Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity
403 commits 3 branches 49 tags 3.4 MiB
Commit graph

403 commits

This branch
This branch
All branches
Author SHA1 Message Date
redfast00
a8deeaf18b Merge pull request #363 from jellemdekker/fix/improve-dh-selection-menu 
Improved encryption strength selection menu
 2017-09-24 01:16:33 +02:00
redfast00
009e4b3023 Merge pull request #362 from jellemdekker/feature/randomize-server-name 
Randomize server Common Name for added security
 2017-09-24 01:13:34 +02:00
redfast00
003b27362f Merge pull request #361 from jellemdekker/feature/generate-crl-during-installation 
Generate and activate CRL during installation
 2017-09-24 01:12:05 +02:00
Jelle Dekker
c81e793c6c Removed punctuation in list items. 2017-09-23 15:16:06 -05:00
Jelle Dekker
f5c05715de Added sudo -E. 2017-09-23 14:35:46 -05:00
Jelle Dekker
077996cfb4 Removed an obsolete variable. 2017-09-23 11:21:26 -05:00
Jelle Dekker
4e77245a97 Commented out code related to adding a route to the remote subnet (e.g. 192.168.0.0). 2017-09-22 16:03:38 -05:00
redfast00
dcd34b3f01 Merge pull request #359 from jellemdekker/fix/remove-duplicate-cn 
Removed the duplicate-cn option so every device/connection must use a unique certificate
 2017-09-22 22:58:03 +02:00
Jelle Dekker
7b6a358779 Modified the messages when PiVPN installation completes and client profiles are generated, so the user knows to generate a client profile per each device he/she wants to connect to the VPN with. 2017-09-22 14:11:23 -05:00
Jelle Dekker
a6058a1d14 The client config contains the remote-cert-tls option to check for appropriate key usage, let's do this for the server config too. 2017-09-22 03:30:14 -05:00
Jelle Dekker
30920115b3 Implemented that a Certificate Revocation List is generated during installation after generation of other Public Key Infrastructure. Enabled this CRL in the server config. The added benefit of this is that whenever the user now revokes a client, the change is instant. Whereas before, the first time a client was revoked, the OpenVPN server had to be restarted to enabled the then-newly-generated CRL. This change also makes the file /etc/pivpn/REVOKE_STATUS obsolete. 
Documentation: https://openvpn.net/index.php/open-source/documentation/howto.html#revoke
 2017-09-22 02:46:52 -05:00
Jelle Dekker
8910545d90 Fixed a couple of typos. 2017-09-22 02:17:53 -05:00
Jelle Dekker
05c6a37152 Removed the duplicate-cn option so every device/connection must use a unique certificate. 2017-09-21 23:06:02 -05:00
Jelle Dekker
d1652a03b1 The SERVER_NAME variable is used in a 'verify-x509-name' check to allow the client to verify it is talking to the correct server. However, its value was always equal to 'server'. This wasn't unique for each installation and therefore provided no additional safety check. So I've modified it to be random for each installation of PiVPN. Additionally, the variable is now actually being used when specifying the server name in the build-server-full command. 
Source for obtaining a random UUID (thank you): Earthgecko (https://gist.github.com/earthgecko/3089509)
 2017-09-21 14:39:16 -05:00
Jelle Dekker
97a50c66ef Commented out a number of excess options that were set implicitly by using the 'server' option. 2017-09-21 10:49:45 -05:00
Jelle Dekker
7cf5c19789 Changed the display order of the DH options (default value is still 2048 bits) and added a warning for 1024 bits. 2017-09-20 23:24:57 -05:00
Jelle Dekker
da9e082f43 Changed the default length of the Diffie-Hellman parameters to 2048 bits. This is the default everywhere else, both in documentation as well as menu selections and other scripts in this project. This change has no real impact aside from setting the right example. 2017-09-20 22:42:29 -05:00
redfast00
454b755116 Merge pull request #333 from jhealy86/patch-1 
fix markdown link syntax
 2017-08-12 14:15:34 +02:00
Jason Healy
f385a3ec53 fix markdown link syntax 2017-08-11 01:22:06 -06:00
Inventor
b3ebdb804a Added Related Projects section (#325) 
* Added a related projects section

