Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-19 03:10:16 +00:00
Code Issues Projects Releases Packages Wiki Activity
pivpn/scripts/uninstall.sh
shelleycat485 3ed9ec5724 install and uninstall
2020-05-02 00:06:09 +01:00

223 lines
7.9 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
# PiVPN: Uninstall Script
### FIXME: global: config storage, refactor all scripts to adhere to the storage
### FIXME: use variables where appropriate, reduce magic numbers by 99.9%, at least.
# Find the rows and columns. Will default to 80x24 if it can not be detected.
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "$screen_size" | awk '{print $1}')
columns=$(echo "$screen_size" | awk '{print $2}')
# Divide by two so the dialogs take up half of the screen, which looks nice.
r=$(( rows / 2 ))
c=$(( columns / 2 ))
# Unless the screen is tiny
r=$(( r < 20 ? 20 : r ))
c=$(( c < 70 ? 70 : c ))
chooseVPNCmd=(whiptail --backtitle "Setup PiVPN" --title "Installation mode" --separate-output --radiolist "WireGuard is a new kind of VPN that provides near-instantaneous connection speed, high performance, and modern cryptography.\\n\\nIt's the recommended choice especially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\\n\\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol or if you need features like TCP and custom search domain.\\n\\nChoose a VPN to uninstall (press space to select):" "${r}" "${c}" 2)
VPNChooseOptions=(WireGuard "" on
OpenVPN "" off)
if VPN=$("${chooseVPNCmd[@]}" "${VPNChooseOptions[@]}" 2>&1 >/dev/tty) ; then
echo "::: Using VPN: $VPN"
VPN="${VPN,,}"
else
echo "::: Cancel selected, exiting...."
exit 1
fi
PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
dnsmasqConfig="/etc/dnsmasq.d/02-pivpn.conf"
setupVars="/etc/pivpn/${VPN}/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
# shellcheck disable=SC1090
source "${setupVars}"
### FIXME: introduce global lib
spinner(){
local pid=$1
local delay=0.50
local spinstr='/-\|'
while ps a | awk '{print $1}' | grep -q "$pid"; do
local temp=${spinstr#?}
printf " [%c] " "$spinstr"
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\\b\\b\\b\\b\\b\\b"
done
printf " \\b\\b\\b\\b"
}
removeAll(){
# Stopping and disabling services
echo "::: Stopping and disabling services..."
if [ "$VPN" = "wireguard" ]; then
systemctl stop wg-quick@wg0
systemctl disable wg-quick@wg0 &> /dev/null
elif [ "$VPN" = "openvpn" ]; then
systemctl stop openvpn
systemctl disable openvpn &> /dev/null
fi
# Removing firewall rules.
echo "::: Removing firewall rules..."
if [ "$USING_UFW" -eq 1 ]; then
### FIXME: SC2154
ufw delete allow "${pivpnPORT}"/"${pivpnPROTO}" > /dev/null
### FIXME: SC2154
ufw route delete allow in on "${pivpnDEV}" from "${pivpnNET}/${subnetClass}" out on "${IPv4dev}" to any > /dev/null
sed -z "s/*nat\\n:POSTROUTING ACCEPT \\[0:0\\]\\n-I POSTROUTING -s ${pivpnNET}\\/${subnetClass} -o ${IPv4dev} -j MASQUERADE -m comment --comment ${VPN}-nat-rule\\nCOMMIT\\n\\n//" -i /etc/ufw/before.rules
iptables -t nat -D POSTROUTING -s "${pivpnNET}/${subnetClass}" -o "${IPv4dev}" -j MASQUERADE -m comment --comment "${VPN}-nat-rule"
ufw reload &> /dev/null
elif [ "$USING_UFW" -eq 0 ]; then
if [ "$INPUT_CHAIN_EDITED" -eq 1 ]; then
iptables -D INPUT -i "${IPv4dev}" -p "${pivpnPROTO}" --dport "${pivpnPORT}" -j ACCEPT -m comment --comment "${VPN}-input-rule"
fi
if [ "$FORWARD_CHAIN_EDITED" -eq 1 ]; then
iptables -D FORWARD -d "${pivpnNET}/${subnetClass}" -i "${IPv4dev}" -o "${pivpnDEV}" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -m comment --comment "${VPN}-forward-rule"
iptables -D FORWARD -s "${pivpnNET}/${subnetClass}" -i "${pivpnDEV}" -o "${IPv4dev}" -j ACCEPT -m comment --comment "${VPN}-forward-rule"
fi
iptables -t nat -D POSTROUTING -s "${pivpnNET}/${subnetClass}" -o "${IPv4dev}" -j MASQUERADE -m comment --comment "${VPN}-nat-rule"
iptables-save > /etc/iptables/rules.v4
fi
# Disable IPv4 forwarding
sed -i '/net.ipv4.ip_forward=1/c\#net.ipv4.ip_forward=1' /etc/sysctl.conf
sysctl -p
# Purge dependencies
echo "::: Purge dependencies..."
