Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

refactor: improve code style

Browse source 
Improve the code style of some pieces of code
This commit is contained in:
Giulio Coa 2022-08-09 10:09:25 +02:00
parent 9a7b7dfe72
commit dda4d99f10
9 changed files with 54 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

134
auto_install/install.sh
View file

@ -32,8 +32,7 @@ PKG_MANAGER="apt-get"
### shellcheck SC2086 ### shellcheck SC2086
UPDATE_PKG_CACHE="${PKG_MANAGER} update -y" UPDATE_PKG_CACHE="${PKG_MANAGER} update -y"
PKG_INSTALL="${PKG_MANAGER} --yes --no-install-recommends install" PKG_INSTALL="${PKG_MANAGER} --yes --no-install-recommends install"
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | " PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
PKG_COUNT="${PKG_COUNT} grep -c ^Inst || true"
CHECK_PKG_INSTALLED='dpkg-query -s' CHECK_PKG_INSTALLED='dpkg-query -s'
# Dependencies that are required by the script, # Dependencies that are required by the script,
@ -53,9 +52,7 @@ INSTALLED_PACKAGES=()
######## URLs ######## ######## URLs ########
easyrsaVer="3.1.0" easyrsaVer="3.1.0"
easyrsaRel="https://github.com/OpenVPN/easy-rsa" easyrsaRel="https://github.com/OpenVPN/easy-rsa/releases/download/v${easyrsaVer}/EasyRSA-${easyrsaVer}.tgz"
easyrsaRel="${easyrsaRel}/releases/download/v${easyrsaVer}"
easyrsaRel="${easyrsaRel}/EasyRSA-${easyrsaVer}.tgz"
######## Undocumented Flags. Shhh ######## ######## Undocumented Flags. Shhh ########
runUnattended=false runUnattended=false
@ -722,10 +719,7 @@ preconfigurePackages() {
fi fi
## download binaries ## download binaries
curl \ curl -fLo "${down_dir}/master.tar.gz" \
-f \
-L \
-o "${down_dir}/master.tar.gz" \
https://github.com/pivpn/grepcidr/archive/master.tar.gz https://github.com/pivpn/grepcidr/archive/master.tar.gz
tar -xzC "${down_dir}" -f "${down_dir}/master.tar.gz" tar -xzC "${down_dir}" -f "${down_dir}/master.tar.gz"
@ -1385,12 +1379,10 @@ chooseUser() {
# Choose the user for the ovpns # Choose the user for the ovpns
if [[ "${runUnattended}" == 'true' ]]; then if [[ "${runUnattended}" == 'true' ]]; then
if [[ -z "${install_user}" ]]; then if [[ -z "${install_user}" ]]; then
if [[ "$(awk \ if [[ "$(awk -F ':' \
-F':' \
'BEGIN {count=0} $3>=1000 && $3<=60000 { count++ } END{ print count }' \ 'BEGIN {count=0} $3>=1000 && $3<=60000 { count++ } END{ print count }' \
/etc/passwd)" -eq 1 ]]; then /etc/passwd)" -eq 1 ]]; then
install_user="$(awk \ install_user="$(awk -F ':' \
-F':' \
'$3>=1000 && $3<=60000 {print $1}' \ '$3>=1000 && $3<=60000 {print $1}' \
/etc/passwd)" /etc/passwd)"
echo -n "::: No user specified, but only ${install_user} is available, " echo -n "::: No user specified, but only ${install_user} is available, "
@ -1438,8 +1430,7 @@ chooseUser() {
"${r}" \ "${r}" \
"${c}" "${c}"
# First, let's check if there is a user available. # First, let's check if there is a user available.
numUsers="$(awk \ numUsers="$(awk -F ':' \
