Commit graph

538 commits

Author SHA1 Message Date
MichaIng
73b23c525b
Failsafe home dir obtaining
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly

Signed-off-by: MichaIng <micha@dietpi.com>
2019-09-01 17:39:38 +02:00
4s3ti
ad466f8728 Permissions hardening and Standardization 2019-09-01 16:10:53 +02:00
4s3ti
9ee4c6179f
Merge pull request #809 from xptsp/master
Properly determine user's home directory
2019-09-01 15:34:14 +02:00
4s3ti
1bd8169aa6
Merge branch 'test' into master 2019-09-01 15:32:56 +02:00
4s3ti
40dff8528c
Merge pull request #773 from IcedComputer/patch-2
.ovpn12 files
2019-08-28 10:15:43 +02:00
4s3ti
df41057dde
Merge pull request #772 from IcedComputer/patch-1
Leverage the Hostname of the Server
2019-08-28 10:12:20 +02:00
IcedComputer
a2f7ef7e34
Update install.sh 2019-08-27 15:46:56 -07:00
IcedComputer
64353e337b
Update install.sh 2019-08-27 15:20:00 -07:00
IcedComputer
6e7819509c
Merge branch 'test' into patch-1 2019-08-27 12:55:55 -07:00
IcedComputer
efb8453651
Update install.sh
added uuidgen dependency and changed method of server name generation.
2019-08-27 12:54:59 -07:00
IcedComputer
09c518408e
Update install.sh 2019-08-27 12:50:34 -07:00
IcedComputer
2da5c512d0
Merge branch 'test' into patch-2 2019-08-27 12:46:18 -07:00
IcedComputer
f6beac87d7
changed password parameter
Removed typo and changed -passin pass:$PASSWD to -passin env:$PASSWD
2019-08-27 12:44:37 -07:00
IcedComputer
5862d15d60
Update scripts/makeOVPN.sh
Co-Authored-By: Giraffe1966 <35208168+Giraffe1966@users.noreply.github.com>
2019-08-27 12:42:53 -07:00
Douglas Orend
371e65444b Update makeOVPN.sh 2019-08-21 19:25:32 -05:00
4s3ti
0cb376bd66
Merge pull request #794 from kiskisiit1131/bitwarden
* integrated bitwarden password manager into pivpn
* adds the content of ovpn file as a secure note into bitwarden
2019-08-20 18:47:50 +02:00
Akvile
9d66688341 added the functionality to send your OVPN file to your Bitwarden vault 2019-08-20 11:36:05 -05:00
Douglas Orend
44e1f48856 Update makeOVPN.sh
Fixed ownership line to use only username, not install path.
2019-08-20 09:02:31 -05:00
Douglas Orend
8b40035bf5 Properly determine user's home directory
Code assumes that the specified user directory is under /home.  This code parses the /etc/passwd file in order to determine what that user's proper home directory is.
2019-08-13 11:23:08 -05:00
4s3ti
18b7e16694
Merge branch 'test' into bitwarden 2019-08-08 10:34:17 +02:00
4s3ti
c2c3fc4229
Merge pull request #803 from orazioedoardo/recreate-ovpn-folder
Recreate ovpn folder if deleted
2019-08-07 16:45:56 +02:00
4s3ti
92cbcda66a
Merge pull request #804 from orazioedoardo/ufw-version-check
Handle older UFW version from Jessie
2019-08-07 15:09:35 +02:00
Orazio
b71c67c78a Recreate ovpn folder if deleted 2019-08-06 10:02:28 +02:00
Orazio
e6a13cc65e Handle older UFW version from Jessie 2019-08-06 09:53:14 +02:00
Akvile
b60a06791d integrated bitwarden password manager into pivpn 2019-07-23 22:12:35 +02:00
4s3ti
e8883238f5
Merge pull request #789 from revolter/patch-1
Fix typo in a setup message
2019-07-14 00:30:24 +01:00
4s3ti
a8df7f26cf
Merge pull request #788 from orazioedoardo/miscellaneous
Miscellaneous fixes
2019-07-14 00:22:43 +01:00
Iulian Onofrei
2ba8b0c262
Fix typo in a setup message 2019-07-14 01:01:44 +03:00
Orazio
8a6d32ced5 Fixed regular expression 2019-07-13 19:59:28 +02:00
