Resolved merge conflict

This commit is contained in:
Orazio 2019-05-03 10:26:56 +02:00
commit 63d3335f33
5 changed files with 68 additions and 6 deletions

View file

@ -1,7 +1,5 @@
<!-- PLEASE READ THIS TEMPLATE CAREFULLY BEFORE OPENING AN ISSUE! --> <!-- PLEASE READ THIS TEMPLATE CAREFULLY BEFORE OPENING AN ISSUE! -->
PiVPN is no longer maintained, see the README
<!-- Hi, you are about to open a new issue, Please provide us with all the info required below, incomplete issues will decrease our effectiveness to troubleshoot your issue and increase the time we need to spend helping you out, or with your issue closed even if it is a legitimate issue. Please remember we do not have any super power that makes us guess exactly what your issue is without any decent details! --> <!-- Hi, you are about to open a new issue, Please provide us with all the info required below, incomplete issues will decrease our effectiveness to troubleshoot your issue and increase the time we need to spend helping you out, or with your issue closed even if it is a legitimate issue. Please remember we do not have any super power that makes us guess exactly what your issue is without any decent details! -->
<!-- For any output requested below, you may alternatively post it on http://pastebin.com and provide the Pastebin URL in its place --> <!-- For any output requested below, you may alternatively post it on http://pastebin.com and provide the Pastebin URL in its place -->

View file

@ -378,6 +378,18 @@ function valid_ip()
return $stat return $stat
} }
#Call this function to use a regex to check user input for a valid custom domain
function valid_domain()
{
local domain=$1
local stat=1
if [[ $domain =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}\.[a-zA-Z]{2,}$ ]]; then
stat=$?
fi
return $stat
}
installScripts() { installScripts() {
# Install the scripts from /etc/.pivpn to their various locations # Install the scripts from /etc/.pivpn to their various locations
$SUDO echo ":::" $SUDO echo ":::"
@ -534,7 +546,7 @@ make_repo() {
# Remove the non-repos interface and clone the interface # Remove the non-repos interface and clone the interface
echo -n "::: Cloning $2 into $1..." echo -n "::: Cloning $2 into $1..."
$SUDO rm -rf "${1}" $SUDO rm -rf "${1}"
$SUDO git clone -q "${2}" "${1}" > /dev/null & spinner $! $SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $!
if [ -z "${TESTING+x}" ]; then if [ -z "${TESTING+x}" ]; then
: :
else else
@ -549,9 +561,9 @@ update_repo() {
else else
# Pull the latest commits # Pull the latest commits
echo -n "::: Updating repo in $1..." echo -n "::: Updating repo in $1..."
$SUDO rm -rf "${1}"
$SUDO git clone -q --depth 1 --no-single-branch "${2}" "${1}" > /dev/null & spinner $!
cd "${1}" || exit 1 cd "${1}" || exit 1
$SUDO git stash -q > /dev/null & spinner $!
$SUDO git pull -q > /dev/null & spinner $!
if [ -z "${TESTING+x}" ]; then if [ -z "${TESTING+x}" ]; then
: :
else else
@ -699,6 +711,40 @@ setClientDNS() {
fi fi
} }
#This procedure allows a user to specify a custom search domain if they have one.
setCustomDomain() {
DomainSettingsCorrect=False
if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Would you like to add a custom search domain? \n (This is only for advanced users who have their own domain)\n" ${r} ${c}); then
until [[ $DomainSettingsCorrect = True ]]
do
if CUSTOMDomain=$(whiptail --inputbox "Enter Custom Domain\nFormat: mydomain.com" ${r} ${c} --title "Custom Domain" 3>&1 1>&2 2>&3); then
if valid_domain "$CUSTOMDomain"; then
if (whiptail --backtitle "Custom Search Domain" --title "Custom Search Domain" --yesno "Are these settings correct?\n Custom Search Domain: $CUSTOMDomain" ${r} ${c}); then
DomainSettingsCorrect=True
$SUDO sed -i '0,/\(.*dhcp-option.*\)/s//\push "dhcp-option DOMAIN '${CUSTOMDomain}'" \n&/' /etc/openvpn/server.conf
else
# If the settings are wrong, the loop continues
DomainSettingsCorrect=False
fi
else
whiptail --msgbox --backtitle "Invalid Domain" --title "Invalid Domain" "Domain is invalid. Please try again.\n\n DOMAIN: $CUSTOMDomain\n" ${r} ${c}
DomainSettingsCorrect=False
fi
else
echo "::: Cancel selected. Exiting..."
exit 1
fi
done
else
echo sleep 0.1
fi
}
confOpenVPN() { confOpenVPN() {
# Generate a random, alphanumeric identifier of 16 characters for this server so that we can use verify-x509-name later that is unique for this server installation. Source: Earthgecko (https://gist.github.com/earthgecko/3089509) # Generate a random, alphanumeric identifier of 16 characters for this server so that we can use verify-x509-name later that is unique for this server installation. Source: Earthgecko (https://gist.github.com/earthgecko/3089509)
NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
@ -1100,6 +1146,7 @@ installPiVPN() {
confNetwork confNetwork
confOVPN confOVPN
setClientDNS setClientDNS
setCustomDomain
confLogging confLogging
finalExports finalExports
} }
@ -1272,7 +1319,7 @@ main() {
# Clone/Update the repos # Clone/Update the repos
clone_or_update_repos clone_or_update_repos
# Install and log everything to a file # Install
if installPiVPN; then if installPiVPN; then
echo "::: Install Complete..." echo "::: Install Complete..."
else else