-F':' \
'BEGIN {count=0} $3>=1000 && $3<=60000 { count++ } END{ print count }' \ 'BEGIN {count=0} $3>=1000 && $3<=60000 { count++ } END{ print count }' \
/etc/passwd)" /etc/passwd)"
@ -1562,8 +1553,7 @@ updateRepo() {
# Go back to /usr/local/src otherwise git will complain when the current # Go back to /usr/local/src otherwise git will complain when the current
# working directory has just been deleted (/usr/local/src/pivpn). # working directory has just been deleted (/usr/local/src/pivpn).
cd /usr/local/src \ cd /usr/local/src \
&& ${SUDO} git clone \ && ${SUDO} git clone -q \
-q \
--depth 1 \ --depth 1 \
--no-single-branch \ --no-single-branch \
"${2}" \ "${2}" \
@ -1600,8 +1590,7 @@ makeRepo() {
# Go back to /usr/local/src otherwhise git will complain when the current # Go back to /usr/local/src otherwhise git will complain when the current
# working directory has just been deleted (/usr/local/src/pivpn). # working directory has just been deleted (/usr/local/src/pivpn).
cd /usr/local/src \ cd /usr/local/src \
&& ${SUDO} git clone \ && ${SUDO} git clone -q \
-q \
--depth 1 \ --depth 1 \
--no-single-branch \ --no-single-branch \
"${2}" \ "${2}" \
@ -2761,14 +2750,12 @@ confOpenVPN() {
${SUDOE} cp vars.example pki/vars ${SUDOE} cp vars.example pki/vars
# Set elliptic curve certificate or traditional rsa certificates # Set elliptic curve certificate or traditional rsa certificates
${SUDOE} sed \ ${SUDOE} sed -i \
-i \
"s/#set_var EASYRSA_ALGO.*/set_var EASYRSA_ALGO ${pivpnCERT}/" \ "s/#set_var EASYRSA_ALGO.*/set_var EASYRSA_ALGO ${pivpnCERT}/" \
pki/vars pki/vars
# Set expiration for the CRL to 10 years # Set expiration for the CRL to 10 years
${SUDOE} sed \ ${SUDOE} sed -i \
-i \
's/#set_var EASYRSA_CRL_DAYS.*/set_var EASYRSA_CRL_DAYS 3650/' \ 's/#set_var EASYRSA_CRL_DAYS.*/set_var EASYRSA_CRL_DAYS 3650/' \
pki/vars pki/vars
@ -2776,10 +2763,7 @@ confOpenVPN() {
# Set custom key size if different from the default # Set custom key size if different from the default
sed_pattern="s/#set_var EASYRSA_KEY_SIZE.*/" sed_pattern="s/#set_var EASYRSA_KEY_SIZE.*/"
sed_pattern="${sed_pattern} set_var EASYRSA_KEY_SIZE ${pivpnENCRYPT}/" sed_pattern="${sed_pattern} set_var EASYRSA_KEY_SIZE ${pivpnENCRYPT}/"
${SUDOE} sed \ ${SUDOE} sed -i "${sed_pattern}" pki/vars
-i \
"${sed_pattern}" \
pki/vars
else else
# If less than 2048, then it must be 521 or lower, # If less than 2048, then it must be 521 or lower,
# which means elliptic curve certificate was selected. # which means elliptic curve certificate was selected.
@ -2791,10 +2775,7 @@ confOpenVPN() {
sed_pattern="s/#set_var EASYRSA_CURVE.*/" sed_pattern="s/#set_var EASYRSA_CURVE.*/"
sed_pattern="${sed_pattern} set_var EASYRSA_CURVE" sed_pattern="${sed_pattern} set_var EASYRSA_CURVE"
sed_pattern="${sed_pattern} ${ECDSA_MAP["${pivpnENCRYPT}"]}/" sed_pattern="${sed_pattern} ${ECDSA_MAP["${pivpnENCRYPT}"]}/"
