Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity
595 commits 3 branches 49 tags 3.4 MiB
Commit graph

296 commits

Author SHA1 Message Date
h-town
e01089945e
Remove Google DNS 
Remove Google DNS for privacy purposes, replace with Quad9
 2019-12-24 03:18:11 -06:00
4s3ti
33b2b2468d pivpn.io to pivpn.dev, http to https 
Changed all appearances of pivpn.io to pivpn.dev
Changed all appearances of http to https
 2019-12-20 23:30:00 +01:00
Orazio
5f82a0740e Use variable, create openvpn home, add shellcheck reminder 2019-12-10 19:07:08 +01:00
Orazio
c20e7d2150 Use ${pivpnNET} and ${subnetClass} when adding ufw nat rules 2019-12-10 16:49:40 +01:00
Orazio
d022cafa25 Revert some minor changes 2019-12-10 16:06:28 +01:00
Orazio
ca11f79629
Merge pull request #880 from corbolais/shellcheck4test 
Shellcheck4test
 2019-12-10 14:57:44 +01:00
Orazio
95b5934814
Merge branch 'test' into ufw-care 2019-12-10 14:56:38 +01:00
Orazio
85907f6b80
Merge branch 'test' into shellcheck4test 2019-12-10 14:53:11 +01:00
Orazio
8936dd2b08
Merge pull request #877 from corbolais/debian-ownership 
debian openvpn has dedicated user and group, so rather use those than…
 2019-12-10 14:49:23 +01:00
Orazio
3687a124bd
Merge pull request #876 from corbolais/dns-4test 
add local resolver as DNS option.
 2019-12-10 14:36:30 +01:00
corbolais
41dbf2b5c6 merge: drop bsdmainutils pkg 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-09 19:18:58 +01:00
Orazio
cd1b8fbf7f Use printf with column in the listCONF.sh script 2019-12-09 17:05:34 +01:00
corbolais
e76f3755ab consistent use of pivpnNET, subnetClass and vpnGw. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-09 12:41:40 +01:00
corbolais
55dc52d3e0 use openvpn:openvpn user/group ownership unconditionally. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 20:41:11 +01:00
corbolais
e72786e8de W/space 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 20:37:41 +01:00
corbolais
3c280e0a94 Mostly bug fixes. Mostly harmless. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 20:35:41 +01:00
corbolais
a05754ea19 shellcheck install.sh. render into sound bashing. correct sed call. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 20:14:23 +01:00
corbolais
1aa6472b72 chg: openvpn-user home, shell. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 17:40:30 +01:00
corbolais
6e763e0240 Debian: add openvpn user/group if missing. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 17:34:57 +01:00
corbolais
9c62fe0991 take care of /etc/ufw/before.rules nat section. safeguard against accidentally killing the file. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 17:18:08 +01:00
corbolais
8affc9a313 debian openvpn has dedicated user and group, so rather use those than nobody:nogroup (as do _many_ other packages and thus all having access to such owned files). 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 16:39:46 +01:00
corbolais
93044d6f6d add local resolver as DNS option. 
Signed-off-by: corbolais <corbolais@gmail.com>
 2019-12-08 16:13:26 +01:00
Orazio
4466f1503c Better client stats formatting 2019-12-03 17:59:27 +01:00
Orazio
e2941f8fae Properly avoid pulling unwanted packages from unstable repo 
Currently apt pulls all packages from the unstable repo because the
  script intendation created the file 'limit-unstable' with tabs in it.
  Fixed using printf to create a multiline file (which is the way
  wireguard.com/install suggests).
 2019-12-02 17:00:39 +01:00
cfcolaco
d243d9ae12 Fixed Typo 
Line 1262: s/jkkprintf/printf/
 2019-11-29 10:45:32 +01:00
Orazio
d34577329e Removed reference to deleted branch 2019-11-27 11:59:53 +01:00
Orazio
a03d4e1be2 Fix typo 2019-11-20 18:50:57 +01:00
Orazio
e2da52b1a7 Added Ubuntu Bionic support 2019-11-19 17:29:41 +01:00
Orazio
1ff6f7e9e8 Removed trivial command output 2019-11-18 12:42:04 +01:00
Orazio
34c10a81f3 Renamed pivpnDOMAIN to pivpnSEARCHDOMAIN 2019-11-16 21:25:34 +01:00
Orazio
8ab71601ff Automatically fetch latest WireGuard snapshot 2019-11-16 17:02:15 +01:00
Orazio
d7ebb4cca9 Unattended installation 2019-11-16 14:58:58 +01:00
Orazio
5cb8a05317 Minor unattended fixes, adjusted openvpn settings 2019-11-14 17:42:56 +01:00
Orazio
07abfc97e9 Added unattended installation, fixed some variables 2019-11-14 15:07:01 +01:00
Orazio
6bd0beeb94 Fixed missing protocol variable 2019-11-07 18:12:06 +01:00
Orazio
84f90b00a4 Added uninstall and Pi-hole detection 2019-11-07 17:29:21 +01:00
4s3ti
080b335047
Merge pull request #850 from IcedComputer/patch-3 
Create OVPN12_Compatible file
 2019-10-19 11:58:03 +02:00
IcedComputer
fa21666869
Create OVPN12_capable file 
MakeOVPN has been updated to include the -i iOS function to allow users to create an OVPN12 format file that can be used with the iOS keychain.  Since the OVPN12 format is incompatible with OpenVPN 2.4 - this change creates a configuration file that determines if the user can create a -i request via MakeOVPN.
 2019-10-18 21:00:00 -07:00
Orazio
e77f668021 Kernel headers are required when installing from package too 2019-10-16 18:17:16 +02:00
Orazio
5c97221d3f Revert some variable names and fix iptables rules 2019-10-16 12:01:50 +02:00
Orazio
3c973e2a48 Bugfixes 2019-10-14 16:51:43 +02:00
Orazio
1777d5c239 Added back Debian 10 support 2019-10-14 15:06:34 +02:00
Orazio
24a1a00d37 Refactoring + WireGuard support 2019-10-14 12:11:16 +02:00
Rob Gill
da4cc1ced5 Regex specifies : must start with alphanumeric, may have no more 
than two consecutive hyphens, must not end or start with hyphen,
final must be at least two apha characters.

