Added uninstall and Pi-hole detection

2025-04-23 15:50:11 +00:00 · 2019-11-07 17:29:21 +01:00 · 2019-11-07 17:29:21 +01:00 · 84f90b00a4
commit 84f90b00a4
parent e77f668021
9 changed files with 275 additions and 42 deletions
--- a/scripts/openvpn/backup.sh
+++ b/scripts/openvpn/backup.sh
@ -19,7 +19,7 @@ backup_openvpn(){
  cp -r $openvpndir $ovpnsdir $backupdir 2&>1
  backupzip=$date-pivpnbackup.tgz
  tar -czf $backupzip -C ${install_home} $backupdir 2&>1
-  echo -e "Backup crated to $install_home/$backupdir/$backupzip \nTo restore the backup, follow instructions at:\nhttps://github.com/pivpn/pivpn/wiki/FAQ#how-can-i-migrate-my-configs-to-another-pivpn-instance" 
+  echo -e "Backup crated to $install_home/$backupdir/$backupzip \nTo restore the backup, follow instructions at:\nhttps://github.com/pivpn/pivpn/wiki/FAQ#how-can-i-migrate-my-configs-to-another-pivpn-instance"
 }


--- a/scripts/openvpn/makeOVPN.sh
+++ b/scripts/openvpn/makeOVPN.sh
@ -36,7 +36,7 @@ helpFunc() {
 if [ -z "$HELP_SHOWN" ]; then
    helpFunc
    echo
-    echo "HELP_SHOWN=1" >> "$setupVars" 
+    echo "HELP_SHOWN=1" >> "$setupVars"
 fi

 # Parse input arguments
@ -351,9 +351,9 @@ if [ "$iOS" = "1" ]; then
    fi

 	} > "${NAME}${FILEEXT}"
-	
+
 	# Copy the .ovpn profile to the home directory for convenient remote access
-		
+
 	printf "========================================================\n"
 	printf "Generating an .ovpn12 file for use with iOS devices\n"
 	printf "Please remember the export password\n"
--- a/scripts/openvpn/pivpn
+++ b/scripts/openvpn/pivpn
@ -62,7 +62,7 @@ function update {

 function backup {

-    $SUDO /opt/pivpn/backup.sh 
+    $SUDO /opt/pivpn/backup.sh
    exit 0

 }
--- a/scripts/openvpn/removeOVPN.sh
+++ b/scripts/openvpn/removeOVPN.sh
@ -46,7 +46,7 @@ fi
 if [[ -z "${CERTS_TO_REVOKE}" ]]; then
    printf "\n"
    printf " ::\e[4m  Certificate List  \e[0m:: \n"
-    
+
    i=0
    while read -r line || [ -n "$line" ]; do
        STATUS=$(echo "$line" | awk '{print $1}')
@ -61,26 +61,26 @@ if [[ -z "${CERTS_TO_REVOKE}" ]]; then
        fi
    done <${INDEX}
    printf "\n"
-    
+
    echo -n "::: Please enter the Name of the client to be revoked from the list above: "
    read -r NAME
-    
+
    if [[ -z "${NAME}" ]]; then
        echo "You can not leave this blank!"
        exit 1
    fi
-    
+
    for((x=1;x<=i;++x)); do
        if [ "${CERTS[$x]}" = "${NAME}" ]; then
            VALID=1
        fi
    done
-    
+
    if [ -z "${VALID}" ]; then
        printf "You didn't enter a valid cert name!\n"
        exit 1
    fi
-    
+
    CERTS_TO_REVOKE=( "${NAME}" )
 else
    i=0
@ -92,7 +92,7 @@ else
            let i=i+1
        fi
    done <${INDEX}
-    
+
    for (( ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
        VALID=0
        for((x=1;x<=i;++x)); do
@ -100,7 +100,7 @@ else
                VALID=1
            fi
        done
-        
+
        if [ "${VALID}" != 1 ]; then
            printf "You passed an invalid cert name: '"%s"'!\n" "${CERTS_TO_REVOKE[ii]}"
            exit 1
--- a/scripts/openvpn/update.sh
+++ b/scripts/openvpn/update.sh
@ -1,4 +1,4 @@
-#/bin/bash
+#!/bin/bash