${SUDOE} sed \ ${SUDOE} sed -i "${sed_pattern}" pki/vars
-i \
"${sed_pattern}" \
pki/vars
fi fi
# Build the certificate authority # Build the certificate authority
@ -2843,9 +2824,7 @@ and HMAC key will now be generated." \
file_pattern="${pivpnFilesDir}/files/etc/openvpn" file_pattern="${pivpnFilesDir}/files/etc/openvpn"
file_pattern="${file_pattern}/easy-rsa/pki/ffdhe${pivpnENCRYPT}.pem" file_pattern="${file_pattern}/easy-rsa/pki/ffdhe${pivpnENCRYPT}.pem"
# Use Diffie-Hellman parameters from RFC 7919 (FFDHE) # Use Diffie-Hellman parameters from RFC 7919 (FFDHE)
${SUDOE} install \ ${SUDOE} install -m 644 "${file_pattern}" \
-m 644 \
"${file_pattern}" \
"pki/dh${pivpnENCRYPT}.pem" "pki/dh${pivpnENCRYPT}.pem"
else else
# Generate Diffie-Hellman key exchange # Generate Diffie-Hellman key exchange
@ -2863,9 +2842,7 @@ and HMAC key will now be generated." \
if ! getent passwd "${ovpnUserGroup%:*}"; then if ! getent passwd "${ovpnUserGroup%:*}"; then
if [[ "${PLAT}" == 'Alpine' ]]; then if [[ "${PLAT}" == 'Alpine' ]]; then
${SUDOE} adduser \ ${SUDOE} adduser -SD \
-S \
-D \
-h /var/lib/openvpn/ \ -h /var/lib/openvpn/ \
-s /sbin/nologin \ -s /sbin/nologin \
"${ovpnUserGroup%:*}" "${ovpnUserGroup%:*}"
@ -2881,29 +2858,25 @@ and HMAC key will now be generated." \
${SUDOE} chown "${ovpnUserGroup}" /etc/openvpn/crl.pem ${SUDOE} chown "${ovpnUserGroup}" /etc/openvpn/crl.pem
# Write config file for server using the template.txt file # Write config file for server using the template.txt file
${SUDO} install \ ${SUDO} install -m 644 \
-m 644 \
"${pivpnFilesDir}/files/etc/openvpn/server_config.txt" \ "${pivpnFilesDir}/files/etc/openvpn/server_config.txt" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
# Apply client DNS settings # Apply client DNS settings
${SUDOE} sed \ ${SUDOE} sed -i \
-i \
"0,/\(dhcp-option DNS \)/ s/\(dhcp-option DNS \).*/\1${pivpnDNS1}\"/" \ "0,/\(dhcp-option DNS \)/ s/\(dhcp-option DNS \).*/\1${pivpnDNS1}\"/" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
if [[ -z "${pivpnDNS2}" ]]; then if [[ -z "${pivpnDNS2}" ]]; then
${SUDOE} sed -i '/\(dhcp-option DNS \)/{n;N;d}' /etc/openvpn/server.conf ${SUDOE} sed -i '/\(dhcp-option DNS \)/{n;N;d}' /etc/openvpn/server.conf
else else
${SUDOE} sed \ ${SUDOE} sed -i \
-i \
"0,/\(dhcp-option DNS \)/! s/\(dhcp-option DNS \).*/\1${pivpnDNS2}\"/" \ "0,/\(dhcp-option DNS \)/! s/\(dhcp-option DNS \).*/\1${pivpnDNS2}\"/" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
fi fi
# Set the user encryption key size # Set the user encryption key size
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s#\\(dh /etc/openvpn/easy-rsa/pki/dh\\).*#\\1${pivpnENCRYPT}.pem#" \ "s#\\(dh /etc/openvpn/easy-rsa/pki/dh\\).*#\\1${pivpnENCRYPT}.pem#" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
@ -2923,14 +2896,12 @@ and HMAC key will now be generated." \
sed_pattern="s/\(dh \/etc\/openvpn\/easy-rsa\/pki\/dh\).*/dh" sed_pattern="s/\(dh \/etc\/openvpn\/easy-rsa\/pki\/dh\).*/dh"