Signed-off-by: Rob Gill <rrobgill@protonmail.com>
 2019-10-14 19:59:00 +10:00
4s3ti
9f20f50e61 Bugfixes and improvements, check update notes 2019-10-12 18:34:37 +02:00
4s3ti
d0c10db6ec install.sh: apt-get with , uninstall.sh: added var PKG_MANAGER and replaced apt-get with 2019-09-03 10:09:48 +02:00
cfcolaco
510979ae90 removing bitwarden installation from script 2019-09-02 14:27:10 +02:00
cfcolaco
50ad223e83 after merge bugfixes, bitwarden optional, error handling, perm fixes 2019-09-02 13:35:54 +02:00
4s3ti
b1dbe27b2d fixed conflicts between pr #871 and local works 2019-09-01 19:48:50 +02:00
4s3ti
a884d22cbc Issues Introduced with lastest commits: 
Install script not creating ovpns dir, and throwing error:

```
cp: cannot stat '/tmp/OLD_UFW': No such file or directory
mkdir: cannot create directory ‘/root\n/usr/sbin\n/bin\n/dev\n/bin\n/usr/games\n/var/cache/man\n/var/spool/lpd\n/var/mail\n/var/spool/news\n/var/spool/uucp\n/bin\n/var/www\n/var/backups\n/var/list\n/var/run/ircd\n/var/lib/gnats\n/nonexistent\n/nonexistent\n/run/systemd\n/run/systemd\n/run/systemd\n/nonexistent\n/run/sshd\n/\n/home/pivpntest/ovpns’: No such file or directory
chmod: cannot access '/root'$'\n''/usr/sbin'$'\n''/bin'$'\n''/dev'$'\n''/bin'$'\n''/usr/games'$'\n''/var/cache/man'$'\n''/var/spool/lpd'$'\n''/var/mail'$'\n''/var/spool/news'$'\n''/var/spool/uucp'$'\n''/bin'$'\n''/var/www'$'\n''/var/backups'$'\n''/var/list'$'\n''/var/run/ircd'$'\n''/var/lib/gnats'$'\n''/nonexistent'$'\n''/nonexistent'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/nonexistent'$'\n''/run/sshd'$'\n''/'$'\n''/home/pivpntest/ovpns': No such file or directory
```