for i in "${INSTALLED_PACKAGES[@]}"; do
while true; do
read -rp "::: Do you wish to remove $i from your system? [Y/n]: " yn
case $yn in
[Yy]* ) if [ "${i}" = "wireguard" ]; then
# On Debian and Raspbian, remove the bullseye repo. On Ubuntu, remove the PPA.
if [ "$PLAT" = "Debian" ] || [ "$PLAT" = "Raspbian" ]; then
rm -f /etc/apt/sources.list.d/pivpn-bullseye.list
rm -f /etc/apt/preferences.d/pivpn-limit-bullseye
elif [ "$PLAT" = "Ubuntu" ]; then
add-apt-repository ppa:wireguard/wireguard -r -y
fi
echo "::: Updating package cache..."
${UPDATE_PKG_CACHE} &> /dev/null & spinner $!
elif [ "${i}" = "unattended-upgrades" ]; then
rm -rf /var/log/unattended-upgrades
rm -rf /etc/apt/apt.conf.d/*periodic
rm -rf /etc/apt/apt.conf.d/*unattended-upgrades
elif [ "${i}" = "openvpn" ]; then
if [ "$PLAT" = "Debian" ] || [ "$PLAT" = "Ubuntu" ]; then
rm -f /etc/apt/sources.list.d/pivpn-openvpn-repo.list
echo "::: Updating package cache..."
${UPDATE_PKG_CACHE} &> /dev/null & spinner $!
fi
deluser openvpn
rm -f /etc/rsyslog.d/30-openvpn.conf
rm -f /etc/logrotate.d/openvpn
fi
printf ":::\\tRemoving %s..." "$i"; $PKG_MANAGER -y remove --purge "$i" &> /dev/null & spinner $!; printf "done!\\n";
break
;;
[Nn]* ) printf ":::\\tSkipping %s\\n" "$i";
break
;;
* ) printf "::: You must answer yes or no!\\n";;
esac
done
done
# Take care of any additional package cleaning
printf "::: Auto removing remaining dependencies..."
$PKG_MANAGER -y autoremove &> /dev/null & spinner $!; printf "done!\\n";
printf "::: Auto cleaning remaining dependencies..."
$PKG_MANAGER -y autoclean &> /dev/null & spinner $!; printf "done!\\n";
echo ":::"
# Removing pivpn files
echo "::: Removing pivpn system files..."
if [ -f "$dnsmasqConfig" ]; then
rm -f "$dnsmasqConfig"
pihole restartdns
fi
rm -rf /opt/pivpn/${VPN}
# if dual installation, other installation will cause next line to fail
rmdir /opt/pivpn
rm -rf /etc/.pivpn/${VPN}
rmdir /etc/.pivpn
rm -rf /etc/pivpn/${VPN}
rmdir /etc/pivpn
rm -f /var/log/*pivpn*
rm -f /usr/local/bin/pivpn/${VPN}
# TODO fix bash_completion removal
rm -f /etc/bash_completion.d/pivpn
echo ":::"
echo "::: Removing VPN configuration files..."
if [ "$VPN" = "wireguard" ]; then
rm -f /etc/wireguard/wg0.conf
rm -rf /etc/wireguard/configs
rm -rf /etc/wireguard/keys
### FIXME SC2154
rm -rf "$install_home/configs"
elif [ "$VPN" = "openvpn" ]; then
rm -rf /var/log/*openvpn*
rm -f /etc/openvpn/server.conf
rm -f /etc/openvpn/crl.pem
rm -rf /etc/openvpn/easy-rsa
rm -rf /etc/openvpn/ccd
rm -rf "$install_home/ovpns"
fi
echo ":::"
printf "::: Finished removing PiVPN from your system.\\n"
printf "::: Reinstall by simpling running\\n:::\\n:::\\tcurl -L https://install.pivpn.io | bash\\n:::\\n::: at any time!\\n:::\\n"
}
askreboot(){
printf "It is \\e[1mstrongly\\e[0m recommended to reboot after un-installation.\\n"
read -p "Would you like to reboot now? [y/n]: " -n 1 -r
echo
if [[ ${REPLY} =~ ^[Yy]$ ]]; then
printf "\\nRebooting system...\\n"
sleep 3
shutdown -r now
fi
}
######### SCRIPT ###########
echo "::: Preparing to remove packages, be sure that each may be safely removed depending on your operating system."
echo "::: (SAFE TO REMOVE ALL ON RASPBIAN)"
while true; do
read -rp "::: Do you wish to completely remove PiVPN configuration and installed packages from your system? (You will be prompted for each package) [y/n]: " yn
case $yn in
[Yy]* ) removeAll; askreboot; break;;
[Nn]* ) printf "::: Not removing anything, exiting...\\n"; break;;
esac
done
Reference in a new issue View git blame Copy permalink