sed_pattern="${sed_pattern} none\necdh-curve" sed_pattern="${sed_pattern} none\necdh-curve"
sed_pattern="${sed_pattern} ${ECDSA_MAP["${pivpnENCRYPT}"]}/" sed_pattern="${sed_pattern} ${ECDSA_MAP["${pivpnENCRYPT}"]}/"
${SUDO} sed \ ${SUDO} sed -i \
-i \
"${sed_pattern}" \ "${sed_pattern}" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
elif [[ "${pivpnCERT}" == "rsa" ]]; then elif [[ "${pivpnCERT}" == "rsa" ]]; then
# Otherwise set the user encryption key size # Otherwise set the user encryption key size
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s#\\(dh /etc/openvpn/easy-rsa/pki/dh\\).*#\\1${pivpnENCRYPT}.pem#" \ "s#\\(dh /etc/openvpn/easy-rsa/pki/dh\\).*#\\1${pivpnENCRYPT}.pem#" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
fi fi
@ -2942,8 +2913,7 @@ and HMAC key will now be generated." \
# if they modified VPN subnet class put value in server.conf # if they modified VPN subnet class put value in server.conf
if [[ "$(cidrToMask "${subnetClass}")" != "255.255.255.0" ]]; then if [[ "$(cidrToMask "${subnetClass}")" != "255.255.255.0" ]]; then
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s/255.255.255.0/$(cidrToMask "${subnetClass}")/g" \ "s/255.255.255.0/$(cidrToMask "${subnetClass}")/g" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
fi fi
@ -2962,19 +2932,16 @@ and HMAC key will now be generated." \
sed_pattern="0,/\\(.*dhcp-option.*\\)/" sed_pattern="0,/\\(.*dhcp-option.*\\)/"
sed_pattern="${sed_pattern}s//push \"dhcp-option " sed_pattern="${sed_pattern}s//push \"dhcp-option "
sed_pattern="${sed_pattern}DOMAIN ${pivpnSEARCHDOMAIN}\" \\n&/" sed_pattern="${sed_pattern}DOMAIN ${pivpnSEARCHDOMAIN}\" \\n&/"
${SUDO} sed \ ${SUDO} sed -i \
-i \
"${sed_pattern}" \ "${sed_pattern}" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
fi fi
# write out server certs to conf file # write out server certs to conf file
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s#\\(key /etc/openvpn/easy-rsa/pki/private/\\).*#\\1${SERVER_NAME}.key#" \ "s#\\(key /etc/openvpn/easy-rsa/pki/private/\\).*#\\1${SERVER_NAME}.key#" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s#\\(cert /etc/openvpn/easy-rsa/pki/issued/\\).*#\\1${SERVER_NAME}.crt#" \ "s#\\(cert /etc/openvpn/easy-rsa/pki/issued/\\).*#\\1${SERVER_NAME}.crt#" \
/etc/openvpn/server.conf /etc/openvpn/server.conf
@ -2982,9 +2949,7 @@ and HMAC key will now be generated." \
# "/etc/openvpn/openvpn.conf". # "/etc/openvpn/openvpn.conf".
# To avoid crash thorugh OpenRC, we symlink this file. # To avoid crash thorugh OpenRC, we symlink this file.
if [[ "${PLAT}" == 'Alpine' ]]; then if [[ "${PLAT}" == 'Alpine' ]]; then
${SUDO} ln -s \ ${SUDO} ln -sfT \
-f \
-T \
/etc/openvpn/server.conf \ /etc/openvpn/server.conf \
/etc/openvpn/openvpn.conf \ /etc/openvpn/openvpn.conf \
> /dev/null > /dev/null
@ -2992,42 +2957,36 @@ and HMAC key will now be generated." \
} }
