Commit graph

894 commits

Author SHA1 Message Date
Orazio
e949aadbc3 Copy files from git repo using the 'install' command, switch DH params from 2ton.com.au to RFC 7919
- Now using DH parameters suggested by the RFC 7919 for use by TLS servers (the user can
    still generate his own if he wishes).
    https://wiki.mozilla.org/Security/Archive/Server_Side_TLS_4.0#Pre-defined_DHE_groups
2020-01-31 14:07:58 +01:00
Orazio
379ab50f5f Moved command substitution to specific functions to avoid unnecessary execution
- Moved $availableInterfaces and $CurrentIPv4gw from the script header to
    their relevant function, considered that if the OS is not Raspbian a static
    IP is not set, so those variables are not used.
2020-01-30 17:29:31 +01:00
Orazio
f2fa01e3a5 Fix WireGuard not starting on a clean install of Raspbian
- If the kernel is out of sync with the repo, have the user upgrade
    his system and reboot before installing WireGuard.
2020-01-30 14:16:39 +01:00
Orazio
380dc0ab37 Improvements to getStaticIPv4Settings()
- Use a regular expression to extract IPs from the 'ip' command. With this,
    there is a little need to validate output. Even though the regex will match
    invalid IPs like 192.168.23.444, 'ip' can't return them, and even if it did,
    the script would not have reached this function due to previous functions
    using the network with broken routes and addresses.