Found incosistencies in instalation user var/files namings, to have it consistend and easy to understand and considering everyone is more familiar with INSTALL_USER

Changed $pivpnUser to INSTALL_USER
Changed pivpnUSR to INSTALL_USER

Removed PiVPN Secure Notes from PiVPN ADD introduced with PR #794
	- Notes not being pushed to BW Vault
	- OVPN files not going to ovpns dir
	- Needs investigation
 2019-09-01 19:39:37 +02:00
MichaIng
73b23c525b
Failsafe home dir obtaining 
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly

Signed-off-by: MichaIng <micha@dietpi.com>
 2019-09-01 17:39:38 +02:00
4s3ti
ad466f8728 Permissions hardening and Standardization 2019-09-01 16:10:53 +02:00
4s3ti
1bd8169aa6
Merge branch 'test' into master 2019-09-01 15:32:56 +02:00
IcedComputer
a2f7ef7e34
Update install.sh 2019-08-27 15:46:56 -07:00
IcedComputer
64353e337b
Update install.sh 2019-08-27 15:20:00 -07:00
IcedComputer
6e7819509c
Merge branch 'test' into patch-1 2019-08-27 12:55:55 -07:00
IcedComputer
efb8453651
Update install.sh 
added uuidgen dependency and changed method of server name generation.
 2019-08-27 12:54:59 -07:00
IcedComputer
09c518408e
Update install.sh 2019-08-27 12:50:34 -07:00
Douglas Orend
8b40035bf5 Properly determine user's home directory 
Code assumes that the specified user directory is under /home.  This code parses the /etc/passwd file in order to determine what that user's proper home directory is.
 2019-08-13 11:23:08 -05:00
4s3ti
18b7e16694
Merge branch 'test' into bitwarden 2019-08-08 10:34:17 +02:00
Orazio
e6a13cc65e Handle older UFW version from Jessie 2019-08-06 09:53:14 +02:00
Akvile
b60a06791d integrated bitwarden password manager into pivpn 2019-07-23 22:12:35 +02:00
4s3ti
e8883238f5
Merge pull request #789 from revolter/patch-1 
Fix typo in a setup message
 2019-07-14 00:30:24 +01:00
Iulian Onofrei
2ba8b0c262
Fix typo in a setup message 2019-07-14 01:01:44 +03:00
Orazio
1b54558769 Fix update option 2019-07-13 12:48:53 +02:00
Orazio
241e06f970 Miscellaeous fixes 2019-07-13 10:45:44 +02:00
4s3ti
52bf326d8a
Merge pull request #783 from bgrainger/patch-1 
Fix typo in "separated"
 2019-07-05 20:21:59 +01:00
Bradley Grainger
0189c6983e
Fix typo in "separated". 2019-07-04 19:47:51 -07:00
Orazio
66dcd69fd5 Only use iptables-legacy if platform is Buster 2019-07-03 10:13:22 +02:00
4s3ti
7aa803720c
Merge pull request #777 from orazioedoardo/debug-privacy 
Hide client IPs inside the debug log
 2019-07-02 13:10:43 +01:00
4s3ti
d32aafe61f
Merge pull request #778 from orazioedoardo/iptables-detection 
Improve iptables detection
 2019-07-02 13:08:44 +01:00
Orazio
b823737b5a Hide client IPs in the debug log 2019-07-01 15:44:00 +02:00
Orazio
0ad342e007 Fixed typo 2019-07-01 11:36:01 +02:00
Orazio
7a34dd3704 Improve iptables detection 2019-07-01 11:12:46 +02:00
Orazio
95480f3279 Add support for Raspbian Buster 2019-06-26 10:35:56 +02:00
IcedComputer
2e5a344c82
Fixed issue with grabbing hostname 
Per comments and recommendations, added the "-s" when grabbing the hostname.  This will ensure uniform performance across various platforms.
 2019-06-20 17:37:56 -07:00
IcedComputer
ce9b8dfffc
Leverage the Hostname of the Server 
Historic versions leveraged a format of "server_$UUID" to name of the VPN server certificate for X509 verification.  This seems very impersonal.  The new code pulls the existing hostname of the machines and appends the 16 character UUID.  The new format is $hostname_$UUID.

