- Flip condition check on $dhcpReserv: first check if empty, and if not, check if it's not 1.
Doing it the other way (first check if not 1) would give a shell error if $dhcpReserv was empty.
The ‘linux-headers-generic’ package is preferred over the version-specific headers package as the generic will be automatically updated with the kernel, whereas the other will not.
Tested and added Support on Debian 9
tested and added support on Ubuntu 16.04 & 18.08
* Fixed wireguard not installing, added pkg cache update after adding ppa
* added kernel headers to dependencies as its requred for wireguard-dkms
unattended install
* When user is provided and doest exist, it will create one without password set
install.sh
installScripts function:
update script not being copied over to /opt therefore update funcion was probably broken.
changed script to copy all .sh scripts from .pivpn/scripts directory.
Issue #871: fix backup script
I was probably very drunk when i first wrote this backup script.
fixed it, now works with new code refactoring,
loads vars from setupVars
Added backup for wireguard
Moved script to global pivpnscripts.
Added backup script to bash-completion
Added backup script to pivpn script
update.sh
Commented the update from master branch to avoid users trying to update test from master.
Updated LatestChages.md
Moved installPiVPN up, to better match the order when it is called.
Added Some cuotes to make shellcheck happy.
Added exit codes and error messages in case cd fails to not exit
silently.
Support For DHCP IP Reservation
Main:
- added If statement to skipp SetStaticIPv4 if dhcpRserv=1
getStaticIPv4Settings:
- Added Whiptail asking if user wants to use DHCP reservation Settings, this will add dhcpReserv and
skip setStaticIPv4 while still logging everything.
ConfigExample files:
- Added staticReserv=0 to config examples. so it can be used with Unattended install
* 0 means static ip will be setup.
* 1 means DHCP Reservation will be used and no chage will be made to the interfaces
* Removed Unecessary pipe on availableInterfaces
* Changed OS Support messages accross the script
- Removed OS Version names from the script, this avoids having to change the code everytime a new OS Version is Released, instead we update the wiki with propper information.
* Changed MaybeOSSupport whiptail tiltes and messages to make it more clear.
- Messages and titles could cause confusion to users and specially developers
* Moved Funcions Comment to correct place.
* DistroCheck Function:
- Moved up before other functions so it better refflects the order they are called.
- changed Case identation to make it easier to read.
- Added info to # compatibility Comment, Removed unecessary comments
- added break to exit out of case, easier to understand that the script should move on.
* Added Shellcheck ignores,
* chooseinterface Function:
- Changed function Logic and cleaned it up
- Fixed Issue #906
- Added exit code if no interfaces are found
* Updated LatestUpdate.md
Handle running the install script over an existing installation (as the script already did before branching to test-wireguard), providing:
- Update, downloads latest scripts from git repo
- Repair, reinstall PiVPN while keeping existing settings
- Reconfigure, start over overwriting the existing settings
Tag iptables rules as an attempt to make sure that the uninstall script only removes PiVPN rules
Change the armv6l installation to reflect the split of WireGuard snapshots into wireguard-linux-compat and wireguard-tools
DNS resolution even if the user does not route the local network through the tunnel.
- Format listCONF in a similar way as listOVPN
- Specifically look for a free octet in the last word of clients.txt and not just any word.
Necessary otherwhise public keys starting with a number will match against an octet.
Example: if line is 'name 5abcdefgh 4', then looking for ' 5' will match but '5$' will
not (correctly).
- 'pivpn -c' will show the Connected Clients List for WireGuard too
Currently apt pulls all packages from the unstable repo because the
script intendation created the file 'limit-unstable' with tabs in it.
Fixed using printf to create a multiline file (which is the way
wireguard.com/install suggests).
MakeOVPN has been updated to include the -i iOS function to allow users to create an OVPN12 format file that can be used with the iOS keychain. Since the OVPN12 format is incompatible with OpenVPN 2.4 - this change creates a configuration file that determines if the user can create a -i request via MakeOVPN.
than two consecutive hyphens, must not end or start with hyphen,
final must be at least two apha characters.
Signed-off-by: Rob Gill <rrobgill@protonmail.com>
Install script not creating ovpns dir, and throwing error:
```
cp: cannot stat '/tmp/OLD_UFW': No such file or directory
mkdir: cannot create directory ‘/root\n/usr/sbin\n/bin\n/dev\n/bin\n/usr/games\n/var/cache/man\n/var/spool/lpd\n/var/mail\n/var/spool/news\n/var/spool/uucp\n/bin\n/var/www\n/var/backups\n/var/list\n/var/run/ircd\n/var/lib/gnats\n/nonexistent\n/nonexistent\n/run/systemd\n/run/systemd\n/run/systemd\n/nonexistent\n/run/sshd\n/\n/home/pivpntest/ovpns’: No such file or directory
chmod: cannot access '/root'$'\n''/usr/sbin'$'\n''/bin'$'\n''/dev'$'\n''/bin'$'\n''/usr/games'$'\n''/var/cache/man'$'\n''/var/spool/lpd'$'\n''/var/mail'$'\n''/var/spool/news'$'\n''/var/spool/uucp'$'\n''/bin'$'\n''/var/www'$'\n''/var/backups'$'\n''/var/list'$'\n''/var/run/ircd'$'\n''/var/lib/gnats'$'\n''/nonexistent'$'\n''/nonexistent'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/run/systemd'$'\n''/nonexistent'$'\n''/run/sshd'$'\n''/'$'\n''/home/pivpntest/ovpns': No such file or directory
```
Found incosistencies in instalation user var/files namings, to have it consistend and easy to understand and considering everyone is more familiar with INSTALL_USER
Changed $pivpnUser to INSTALL_USER
Changed pivpnUSR to INSTALL_USER
Removed PiVPN Secure Notes from PiVPN ADD introduced with PR #794
- Notes not being pushed to BW Vault
- OVPN files not going to ovpns dir
- Needs investigation
+ When estimating $INSTALL_HOME, assure grep can only match user names, to avoid possible wrong multi-line value
+ Remove possible trailing slash from $INSTALL_HOME, to avoid double slash in "$INSTALL_HOME/ovpns"
+ Avoid "cat <file> | grep <pattern>", since grep can process files directly
Signed-off-by: MichaIng <micha@dietpi.com>
Code assumes that the specified user directory is under /home. This code parses the /etc/passwd file in order to determine what that user's proper home directory is.
Historic versions leveraged a format of "server_$UUID" to name of the VPN server certificate for X509 verification. This seems very impersonal. The new code pulls the existing hostname of the machines and appends the 16 character UUID. The new format is $hostname_$UUID.
Example:
A machine named "Martian" with a UUID of 1234567890123456 would change from server_1234567890123456 to Martian_1234567890123456
This commit introduces a `sync` call before the install script exits.
The writes that this script does during setup do not reach persistent
storage until the kernel decides to flush them. The reboot sequence
might drop those pending writes on the floor. To mitigate that
possibility (but not fully eliminate it), the script now calls `sync`,
which waits until the kernel has flushed its write cache.