confOVPN() { confOVPN() {
${SUDO} install \ ${SUDO} install -m 644 \
-m 644 \
"${pivpnFilesDir}/files/etc/openvpn/easy-rsa/pki/Default.txt" \ "${pivpnFilesDir}/files/etc/openvpn/easy-rsa/pki/Default.txt" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s/IPv4pub/${pivpnHOST}/" \ "s/IPv4pub/${pivpnHOST}/" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
# if they modified port put value in Default.txt for clients to use # if they modified port put value in Default.txt for clients to use
if [[ "${pivpnPORT}" -ne 1194 ]]; then if [[ "${pivpnPORT}" -ne 1194 ]]; then
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s/1194/${pivpnPORT}/g" \ "s/1194/${pivpnPORT}/g" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
fi fi
# if they modified protocol put value in Default.txt for clients to use # if they modified protocol put value in Default.txt for clients to use
if [[ "${pivpnPROTO}" != "udp" ]]; then if [[ "${pivpnPROTO}" != "udp" ]]; then
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s/proto udp/proto tcp/g" \ "s/proto udp/proto tcp/g" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
fi fi
# verify server name to strengthen security # verify server name to strengthen security
${SUDO} sed \ ${SUDO} sed -i \
-i \
"s/SRVRNAME/${SERVER_NAME}/" \ "s/SRVRNAME/${SERVER_NAME}/" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
if [[ "${pivpnTLSPROT}" == "tls-crypt" ]]; then if [[ "${pivpnTLSPROT}" == "tls-crypt" ]]; then
# If they enabled 2.4 remove key-direction options since it's not required # If they enabled 2.4 remove key-direction options since it's not required
${SUDO} sed \ ${SUDO} sed -i \
-i \
"/key-direction 1/d" \ "/key-direction 1/d" \
/etc/openvpn/easy-rsa/pki/Default.txt /etc/openvpn/easy-rsa/pki/Default.txt
fi fi
@ -3038,8 +2997,7 @@ confWireGuard() {
# Ubuntu 20.04 # Ubuntu 20.04
if [[ "${PLAT}" == 'Alpine' ]]; then if [[ "${PLAT}" == 'Alpine' ]]; then
echo '::: Adding wg-quick unit' echo '::: Adding wg-quick unit'
${SUDO} install \ ${SUDO} install -m 0755 \
-m 0755 \
"${pivpnFilesDir}/files/etc/init.d/wg-quick" \ "${pivpnFilesDir}/files/etc/init.d/wg-quick" \
/etc/init.d/wg-quick /etc/init.d/wg-quick
else else
@ -3049,9 +3007,7 @@ confWireGuard() {
wireguard_service_path="${wireguard_service_path}/wg-quick@.service.d" wireguard_service_path="${wireguard_service_path}/wg-quick@.service.d"
wireguard_service_path="${wireguard_service_path}/override.conf" wireguard_service_path="${wireguard_service_path}/override.conf"
echo "::: Adding additional reload job type for wg-quick unit" echo "::: Adding additional reload job type for wg-quick unit"
${SUDO} install \ ${SUDO} install -Dm 644 \
-D \
-m 644 \
"${wireguard_service_path}" \ "${wireguard_service_path}" \
/etc/systemd/system/wg-quick@.service.d/override.conf /etc/systemd/system/wg-quick@.service.d/override.conf
${SUDO} systemctl daemon-reload ${SUDO} systemctl daemon-reload
@ -3562,8 +3518,7 @@ confUnattendedUpgrades() {