Orazio
1b54558769 Fix update option 2019-07-13 12:48:53 +02:00
Orazio
241e06f970 Miscellaeous fixes 2019-07-13 10:45:44 +02:00
4s3ti
52bf326d8a
Merge pull request #783 from bgrainger/patch-1
Fix typo in "separated"
2019-07-05 20:21:59 +01:00
Bradley Grainger
0189c6983e
Fix typo in "separated". 2019-07-04 19:47:51 -07:00
4s3ti
fb4405978a
Merge pull request #781 from orazioedoardo/patch-for-buster-2
Only use iptables-legacy if platform is Buster
2019-07-03 16:07:47 +01:00
Orazio
66dcd69fd5 Only use iptables-legacy if platform is Buster 2019-07-03 10:13:22 +02:00
4s3ti
7aa803720c
Merge pull request #777 from orazioedoardo/debug-privacy
Hide client IPs inside the debug log
2019-07-02 13:10:43 +01:00
4s3ti
d32aafe61f
Merge pull request #778 from orazioedoardo/iptables-detection
Improve iptables detection
2019-07-02 13:08:44 +01:00
4s3ti
a797518968
Merge pull request #779 from orazioedoardo/patch-for-buster
Add official support for Buster
2019-07-02 12:17:27 +01:00
Orazio
b823737b5a Hide client IPs in the debug log 2019-07-01 15:44:00 +02:00
Orazio
bcc780546c Get variable value before the file is deleted 2019-07-01 11:39:42 +02:00
Orazio
0ad342e007 Fixed typo 2019-07-01 11:36:01 +02:00
Orazio
7a34dd3704 Improve iptables detection 2019-07-01 11:12:46 +02:00
IcedComputer
1d7ebd9d2f
added support to remove .ovpn12 files
the makeOVPN.sh now generates .ovpn12 files in the /home/${INSTALL_USER}/ovpns/ directory.
The remove script was updated to remove both the .ovpn and .ovpn12 files
2019-06-27 14:53:23 -07:00
IcedComputer
97bb319795
Updated .ovpn12 configuration
Incorporated feedback on how to properly implement .ovpn12 files.
2019-06-27 14:43:30 -07:00
IcedComputer
dae6276d37
Made updates based on comments
added changes related to chown and chmod of .ovpn12 file.  Also removed sudo.
2019-06-27 11:47:24 -07:00
Orazio
95480f3279 Add support for Raspbian Buster 2019-06-26 10:35:56 +02:00
IcedComputer
2e5a344c82
Fixed issue with grabbing hostname
Per comments and recommendations, added the "-s" when grabbing the hostname.  This will ensure uniform performance across various platforms.
2019-06-20 17:37:56 -07:00
IcedComputer
bda0d58b81
.ovpn12 files
Added new step to create an .ovpn12 file that can be stored on iOS keychain
This step is more secure method and does not require the end-user to keep entering passwords, or storing the client private cert where it can be easily tampered based on documentation located:
 https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-ios-keychain/

Someone can improve upon this by adding a parameter (possibly -i|--iOS) and then generating the original .ovpn file to not contain the client private certificate.
2019-06-20 16:53:29 -07:00
IcedComputer
ce9b8dfffc
Leverage the Hostname of the Server
Historic versions leveraged a format of "server_$UUID" to name of the VPN server certificate for X509 verification.  This seems very impersonal.  The new code pulls the existing hostname of the machines and appends the 16 character UUID.  The new format is $hostname_$UUID.

Example:
A machine named "Martian" with a UUID of 1234567890123456 would change from server_1234567890123456 to Martian_1234567890123456
2019-06-19 15:48:46 -07:00
4s3ti
8e3a951524
Merge pull request #767 from pivpn/test
Test into Master.
2019-06-07 16:30:41 +02:00