() { confNetwork confOVPN setClientDNS + setCustomDomain confLogging finalExports } From 3a0d6b1b471d4b5273452468894f2f8bad10b37c Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Sun, 10 Mar 2019 14:02:37 -0400 Subject: [PATCH 05/12] Fixed server.conf path --- auto_install/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index fb52306..f5e0694 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -715,7 +715,7 @@ setCustomDomain() { if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" 8 78); then DomainSettingsCorrect=True - $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' server.conf + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' /etc/openvpn/server.conf else # If the settings are wrong, the loop continues From 0cd9e0deb6525994e6c8b08230d8b3ac325a2d1f Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Sun, 10 Mar 2019 20:06:49 -0400 Subject: [PATCH 06/12] Added function valid_domain to check user input of custom domain --- auto_install/install.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/auto_install/install.sh b/auto_install/install.sh index f5e0694..b57aa6d 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -380,6 +380,18 @@ function valid_ip() return $stat } +#Call this function to use a regex to check user input for a valid custom domain +function valid_domain() +{ + local domain=$1 + local stat=1 + + if [[ $domain =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}\.[a-zA-Z]{2,}$ ]]; then + stat=$? + fi + return $stat +} + installScripts() { # Install the scripts from /etc/.pivpn to their various locations $SUDO echo ":::" From 9808234792c0a3cef80bdafd6c5f00dc490d962b Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Sun, 10 Mar 2019 22:33:20 -0400 Subject: [PATCH 07/12] Called valid_domain function in SetCustomDomain() --- auto_install/install.sh | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index b57aa6d..f7d5d9a 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -722,16 +722,20 @@ setCustomDomain() { until [[ $DomainSettingsCorrect = True ]] do - if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" 8 78 --title "Test" 3>&1 1>&2 2>&3); then + if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" 8 78 --title "Custom Domain" 3>&1 1>&2 2>&3); then + if valid_domain "$CUSTOMDomain"; then + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" 8 78); then + DomainSettingsCorrect=True - if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" 8 78); then - DomainSettingsCorrect=True - - $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' /etc/openvpn/server.conf + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' server.conf + else + # If the settings are wrong, the loop continues + DomainSettingsCorrect=False + fi else - # If the settings are wrong, the loop continues - DomainSettingsCorrect=False + whiptail --msgbox --backtitle "Invalid Domain" --title "Invalid Domain" "Domain is invalid. Please try again.\n\n DOMAIN: $CUSTOMDomain\n" 8 78 + DomainSettingsCorrect=False fi else echo "::: Cancel selected. Exiting..." From 9bb82ff372a3c1feb1d2e7c7b17c08b32c33e483 Mon Sep 17 00:00:00 2001 From: Alex Heidenreich Date: Sun, 10 Mar 2019 22:35:18 -0400 Subject: [PATCH 08/12] changed whiptail sizing to use PiVPN variables --- auto_install/install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index f7d5d9a..1d7f147 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -718,13 +718,13 @@ setClientDNS() { setCustomDomain() { DomainSettingsCorrect=False - if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Would you like to add a custom search domain? \n (This is only for advanced users who have their own domain)\n" 8 78); then + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Would you like to add a custom search domain? \n (This is only for advanced users who have their own domain)\n" ${r} ${c}); then until [[ $DomainSettingsCorrect = True ]] do - if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" 8 78 --title "Custom Domain" 3>&1 1>&2 2>&3); then + if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" ${r} ${c} --title "Custom Domain" 3>&1 1>&2 2>&3); then if valid_domain "$CUSTOMDomain"; then - if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" 8 78); then + if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" ${r} ${c}); then DomainSettingsCorrect=True $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' server.conf @@ -734,7 +734,7 @@ setCustomDomain() { DomainSettingsCorrect=False fi else - whiptail --msgbox --backtitle "Invalid Domain" --title "Invalid Domain" "Domain is invalid. Please try again.\n\n DOMAIN: $CUSTOMDomain\n" 8 78 + whiptail --msgbox --backtitle "Invalid Domain" --title "Invalid Domain" "Domain is invalid. Please try again.\n\n DOMAIN: $CUSTOMDomain\n" ${r} ${c} DomainSettingsCorrect=False fi else From 76ae525c1dbaca09f084514e9b647206a42f1527 Mon Sep 17 00:00:00 2001 From: Heidenreich Date: Mon, 11 Mar 2019 10:54:54 -0400 Subject: [PATCH 09/12] updated server.conf path --- auto_install/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index 1d7f147..b46bc5e 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -727,7 +727,7 @@ setCustomDomain() { if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" ${r} ${c}); then DomainSettingsCorrect=True - $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' server.conf + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' /etc/openvpn/server.conf else # If the settings are wrong, the loop continues From ae934253f9b2480c5291cad496d4d26572383130 Mon Sep 17 00:00:00 2001 From: Heidenreich Date: Mon, 11 Mar 2019 11:22:31 -0400 Subject: [PATCH 10/12] Updated sed insertion to fix line overwrite --- auto_install/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index b46bc5e..558e6aa 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -727,7 +727,7 @@ setCustomDomain() { if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" ${r} ${c}); then DomainSettingsCorrect=True - $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" /' /etc/openvpn/server.conf + $SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" \n&/' /etc/openvpn/server.conf else # If the settings are wrong, the loop continues From e4fd3703788a1095e3b4f6c186eefc94e82b2a78 Mon Sep 17 00:00:00 2001 From: 4s3ti Date: Fri, 29 Mar 2019 09:47:27 +0100 Subject: [PATCH 11/12] Update ISSUE_TEMPLATE.md --- ISSUE_TEMPLATE.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md index 9058522..e3da04b 100644 --- a/ISSUE_TEMPLATE.md +++ b/ISSUE_TEMPLATE.md @@ -1,7 +1,5 @@ -PiVPN is no longer maintained, see the README - From cc80ca16bb3a333a533c9f77c47616b6d5e48aa1 Mon Sep 17 00:00:00 2001 From: Giraffe1966 <35208168+Giraffe1966@users.noreply.github.com> Date: Sun, 23 Sep 2018 14:43:51 -0400 Subject: [PATCH 12/12] Use shallow clone for make_repo and update_repo. --- auto_install/install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index f743d05..af7c258 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -537,7 +537,7 @@ make_repo() { # Remove the non-repos interface and clone the interface echo -n "::: Cloning $2 into $1..." $SUDO rm -rf "${1}" - $SUDO git clone -q "${2}" "${1}" > /dev/null & spinner $! + $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $! if [ -z "${TESTING+x}" ]; then : else @@ -552,9 +552,9 @@ update_repo() { else # Pull the latest commits echo -n "::: Updating repo in $1..." + $SUDO rm -rf "${1}" + $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $! cd "${1}" || exit 1 - $SUDO git stash -q > /dev/null & spinner $! - $SUDO git pull -q > /dev/null & spinner $! if [ -z "${TESTING+x}" ]; then : else