# https://github.com/mvo5/unattended-upgrades/blob/master/data/50unattended-upgrades.Raspbian # https://github.com/mvo5/unattended-upgrades/blob/master/data/50unattended-upgrades.Raspbian
# Add the remaining settings for all other distributions # Add the remaining settings for all other distributions
if [[ "${PLAT}" == "Raspbian" ]]; then if [[ "${PLAT}" == "Raspbian" ]]; then
${SUDO} install \ ${SUDO} install -m 644 \
-m 644 \
"${pivpnFilesDir}/files${aptConfDir}/50unattended-upgrades.Raspbian" \ "${pivpnFilesDir}/files${aptConfDir}/50unattended-upgrades.Raspbian" \
"${aptConfDir}/50unattended-upgrades" "${aptConfDir}/50unattended-upgrades"
fi fi
@ -3594,9 +3549,7 @@ confUnattendedUpgrades() {
# when installing from debian package # when installing from debian package
if [[ "${VPN}" == "wireguard" ]]; then if [[ "${VPN}" == "wireguard" ]]; then
if [[ -f /etc/apt/sources.list.d/pivpn-bullseye-repo.list ]]; then if [[ -f /etc/apt/sources.list.d/pivpn-bullseye-repo.list ]]; then
if ! grep \ if ! grep -q "\"o=${PLAT},n=bullseye\";" \
-q \
"\"o=${PLAT},n=bullseye\";" \
"${aptConfDir}/50unattended-upgrades"; then "${aptConfDir}/50unattended-upgrades"; then
local sed_pattern local sed_pattern
sed_pattern=" {/a\"o=${PLAT},n=bullseye\";" sed_pattern=" {/a\"o=${PLAT},n=bullseye\";"
@ -3617,10 +3570,7 @@ confUnattendedUpgrades() {
fi fi
## download binaries ## download binaries
curl \ curl -fLo "${down_dir}/master.zip" \
-f \
-L \
-o "${down_dir}/master.zip" \
https://github.com/jirutka/apk-autoupdate/archive/refs/heads/master.zip https://github.com/jirutka/apk-autoupdate/archive/refs/heads/master.zip
unzip -qd "${down_dir}" "${down_dir}/master.zip" unzip -qd "${down_dir}" "${down_dir}/master.zip"
@ -3639,8 +3589,7 @@ confUnattendedUpgrades() {
fi fi
) || exit 1 ) || exit 1
${SUDO} install \ ${SUDO} install -m 0755 \
-m 0755 \
"${pivpnFilesDir}/files/etc/apk/personal_autoupdate.conf" \ "${pivpnFilesDir}/files/etc/apk/personal_autoupdate.conf" \
/etc/apk/personal_autoupdate.conf /etc/apk/personal_autoupdate.conf
${SUDO} apk-autoupdate /etc/apk/personal_autoupdate.conf ${SUDO} apk-autoupdate /etc/apk/personal_autoupdate.conf
@ -3683,15 +3632,10 @@ installScripts() {
# Only one protocol is installed, symlink bash completion, the pivpn script # Only one protocol is installed, symlink bash completion, the pivpn script
# and the script directory # and the script directory
${SUDO} ln -s \ ${SUDO} ln -sfT \
-f \
-T \
"${pivpnFilesDir}/scripts/${VPN}/bash-completion" \ "${pivpnFilesDir}/scripts/${VPN}/bash-completion" \
/etc/bash_completion.d/pivpn /etc/bash_completion.d/pivpn
${SUDO} ln \ ${SUDO} ln -sfT \
-s \
-f \
-T \
"${pivpnFilesDir}/scripts/${VPN}/pivpn.sh" \ "${pivpnFilesDir}/scripts/${VPN}/pivpn.sh" \
/usr/local/bin/pivpn /usr/local/bin/pivpn
${SUDO} ln -sf "${pivpnFilesDir}/scripts/" "${pivpnScriptDir}" ${SUDO} ln -sf "${pivpnFilesDir}/scripts/" "${pivpnScriptDir}"

