Reworked OS detection

- Made OS detection more flexible and fine-grained
- Fedora is now officially supported

README.md

@@ -1,5 +1,5 @@
 ## openvpn-install
-OpenVPN [road warrior](http://en.wikipedia.org/wiki/Road_warrior_%28computing%29) installer for Debian, Ubuntu and CentOS.
+OpenVPN [road warrior](http://en.wikipedia.org/wiki/Road_warrior_%28computing%29) installer for Ubuntu, Debian, CentOS and Fedora.
 
 This script will let you set up your own VPN server in no more than a minute, even if you haven't used OpenVPN before. It has been designed to be as unobtrusive and universal as possible.
 

openvpn-install.sh

@@ -5,27 +5,6 @@
 # Copyright (c) 2013 Nyr. Released under the MIT License.
 
 
-if grep -qs "14.04" /etc/os-release; then
-	echo "Ubuntu 14.04 is too old and not supported"
-	exit
-fi
-
-if grep -qs "jessie" /etc/os-release; then
-	echo "Debian 8 is too old and not supported"
-	exit
-fi
-
-if grep -qs "CentOS release 6" /etc/redhat-release; then
-	echo "CentOS 6 is too old and not supported"
-	exit
-fi
-
-if grep -qs "Ubuntu 16.04" /etc/os-release; then
-	echo 'Ubuntu 16.04 is no longer supported in the current version of openvpn-install
-Use an older version if Ubuntu 16.04 support is needed: https://git.io/vpn1604'
-	exit
-fi
-
 # Detect Debian users running the script with "sh" instead of bash
 if readlink /proc/$$/exe | grep -q "dash"; then
 	echo "This script needs to be run with bash, not sh"
@@ -37,20 +16,50 @@ if [[ "$EUID" -ne 0 ]]; then
 	exit
 fi
 
-if [[ ! -e /dev/net/tun ]]; then
+# Detect OS
-	echo "The TUN device is not available
+# $os_version variables aren't always in use, but are kept here for convenience
-You need to enable TUN before running this script"
+if grep -qs "ubuntu" /etc/os-release; then
+	os="ubuntu"
+	os_version=$(grep 'VERSION_ID' /etc/os-release | cut -d '"' -f 2 | tr -d '.')
+	group_name="nogroup"
+elif [[ -e /etc/debian_version ]]; then
+	os="debian"
+	os_version=$(grep -oE '[0-9]+' /etc/debian_version | head -1)
+	group_name="nogroup"
+elif [[ -e /etc/centos-release ]]; then
+	os="centos"
+	os_version=$(grep -oE '[0-9]+' /etc/centos-release | head -1)
+	group_name="nobody"
+elif [[ -e /etc/fedora-release ]]; then
+	os="fedora"
+	os_version=$(grep -oE '[0-9]+' /etc/fedora-release | head -1)
+	group_name="nobody"
+else
+	echo "Looks like you aren't running this installer on Ubuntu, Debian, CentOS or Fedora"
 	exit
 fi
 
-if [[ -e /etc/debian_version ]]; then
+if [[ "$os" == "ubuntu" && "$os_version" -lt 1804 ]]; then
-	os="debian"
+	echo "Ubuntu 18.04 or higher is required to use this installer
-	group_name="nogroup"
+This version of Ubuntu is too old and unsupported"
-elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then
+	exit
-	os="centos"
+fi
-	group_name="nobody"
+
-else
+if [[ "$os" == "debian" && "$os_version" -lt 9 ]]; then
-	echo "Looks like you aren't running this installer on Debian, Ubuntu or CentOS"
+	echo "Debian 9 or higher is required to use this installer
+This version of Debian is too old and unsupported"
+	exit
+fi
+
+if [[ "$os" == "centos" && "$os_version" -lt 7 ]]; then
+	echo "CentOS 7 or higher is required to use this installer
+This version of CentOS is too old and unsupported"
+	exit
+fi
+
+if [[ ! -e /dev/net/tun ]]; then
+	echo "The TUN device is not available
+You need to enable TUN before running this script"
 	exit
 fi
 
@@ -180,13 +189,15 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 		echo "[Service]
 LimitNPROC=infinity" > /etc/systemd/system/openvpn-server@server.service.d/disable-limitnproc.conf
 	fi
-	if [[ "$os" = "debian" ]]; then
+	if [[ "$os" = "debian" || "$os" = "ubuntu" ]]; then
 		apt-get update
-		apt-get install openvpn iptables openssl ca-certificates -y
+		apt-get install -y openvpn iptables openssl ca-certificates
+	elif [[ "$os" = "centos" ]]; then
+		yum install -y epel-release
+		yum install -y openvpn iptables openssl ca-certificates tar
 	else
-		# Else, the distro is CentOS
+		# Else, OS must be Fedora
-		yum install epel-release -y
+		dnf install -y openvpn iptables openssl ca-certificates tar
-		yum install openvpn iptables openssl ca-certificates tar -y
 	fi
 	# Get easy-rsa
 	easy_rsa_url='https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.7/EasyRSA-3.0.7.tgz'
@@ -346,10 +357,10 @@ WantedBy=multi-user.target" >> /etc/systemd/system/openvpn-iptables.service
 	if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$port" != 1194 ]]; then
 		# Install semanage if not already present
 		if ! hash semanage 2>/dev/null; then
-			if grep -qs "CentOS Linux release 7" "/etc/centos-release"; then
+			if [[ "$os_version" -eq 7 ]]; then
-				yum install policycoreutils-python -y
+				yum install -y policycoreutils-python
 			else
-				yum install policycoreutils-python-utils -y
+				yum install -y policycoreutils-python-utils
 			fi
 		fi
 		semanage port -a -t openvpn_port_t -p "$protocol" "$port"
@@ -490,10 +501,11 @@ else
 				rm -rf /etc/openvpn/server
 				rm -f /etc/systemd/system/openvpn-server@server.service.d/disable-limitnproc.conf
 				rm -f /etc/sysctl.d/30-openvpn-forward.conf
-				if [[ "$os" = "debian" ]]; then
+				if [[ "$os" = "debian" || "$os" = "ubuntu" ]]; then
 					apt-get remove --purge -y openvpn
 				else
-					yum remove openvpn -y
+					# Else, OS must be CentOS or Fedora
+					yum remove -y openvpn
 				fi
 				echo
 				echo "OpenVPN removed!"