View file

@ -241,6 +241,8 @@ echo "tls-auth Private Key found: $TA"
# Copy the .ovpn profile to the home directory for convenient remote access # Copy the .ovpn profile to the home directory for convenient remote access
cp "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" cp "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT"
chown "$INSTALL_USER" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT" chown "$INSTALL_USER" "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT"
chmod o-r "/etc/openvpn/easy-rsa/pki/$NAME$FILEEXT"
chmod o-r "/home/$INSTALL_USER/ovpns/$NAME$FILEEXT"
printf "\n\n" printf "\n\n"
printf "========================================================\n" printf "========================================================\n"
printf "\e[1mDone! %s successfully created!\e[0m \n" "$NAME$FILEEXT" printf "\e[1mDone! %s successfully created!\e[0m \n" "$NAME$FILEEXT"

View file

@ -148,8 +148,22 @@ fi
if [ "$ERR" -eq 1 ]; then if [ "$ERR" -eq 1 ]; then
echo -e "[INFO] Run \e[1mpivpn -d\e[0m again to see if we detect issues" echo -e "[INFO] Run \e[1mpivpn -d\e[0m again to see if we detect issues"
fi fi
printf "=============================================\n" printf "=============================================\n"
echo -e ":::: \e[4mSnippet of the server log\e[0m ::::" echo -e ":::: \e[4mSnippet of the server log\e[0m ::::"
tail -20 /var/log/openvpn.log tail -20 /var/log/openvpn.log
printf "=============================================\n" printf "=============================================\n"
echo -e "::::\t\t\e[4mDebug complete\e[0m\t\t ::::" echo -e "::::\t\t\e[4mDebug complete\e[0m\t\t ::::"
# Telekom Hybrid Check
wget -O /tmp/hybcheck http://speedport.ip &>/dev/null
if grep -Fq "Speedport Pro" /tmp/hybcheck || grep -Fq "Speedport Hybrid" /tmp/hybcheck
then
printf ":::\t\t\t\t\t:::\n::\tTelekom Hybrid Check\t\t ::\n:::\t\t\t\t\t:::\n"
echo "Are you using Telekom Hybrid (found a hybrid compatible router)?"
echo "If yes and you have problems with the connections you can test the following:"
echo "Add 'tun-mtu 1316' in /etc/openvpn/easy-rsa/pki/Default.txt to set a hybrid compatible MTU size (new .ovpn files)."
echo "For already existing .ovpn files 'tun-mtu 1316' can also be inserted there manually."
echo "With Telekom hybrid connections, you may have to experiment a little with MTU (tun-mtu, link-mtu and mssfix)."
fi
rm /tmp/hybcheck

View file

@ -114,6 +114,7 @@ for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key" rm -rf "pki/private/${CERTS_TO_REVOKE[ii]}.key"
rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt" rm -rf "pki/issued/${CERTS_TO_REVOKE[ii]}.crt"
rm -rf "/home/${INSTALL_USER}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn" rm -rf "/home/${INSTALL_USER}/ovpns/${CERTS_TO_REVOKE[ii]}.ovpn"
rm -rf "/etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn"
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
done done
printf "::: Completed!\n" printf "::: Completed!\n"