 ###Updates pivpn scripts (Not PiVPN)
 ###Main Vars
@ -11,7 +11,7 @@ bashcompletiondir="/etc/bash_completion.d/pivpn"
 ###Functions
 ##Updates scripts
 updatepivpnscripts(){
-    ##We don't know what sort of changes users have made. 
+    ##We don't know what sort of changes users have made.
    ##Lets remove first /etc/.pivpn dir then clone it back again
    echo "going do update PiVPN Scripts"
    if [[ -d $pivpnlocalpath ]]; then
@ -25,9 +25,9 @@ updatepivpnscripts(){
    echo "PiVPN Scripts have been updated"
 }

-##Updates scripts using test branch 
+##Updates scripts using test branch
 updatefromtest(){
-    ##We don't know what sort of changes users have made. 
+    ##We don't know what sort of changes users have made.
    ##Lets remove first /etc/.pivpn dir then clone it back again
    echo "PiVPN Scripts updating from test branch"
    if [[ -d /etc/.pivpn ]]; then
@ -89,8 +89,8 @@ else
          scriptusage
          exit 0
          ;;
-      * ) 
-        updatepivpnscripts 
+      * )
+        updatepivpnscripts
        exit 0
        ;;
    esac
--- a/scripts/uninstall.sh
+++ b/scripts/uninstall.sh
@ -0,0 +1,197 @@
+#!/usr/bin/env bash
+# PiVPN: Uninstall Script
+
+PKG_MANAGER="apt-get"
+WG_SNAPSHOT="0.0.20191012"
+setupVars="/etc/pivpn/setupVars.conf"
+
+if [ ! -f "${setupVars}" ]; then
+	echo "::: Missing setup vars file!"
+	exit 1
+fi
+
+source "${setupVars}"
+
+# Find the rows and columns. Will default to 80x24 if it can not be detected.
+screen_size=$(stty size 2>/dev/null || echo 24 80)
+rows=$(echo $screen_size | awk '{print $1}')
+columns=$(echo $screen_size | awk '{print $2}')
+
+# Divide by two so the dialogs take up half of the screen, which looks nice.
+r=$(( rows / 2 ))
+c=$(( columns / 2 ))
+# Unless the screen is tiny
+r=$(( r < 20 ? 20 : r ))
+c=$(( c < 70 ? 70 : c ))
+
+spinner(){
+	local pid=$1
+	local delay=0.50
+	local spinstr='/-\|'
+	while [ "$(ps a | awk '{print $1}' | grep "$pid")" ]; do
+		local temp=${spinstr#?}
+		printf " [%c]  " "$spinstr"
+		local spinstr=$temp${spinstr%"$temp"}
+		sleep $delay
+		printf "\b\b\b\b\b\b"
+	done
+	printf "    \b\b\b\b"
+}
+
+removeAll(){
+	# Stopping and disabling services
+	echo "::: Stopping and disabling services..."
+
+	if [ "$VPN" = "WireGuard" ]; then
+		systemctl stop wg-quick@wg0
+		systemctl disable wg-quick@wg0 &> /dev/null
+	elif [ "$VPN" = "OpenVPN" ]; then
+		systemctl stop openvpn
+		systemctl disable openvpn &> /dev/null
+	fi
+
+	# Removing firewall rules.
+	echo "::: Removing firewall rules..."
+
+	if [ "$VPN" = "WireGuard" ]; then
+		pivpnDEV="wg0"
+		pivpnNET="10.6.0.0/24"
+	elif [ "$VPN" = "OpenVPN" ]; then
+		pivpnDEV="tun0"
+		pivpnNET="10.8.0.0/24"
+	fi
+
+	if [ "$USING_UFW" -eq 1 ]; then
+
+		ufw delete allow "${pivpnPORT}"/udp > /dev/null
+		ufw route delete allow in on "$pivpnDEV" from "$pivpnNET" out on "${IPv4dev}" to any > /dev/null
+		sed -z "s/*nat\n:POSTROUTING ACCEPT \[0:0\]\n-I POSTROUTING -s 10.6.0.0\/24 -o ${IPv4dev} -j MASQUERADE\nCOMMIT\n\n//" -i /etc/ufw/before.rules
+		ufw reload &> /dev/null
+
+	elif [ "$USING_UFW" -eq 0 ]; then
+
+		if [ "$INPUT_CHAIN_EDITED" -eq 1 ]; then
+			iptables -D INPUT -i "${IPv4dev}" -p udp --dport "${pivpnPORT}" -j ACCEPT
+		fi
+
+		if [ "$FORWARD_CHAIN_EDITED" -eq 1 ]; then
+			iptables -D FORWARD -d "$pivpnNET" -i "${IPv4dev}" -o "$pivpnDEV" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+			iptables -D FORWARD -s "$pivpnNET" -i "$pivpnDEV" -o "${IPv4dev}" -j ACCEPT
+		fi
+
+		iptables -t nat -D POSTROUTING -s "$pivpnNET" -o "${IPv4dev}" -j MASQUERADE
+		iptables-save > /etc/iptables/rules.v4
+
+	fi
+
+	# Disable IPv4 forwarding
+	sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