  - Get the IP address from the selected interface rather then from the 'ip route'
    command as it's not guaranteed that such IP is the same of the interface the
    user decided to use (though on a Raspberry Pi inside a home LAN, most likely
    it is, but it also maskes easier to get the IP in the CIDR notation with a
    single 'ip | grep' pipe).
2020-01-29 14:11:38 +01:00
Orazio
9679a600c1 Check DH parameters, fix 'pivpn -c', improvements when dealing with external repositories
- Added a basic sanity check to downloaded DH paramenters, which doubles as a
    check for missing .pem file.
  - Fix 'pivpn -c' showing the month number instead of the day of the month when
    using WireGuard.
  - Removing APT keys is risky, it would break APT update/upgrade if the user
    already was already using the unstable repo.
  - Replaced 'Checking for $i... installed' in favor of a more clear 'Checking for
    $i... already installed'.
  - Check whether the OpenVPN repo and the Debian unstable repo are already used.
2020-01-27 14:44:03 +01:00
Orazio
b6a47a02c3 Improve static IP selection, validate public DNS name of the server
- Default to 'No' when asking if the RPi has DHCP reservation, considered
    that the user may not be fully aware, furthermore, setting a static IP
    anyways doesn't do harm.
  - Validate existing IPv4 settings (address, gateway, DNS) to avoid filling
    '/etc/dhcpcd.conf' with invalid data.
  - Validate public DNS name of the server inside askPublicIPOrDNS() function
2020-01-26 18:45:25 +01:00
Orazio
8886eab1dc Restart pihole in the more appropriate restartServices() function 2020-01-26 15:37:42 +01:00
Orazio
e0ee6cf937 Invalidate $IPv4Addr and $IPv4gw when the user claims those settings are not correct 2020-01-26 14:47:31 +01:00
Orazio
b12996df37 Inform the user when updating the package cache, which can be slow on some RPis 2020-01-25 18:01:07 +01:00
Orazio
d1a781075a Detect current netmask, validate user input when configuring a static IP 2020-01-25 17:43:23 +01:00
Orazio
0994ac7d5a Fixed cosmetic issue with spinner, added missing spinner to some APT commands 2020-01-25 14:24:04 +01:00
Orazio
deee38b20e More safeguards, some fixes, standardized some code, WireGuard update script, removed redundant code
- Add curl as a dependency for those who run the script without 'curl URL | bash'.
  - Use POSIX 'command -v' instead of 'hash'.
  - Check if packages have actually been installed and abort execution if they have not.
  - Fixed issue with getStaticIPv4Settings() that prevented existing network settings
    to be used as static IP settings when running the script unattended with empty
    $IPv4addr and $IPv4gw variables.
  - Exit if processing wireguard-linux-compat fails.
  - Exit if 50unattended-upgrades fails to extract.
  - Exit clientSTAT.sh if the wg0 interface is not available.
  - Moved the Self Check to a single script since dedicated versions were very similar.
  - Add 'pivpn -wg' to update WireGuard for users running Raspbian with armv6l kernel.
2020-01-24 17:12:36 +01:00
4s3ti
843daa73cf
Add link to pivpn.dev status dashboard (#922)
* added link to server status dashboard
2020-01-24 16:28:08 +01:00
4s3ti
e725b8cdb5 Replaced Header with bold instead 2020-01-24 16:25:44 +01:00
4s3ti
87a12898d2 added link to server status dashboard 2020-01-24 16:18:06 +01:00
Orazio
4a49787b28 Changed variable name, corrected rm typo 2020-01-21 15:54:20 +01:00
Orazio
44feb0b853 Added back ECDSA and tls-crypt 2020-01-21 13:51:25 +01:00
Orazio
7841e76d89 Use a fake key as the example, just in case... 2020-01-21 08:29:10 +01:00
Orazio
30b374054c Enable cloneandupdate() function, fixed detecting existing iptables rules.
- Uncommented lines inside the cloneandupdate() function in the update script, so pivpn -up can pull scripts from the master branch
  - The script was checking for the existence of PiVPN rules in the INPUT and FORWARD chain by passing 'iptables -t nat -S' to grep, but it couldn't find them as they belong to the filer table and not the nat table. The correct command is 'iptables -S'
2020-01-20 21:51:36 +01:00
4s3ti
5bfaa95e9f
Merge pull request #914 from pivpn/test
Merge test into master
PiVPN Wireguard Support, 
New features, Bugfixes and improvements. 
Check LatestUpdate.md to find out what changed.
2020-01-20 16:13:28 +01:00
Orazio
038473c6c5 Rename 'limit-unstable' to 'pivpn-limit-unstable' 2020-01-20 11:46:17 +01:00
Orazio
b7730b5b2f
Merge branch 'master' into test 2020-01-20 11:16:30 +01:00
Orazio
0999b0dd7c Resolved merge conflicts (2) 2020-01-20 11:13:39 +01:00
Orazio
affad0a7b0 Resolved merge conflicts 2020-01-20 10:55:29 +01:00
Orazio
db293c3093
Update LatestUpdate.md 2020-01-20 10:03:20 +01:00
Orazio
dba3e6ad3e - Prepend 'pivpn-' to unstable repo files to limit naming conflicts
- Update variables inside unattended examples
- Remove openvpn logging setting when uninstalling the package
- Run 'apt-get update' after removing the WireGuard PPA
2020-01-20 09:56:07 +01:00
Orazio
69606f7207 - Allow setting DHCP reservation preference with --unattended
- Flip condition check on $dhcpReserv: first check if empty, and if not, check if it's not 1.
  Doing it the other way (first check if not 1) would give a shell error if $dhcpReserv was empty.
2020-01-20 09:34:43 +01:00
Orazio
fc9a9f5ab7
Use metapackage to install kernel headers on Ubuntu
The ‘linux-headers-generic’ package is preferred over the version-specific headers package as the generic will be automatically  updated with the kernel, whereas the other will not.
2020-01-18 22:04:18 +01:00
4s3ti
66cf44e774 Updated: LatestUpdate.md 2020-01-18 20:10:28 +01:00
4s3ti
1884be8afb Distro Support, Bug Fixes, Unattended install
Tested and added Support on Debian 9
tested and added support on Ubuntu 16.04 & 18.08
  * Fixed wireguard not installing, added pkg cache update after adding ppa
  * added kernel headers to dependencies as its requred for wireguard-dkms
unattended install
  * When user is provided and doest exist, it will create one without password set
2020-01-18 20:01:39 +01:00
Orazio
e08903fa8a
Update LatestUpdate.md 2020-01-15 14:45:29 +01:00
4s3ti
e0d45db762 Variable Quoting
Quoted variables,
Added shellcheck disables.
2020-01-09 00:45:04 +01:00
4s3ti
e2eea482d0 Replace /etc/.pivpn/ with $pivpnFilesDir
/etc/.pivpn/ is refferenced multiple times trough the script,
Replaced all of them with $pivpnFilesDir
Quoted some unquoted vars
2020-01-09 00:22:15 +01:00
4s3ti
047eccc19d Update script: Removed IF statement
Removed if statement from update script,
was making no sense to have it there.
2020-01-08 20:02:34 +01:00
4s3ti
0c79cc9e42 Missing backup on bash-completion
Added backup option on openvpn bash-completion
2020-01-08 19:56:40 +01:00
4s3ti
dd6bb069f0 Updates and improvements
install.sh
  installScripts function:
    update script not being copied over to /opt therefore update funcion was probably broken.
    changed script to copy all .sh scripts from .pivpn/scripts directory.