* Added links (whoops)
 2017-08-06 01:33:37 +02:00
redfast00
c7f82d0116 Merge pull request #312 from Ellsworth/test 
Fixed links in README.md on lines 156 and 158
 2017-07-23 10:00:34 +02:00
Erich Ellsworth
5ff6f23153 Fixed links in README.md on lines 156 and 158 2017-07-22 19:25:18 -05:00
redfast00
3c764db9b6 Merge pull request #292 from cfcolaco/master 
changed to new openvpn repos
 2017-06-29 13:32:14 +02:00
cfcolaco
fbec57d1fd changed to new openvpn repos 2017-06-29 12:03:47 +01:00
redfast00
e7def9f81c Merge pull request #263 from drq883/test 
Support for Devuan
 2017-06-07 08:10:00 +02:00
David Quattlebaum
5c4a51b695 Final testing passed 
Changes:
- Document that Devuan is supported.
- Use special PLAT name, Raspvuan for Pi version
- Use service command for any *vuan PLAT, systemd is no on any
Devuan.
- add net-tools to PIVPN_DEPS
 2017-06-06 18:27:23 -04:00
David Quattlebaum
2eb11cad0c changes for devuan 
- To simplify further additions to PLAT or OSCN, use
the case command for checking

- Treat Devuan as Debian

- Add /sbin:/usr/sbin to PATH before calling ifconfig

- Ensure net-tools is installed so we have ifconfig
 2017-06-04 16:18:26 -04:00
0-kaladin
a4cff2b65f Merge pull request #243 from jellemdekker/test 
Clearly and consistently indicate that a user selects a list item with the space bar.
 2017-05-10 11:54:05 -04:00
Jelle Dekker
d5f0a81f80 Clearly indicate that a user selects a list item with the space bar. 2017-04-17 15:49:52 +02:00
0-kaladin
c907a4bff8 Merge pull request #224 from EWouters/test 
Implemented "--unattended" option (Issue #223)
 2017-04-05 10:43:45 -04:00
EWouters
ff97f40ecf Fix: mkdir: cannot create directory ‘/home/$pivpnUser/ovpns’: File exists 2017-03-22 13:47:55 +13:00
EWouters
cb482d6697 added fi to if-statement 2017-03-16 22:28:50 +13:00
EWouters
cd4d13691d fixed check for when both nopass and a password argument are passed to the script 2017-03-16 22:25:17 +13:00
EWouters
27c34aa297 Removed -p flag to create home dir 
As described in #165 ( fc14664) it is not desirable.
 2017-03-15 17:24:42 +13:00
EWouters
75b7995a87 Removed SERVER_NAME parameter 
because it is hardcoded as "server" in other scripts
 2017-03-15 02:40:39 +13:00
EWouters
56f24aa372 added command line option to (batch) remove certs 
::: Revoke a client ovpn profile
:::
::: Usage: pivpn <-r|revoke> [-h|--help] [<client-1>] ... [<client-n>]
...
:::
::: Commands:
:::  [none]               Interactive mode
:::  <client>             Client(s) to to revoke
:::  -h,--help            Show this help dialog
 2017-03-15 02:36:12 +13:00
EWouters
7a65f083c4 added -n and -p options to pivpn add 
::: Create a client ovpn profile, optional nopass
:::
::: Usage: pivpn <-a|add> [-n|--name <arg>] [-p|--password
<arg>]|[nopass] [-h|--help]
:::
::: Commands:
:::  nopass               Create a client without a password
:::  -n,--name            Name for the Client (default: 'raspberrypi')
:::  -p,--password        Password for the Client (no default)
:::  -h,--help            Show this help dialog
 2017-03-15 00:49:25 +13:00
EWouters
277a212a8f tabs to spaces 2017-03-14 15:39:53 +13:00
EWouters
097145392c set -e and set +e around line 800 to 815 
I am not sure why this statement does not work with -e. We can also
remove the set -e statement altogether.
 2017-03-14 15:39:07 +13:00
EWouters
7315353179 Moved echo to file statements to front, add missing 
fixed a typo
replaced tabs with spaces
 2017-03-14 15:25:39 +13:00
EWouters
5b5129f1bc fix: cp: cannot stat ‘/tmp/pivpnINT’: No such file 2017-03-14 14:26:22 +13:00
EWouters
f48225a8ee Merge remote-tracking branch 'refs/remotes/origin/master' into test 2017-03-14 10:48:56 +13:00
EWouters
2a639e753e Fixed sed command and mkdir if folder exists 2017-03-14 10:48:16 +13:00
EWouters
f050f82519 Merge pull request #1 from EWouters/master 
Merging changes into test branch
 2017-03-13 20:03:05 +13:00
EWouters
71021d6ffa Added all parameters, initial testing done 2017-03-13 19:44:29 +13:00
EWouters
5db23185fd Added pi-hole's undocumented flags 
UNTESTED!
 2017-03-13 17:00:28 +13:00
0-kaladin
6ce39bfec3 Update README for IRC channel 
Due to discontinuation of Google Spaces
 2017-02-27 21:01:23 -05:00
Kaladin Light
752d0cc3af Leave the loop once we match 2017-02-05 14:30:31 -05:00
Kaladin Light
faaabe4c0e Fixes Issue #195 2017-01-28 13:58:10 -05:00
Kaladin Light
bfd2c43570 Allow reuse of cert name once revoked. 2017-01-27 20:36:53 -05:00