+	sysctl -p
+
+	# Purge dependencies
+	echo "::: Purge dependencies..."
+
+	for i in "${TO_INSTALL[@]}"; do
+		while true; do
+			read -rp "::: Do you wish to remove $i from your system? [Y/n]: " yn
+			case $yn in
+				[Yy]* ) if [ "${i}" = "wireguard" ]; then
+
+							if [ "$(uname -m)" = "armv7l" ] || [ "$(uname -m)" = "x86_64" ] || [ "$(uname -m)" = "i686" ]; then
+								rm /etc/apt/sources.list.d/unstable.list
+								rm /etc/apt/preferences.d/limit-unstable
+								$PKG_MANAGER update &> /dev/null
+							fi
+							rm -rf /etc/wireguard
+							rm -rf $install_home/configs
+
+						elif [ "${i}" = "wireguard-dkms" ]; then
+
+							# If we installed wireguard-dkms and we are on armv6l, then we manually need
+							# to remove the kernel module and skip the apt uninstallation (since it's not an
+							# actual package)
+							if [ "$(uname -m)" = "armv6l" ]; then
+								dkms remove wireguard/"${WG_SNAPSHOT}" --all
+								rm -rf /usr/src/wireguard-*
+								break
+							fi
+
+						elif [ "${i}" = "dirmngr" ]; then
+
+							# If dirmngr was installed, then we had previously installed wireguard on armv7l
+							# so we remove the repository keys
+							apt-key remove E1CF20DDFFE4B89E802658F1E0B11894F66AEC98 80D15823B7FD1561F9F7BCDDDC30D7C23CBBABEE &> /dev/null
+
+						elif [ "${i}" = "openvpn" ]; then
+
+							rm -rf /var/log/*openvpn*
+							rm -rf /etc/openvpn
+							rm -rf $install_home/ovpns
+
+						elif [ "${i}" = "unattended-upgrades" ]; then
+
+							rm -rf /var/log/unattended-upgrades
+							rm -rf /etc/apt/apt.conf.d/*periodic
+							rm -rf /etc/apt/apt.conf.d/*unattended-upgrades
+
+						fi
+						printf ":::\tRemoving %s..." "$i"; $PKG_MANAGER -y remove --purge "$i" &> /dev/null & spinner $!; printf "done!\n";
+						break
+						;;
+				[Nn]* ) printf ":::\tSkipping %s\n" "$i";
+						break
+						;;
+				* ) printf "::: You must answer yes or no!\n";;
+			esac
+		done
+	done
+
+	# Take care of any additional package cleaning
+	printf "::: Auto removing remaining dependencies..."
+	$PKG_MANAGER -y autoremove &> /dev/null & spinner $!; printf "done!\n";
+	printf "::: Auto cleaning remaining dependencies..."
+	$PKG_MANAGER -y autoclean &> /dev/null & spinner $!; printf "done!\n";
+
+	echo ":::"
+	# Removing pivpn files
+	echo "::: Removing pivpn system files..."
+
+	if [ -f /etc/dnsmasq.d/02-pivpn.conf ]; then
+		rm /etc/dnsmasq.d/02-pivpn.conf
+		pihole restartdns
+	fi
+
+	rm -rf /opt/pivpn
+	rm -rf /etc/.pivpn
+	rm -rf /etc/pivpn
+	rm -rf /var/log/*pivpn*
+	rm /usr/local/bin/pivpn
+	rm /etc/bash_completion.d/pivpn
+
+	echo ":::"
+	printf "::: Finished removing PiVPN from your system.\n"
+	printf "::: Reinstall by simpling running\n:::\n:::\tcurl -L https://install.pivpn.io | bash\n:::\n::: at any time!\n:::\n"
+}
+
+askreboot(){
+	printf "It is \e[1mstrongly\e[0m recommended to reboot after un-installation.\n"
+	read -p "Would you like to reboot now? [y/n]: " -n 1 -r
+	echo
+	if [[ ${REPLY} =~ ^[Yy]$ ]]; then
+		printf "\nRebooting system...\n"
+		sleep 3
+		shutdown -r now
+	fi
+}
+
+######### SCRIPT ###########
+echo "::: Preparing to remove packages, be sure that each may be safely removed depending on your operating system."
+echo "::: (SAFE TO REMOVE ALL ON RASPBIAN)"
+while true; do
+	read -rp "::: Do you wish to completely remove PiVPN configuration and installed packages from your system? (You will be prompted for each package) [y/n]: " yn
+	case $yn in
+		[Yy]* ) removeAll; askreboot; break;;
+
+		[Nn]* ) printf "::: Not removing anything, exiting...\n"; break;;
+	esac
+done
--- a/scripts/wireguard/qrcodeCONF.sh
+++ b/scripts/wireguard/qrcodeCONF.sh
@ -29,7 +29,7 @@ done