4
scripts/openvpn/clientStat.sh
View file

@ -58,9 +58,7 @@ listClients() {
printf "- %s\n" "${array[9]}" printf "- %s\n" "${array[9]}"
done < "${STATUS_LOG}" done < "${STATUS_LOG}"
else else
awk \ awk -F ' ' -v s='CLIENT_LIST' \
-F' ' \
-v s='CLIENT_LIST' \
'$1 == s { '$1 == s {
print $2"\t\t"$3"\t"$4"\t"$5"\t\t"$6"\t\t"$8" "$9" "$11" - "$10"\n" print $2"\t\t"$3"\t"$4"\t"$5"\t\t"$6"\t\t"$8" "$9" "$11" - "$10"\n"
}' \ }' \

6
scripts/openvpn/makeOVPN.sh
View file

@ -443,8 +443,7 @@ echo "tls Private Key found: ${TA}"
# Next append the client Public Cert # Next append the client Public Cert
echo "<cert>" echo "<cert>"
sed \ sed -n \
-n \
-e '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \ -e '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
< "issued/${NAME}${CRT}" < "issued/${NAME}${CRT}"
echo "</cert>" echo "</cert>"
@ -517,8 +516,7 @@ for i in {2..254}; do
# disabling SC2514, variable sourced externaly # disabling SC2514, variable sourced externaly
# shellcheck disable=SC2154 # shellcheck disable=SC2154
if [[ -z "$(ls -A /etc/openvpn/ccd)" ]] \ if [[ -z "$(ls -A /etc/openvpn/ccd)" ]] \
|| ! find /etc/openvpn/ccd \ || ! find /etc/openvpn/ccd -type f \
-type f \
-exec grep -q "${NET_REDUCED}.${i}" {} +; then -exec grep -q "${NET_REDUCED}.${i}" {} +; then
COUNT="${i}" COUNT="${i}"
echo -n "ifconfig-push ${NET_REDUCED}.${i}" >> /etc/openvpn/ccd/"${NAME}" echo -n "ifconfig-push ${NET_REDUCED}.${i}" >> /etc/openvpn/ccd/"${NAME}"

3
scripts/openvpn/pivpnDebug.sh
View file

@ -22,8 +22,7 @@ echo -n "Branch: "
git --git-dir /usr/local/src/pivpn/.git rev-parse --abbrev-ref HEAD git --git-dir /usr/local/src/pivpn/.git rev-parse --abbrev-ref HEAD
git \ git \
--git-dir /usr/local/src/pivpn/.git log \ --git-dir /usr/local/src/pivpn/.git log -n 1 \
-n 1 \
--format='Commit: %H%nAuthor: %an%nDate: %ad%nSummary: %s' --format='Commit: %H%nAuthor: %an%nDate: %ad%nSummary: %s'
printf "=============================================\n" printf "=============================================\n"

3
scripts/openvpn/removeOVPN.sh
View file

@ -181,8 +181,7 @@ for ((ii = 0; ii < ${#CERTS_TO_REVOKE[@]}; ii++)); do
if [[ -f /etc/pivpn/hosts.openvpn ]]; then if [[ -f /etc/pivpn/hosts.openvpn ]]; then
sed \ sed \
-e "\#${STATIC_IP} ${CERTS_TO_REVOKE[ii]}.pivpn#d" \ -e "\#${STATIC_IP} ${CERTS_TO_REVOKE[ii]}.pivpn#d" \
-i \ -i /etc/pivpn/hosts.openvpn
/etc/pivpn/hosts.openvpn
if killall -SIGHUP pihole-FTL; then if killall -SIGHUP pihole-FTL; then
echo "::: Updated hosts file for Pi-hole" echo "::: Updated hosts file for Pi-hole"

12
scripts/self_check.sh
View file

@ -37,8 +37,7 @@ if [[ "$(< /proc/sys/net/ipv4/ip_forward)" -eq 1 ]]; then
echo ":: [OK] IP forwarding is enabled" echo ":: [OK] IP forwarding is enabled"
else else
ERR=1 ERR=1
read \ read -r \
-r \
-p ":: [ERR] IP forwarding is not enabled, attempt fix now? [Y/n] " \ -p ":: [ERR] IP forwarding is not enabled, attempt fix now? [Y/n] " \
REPLY REPLY
@ -98,8 +97,7 @@ if [[ "${USING_UFW}" -eq 0 ]]; then
echo ":: [OK] Iptables INPUT rule set" echo ":: [OK] Iptables INPUT rule set"
else else
ERR=1 ERR=1
read \ read -r \
-r \
-p ":: [ERR] Iptables INPUT rule is not set, attempt fix now? [Y/n] " \ -p ":: [ERR] Iptables INPUT rule is not set, attempt fix now? [Y/n] " \
REPLY REPLY
@ -219,8 +217,7 @@ else
echo ":: [OK] Ufw input rule set" echo ":: [OK] Ufw input rule set"
else else
ERR=1 ERR=1
read \ read -r \
-r \
-p ":: [ERR] Ufw input rule is not set, attempt fix now? [Y/n] " \ -p ":: [ERR] Ufw input rule is not set, attempt fix now? [Y/n] " \
REPLY REPLY
@ -240,8 +237,7 @@ else
echo ":: [OK] Ufw forwarding rule set" echo ":: [OK] Ufw forwarding rule set"
else else
ERR=1 ERR=1
read \ read -r \
-r \
-p ":: [ERR] Ufw forwarding rule is not set, attempt fix now? [Y/n] " \ -p ":: [ERR] Ufw forwarding rule is not set, attempt fix now? [Y/n] " \
REPLY REPLY