Issue #871: fix backup script
  I was probably very drunk when i first wrote this backup script.
  fixed it, now works with new code refactoring,
  loads vars from setupVars
  Added backup for wireguard
  Moved script to global pivpnscripts.
  Added backup script to bash-completion
  Added backup script to pivpn script

update.sh
  Commented the update from master branch to avoid users trying to update test from master.

Updated LatestChages.md
2020-01-08 19:38:38 +01:00
4s3ti
8096af7ad0 Updates and improvements
install.sh
  installScripts function:
    update script not being copied over to /opt therefore update funcion was probably broken.
    changed script to copy all .sh scripts from .pivpn/scripts directory.

Issue #871: fix backup script
  I was probably very drunk when i first wrote this backup script.
  fixed it, now works with new code refactoring,
  loads vars from setupVars
  Added backup for wireguard
  Moved script to global pivpnscripts.
  Added backup script to bash-completion
  Added backup script to pivpn script

update.sh
  Commented the update from master branch to avoid users trying to update test from master.

Updated LatestChages.md
2020-01-08 19:37:46 +01:00
4s3ti
412c8e83ac Issue #607
InstallScripts function:
  Added -p flag on mkdir, this fixes script silently exiting if /opt
  does not exist (Issue #607)
2020-01-08 13:16:01 +01:00
4s3ti
2ea469359c Issue #607
Added -p on mkdir /opt/pivpn this fixes issue #607
2020-01-08 13:13:34 +01:00
4s3ti
92381fc2a6 Removed echos
Removed echos i have introduced before exits,
for the *dumb* obvious reasons were causing script to exit.
2020-01-08 02:12:13 +01:00
4s3ti
e6fdfd29b7 Code review, Cleanup.
Moved installPiVPN up, to better match the order when it is called.
Added Some cuotes to make shellcheck happy.
Added exit codes and error messages in case cd fails to not exit
silently.
2020-01-07 20:27:19 +01:00
4s3ti
fd555f924a Merge Test into Local
Origin and Local diverged, pulling to get it right
2020-01-07 01:47:27 +01:00
Orazio
1d0c66a970 Use radiolist to select a VPN 2020-01-07 01:45:06 +01:00
4s3ti
b9f237fe92 Changes for FR #897
Support For DHCP IP Reservation

Main:
  - added If statement to skipp SetStaticIPv4 if dhcpRserv=1

getStaticIPv4Settings:
  - Added Whiptail asking if user wants to use DHCP reservation Settings, this will add dhcpReserv and
    skip setStaticIPv4 while still logging everything.
ConfigExample files:
  - Added staticReserv=0 to config examples. so it can be used with Unattended install
    * 0 means static ip will be setup.
    * 1 means DHCP Reservation will be used and no chage will be made to the interfaces
2020-01-07 01:30:17 +01:00
Orazio
800fd91353 Use radiolist to select a VPN 2020-01-06 11:53:29 +01:00
4s3ti
5cea5bddf8 Code Review: Improvements & Bug Fixes
* Removed Unecessary pipe on availableInterfaces
* Changed OS Support messages accross the script
  - Removed OS Version names from the script, this avoids having to change the code everytime a new OS Version is Released, instead we update the wiki with propper information.
* Changed MaybeOSSupport whiptail tiltes and messages to make it more clear.
  - Messages and titles could cause confusion to users and specially developers
* Moved Funcions Comment to correct place.
* DistroCheck Function:
  - Moved up before other functions so it better refflects the order they are called.
  - changed Case identation to make it easier to read.
  - Added info to # compatibility Comment, Removed unecessary comments
  - added break to exit out of case, easier to understand that the script should move on.
* Added Shellcheck ignores,
* chooseinterface Function:
  - Changed function Logic and cleaned it up
  - Fixed Issue #906
  - Added exit code if no interfaces are found
* Updated LatestUpdate.md
2020-01-06 02:06:47 +01:00
Orazio
8d9bb3422b
Merge pull request #891 from h-town/test
Supersede Google DNS for privacy
2020-01-03 18:10:16 +01:00
Orazio
ba3bf24d89
Merge branch 'test' into test 2020-01-03 18:08:23 +01:00
h-town
465d157a19
Revise route query for IP & GW selection from Quad9 to TEST-NET-1 2020-01-03 10:56:28 -06:00
h-town
78a6f14742
Replace mention of 'Google' with 'Quad9' 2020-01-03 10:43:23 -06:00