 cd /etc/wireguard/configs
 if [ ! -s clients.txt ]; then
-    echo "::: There are no clients to remove"
+    echo "::: There are no clients to show"
    exit 1
 fi

--- a/scripts/wireguard/removeCONF.sh
+++ b/scripts/wireguard/removeCONF.sh
@ -79,18 +79,18 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do

            # Then remove the client matching the variables above
            sed "/${CLIENT_NAME} ${CREATION_DATE} ${COUNT}/d" -i configs/clients.txt
-            
+
            # Remove the peer section from the server config
            sed "/# begin ${CLIENT_NAME}/,/# end ${CLIENT_NAME}/d" -i wg0.conf
            echo "::: Updated server config"
-            
+
            rm "configs/${CLIENT_NAME}.conf"
            echo "::: Client config for ${CLIENT_NAME} removed"

            rm "keys/${CLIENT_NAME}_priv"
            rm "keys/${CLIENT_NAME}_pub"
            echo "::: Client Keys for ${CLIENT_NAME} removed"
-            
+
            # Find all .conf files in the home folder of the user matching the checksum of the
            # config and delete them. '-maxdepth 3' is used to avoid traversing too many folders.
            find "${install_home}" -maxdepth 3 -type f -name '*.conf' -print0 | while IFS= read -r -d '' CONFIG; do
@ -108,7 +108,7 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
 done

 # Restart WireGuard only if some clients were actually deleted
-if [ "${DELETED_COUNT}" -gt 0 ]; then 
+if [ "${DELETED_COUNT}" -gt 0 ]; then
    if systemctl restart wg-quick@wg0; then
        echo "::: WireGuard restarted"
    else