Example:
A machine named "Martian" with a UUID of 1234567890123456 would change from server_1234567890123456 to Martian_1234567890123456
 2019-06-19 15:48:46 -07:00
4s3ti
def92ed83d Added support info 2019-06-06 16:59:15 +02:00
4s3ti
dafd3da38c
Merge branch 'master' into test 2019-05-14 00:15:34 +01:00
4s3ti
616c2e24c4 Removed /24, fixed issue template 2019-05-13 23:06:14 +01:00
Calvin Loncaric
1af5c26034
Flush disk writes before reboot 
This commit introduces a `sync` call before the install script exits.

The writes that this script does during setup do not reach persistent
storage until the kernel decides to flush them.  The reboot sequence
might drop those pending writes on the floor.  To mitigate that
possibility (but not fully eliminate it), the script now calls `sync`,
which waits until the kernel has flushed its write cache.
 2019-05-13 10:26:07 -07:00
Orazio
05d7d84809 Remove reference to a deleted file 2019-05-08 15:29:43 +02:00
Orazio
e26cef1863 Custom certificate duration and more flexible names 2019-05-08 13:01:56 +02:00
Orazio
63d3335f33 Resolved merge conflict 2019-05-03 10:26:56 +02:00
Jorge Frade
b75b36f482
Fix Easy-RSA install 
Renamed from EasyRSA-{version}.tgz to EasyRSA-unix-v{version}.tgz
 2019-04-10 17:54:31 +01:00
james-lasersoft
bd6a1e10ac
Merge pull request #711 from shian15810/master 
Fixed rsyslog deprecated discard from ~ to stop
 2019-04-10 00:41:50 -05:00
james-lasersoft
577d662a7c
Merge pull request #704 from Giraffe1966/shallow-clone 
Use shallow clone for make_repo and update_repo.
 2019-04-10 00:30:29 -05:00
Chuah Chee Shian
4f34bd3303
fixed rsyslog deprecated discard from ~ to stop 2019-04-05 00:39:00 +08:00
Giraffe1966
bbb4b1e4f3
Update easy-rsa version. 2019-03-29 23:34:37 -04:00
Giraffe1966
cc80ca16bb
Use shallow clone for make_repo and update_repo. 2019-03-29 23:15:30 -04:00
Heidenreich
ae934253f9 Updated sed insertion to fix line overwrite 2019-03-11 11:22:31 -04:00
Heidenreich
76ae525c1d updated server.conf path 2019-03-11 10:54:54 -04:00
Alex Heidenreich
9bb82ff372 changed whiptail sizing to use PiVPN variables 2019-03-10 22:35:18 -04:00
Alex Heidenreich
9808234792 Called valid_domain function in SetCustomDomain() 2019-03-10 22:33:20 -04:00
Alex Heidenreich
0cd9e0deb6 Added function valid_domain to check user input of custom domain 2019-03-10 20:06:49 -04:00
Alex Heidenreich
3a0d6b1b47 Fixed server.conf path 2019-03-10 14:02:37 -04:00
Alex Heidenreich
3364f76790 Added procedure to allow users to set custom search domain. 2019-03-10 13:55:14 -04:00
Alex Heidenreich
24db1bc2e2 Initial commit with comment 2019-03-05 11:32:49 -05:00
Orazio
e3f729f260 General fixes and improvements 2019-03-03 10:18:45 +01:00
Orazio
375faa6398 Update install.sh 2018-10-19 22:04:30 +01:00