6
scripts/uninstall.sh
View file

@ -358,13 +358,11 @@ removeAll() {
${SUDO} unlink /usr/local/bin/pivpn ${SUDO} unlink /usr/local/bin/pivpn
${SUDO} ln \ ${SUDO} ln \
-s \ -sT "${pivpnFilesDir}/scripts/${othervpn}/pivpn.sh" \
-T "${pivpnFilesDir}/scripts/${othervpn}/pivpn.sh" \
/usr/local/bin/pivpn /usr/local/bin/pivpn
${SUDO} ln \ ${SUDO} ln \
-s \ -sT "${pivpnFilesDir}/scripts/${othervpn}/bash-completion" \
-T "${pivpnFilesDir}/scripts/${othervpn}/bash-completion" \
/etc/bash_completion.d/pivpn /etc/bash_completion.d/pivpn
# shellcheck disable=SC1091 # shellcheck disable=SC1091

3
scripts/wireguard/pivpnDEBUG.sh
View file

@ -22,8 +22,7 @@ echo -n "Branch: "
git --git-dir /usr/local/src/pivpn/.git rev-parse --abbrev-ref HEAD git --git-dir /usr/local/src/pivpn/.git rev-parse --abbrev-ref HEAD
git \ git \
--git-dir /usr/local/src/pivpn/.git log \ --git-dir /usr/local/src/pivpn/.git log -n 1 \
-n 1 \
--format='Commit: %H%nAuthor: %an%nDate: %ad%nSummary: %s' --format='Commit: %H%nAuthor: %an%nDate: %ad%nSummary: %s'
printf "=============================================\n" printf "=============================================\n"

11
scripts/wireguard/removeCONF.sh
View file

@ -109,8 +109,7 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
# Then remove the client matching the variables above # Then remove the client matching the variables above
sed \ sed \
-e "\#${CLIENT_NAME} ${PUBLIC_KEY} ${CREATION_DATE} ${COUNT}#d" \ -e "\#${CLIENT_NAME} ${PUBLIC_KEY} ${CREATION_DATE} ${COUNT}#d" \
-i \ -i configs/clients.txt
configs/clients.txt
# Remove the peer section from the server config # Remove the peer section from the server config
sed_pattern="/### begin ${CLIENT_NAME} ###/," sed_pattern="/### begin ${CLIENT_NAME} ###/,"
@ -136,10 +135,7 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
rm "${CONFIG}" rm "${CONFIG}"
fi fi
done < <(find "${install_home}" \ done < <(find "${install_home}" \
-maxdepth 3 \ -maxdepth 3 -type f -name '*.conf' -print0)
-type f \
-name '*.conf' \
-print0)
((DELETED_COUNT++)) ((DELETED_COUNT++))
echo "::: Successfully deleted ${CLIENT_NAME}" echo "::: Successfully deleted ${CLIENT_NAME}"
@ -152,8 +148,7 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
sed \ sed \
-e "\#${NET_REDUCED}.${COUNT} ${CLIENT_NAME}.pivpn#d" \ -e "\#${NET_REDUCED}.${COUNT} ${CLIENT_NAME}.pivpn#d" \
-e "\#${pivpnNETv6}${COUNT} ${CLIENT_NAME}.pivpn#d" \ -e "\#${pivpnNETv6}${COUNT} ${CLIENT_NAME}.pivpn#d" \
-i \ -i /etc/pivpn/hosts.wireguard
/etc/pivpn/hosts.wireguard
if killall -SIGHUP pihole-FTL; then if killall -SIGHUP pihole-FTL; then
echo "::: Updated hosts file for Pi-hole" echo "::: Updated hosts file for Pi-hole"