1
0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-23 21:46:08 +03:00

Remove support for old distros

The following versions are no longer supported:
- Debian 10
- Ubuntu 18.04
- Ubuntu 20.04
- CentOS/Alma/Rocky 7
- CentOS/Alma/Rocky 8
- Fedora 31
This commit is contained in:
Nyr 2024-04-23 14:06:10 +02:00
parent 6936231d86
commit b86d97d3e3

View File

@ -14,12 +14,6 @@ fi
# Discard stdin. Needed when running from an one-liner which includes a newline # Discard stdin. Needed when running from an one-liner which includes a newline
read -N 999999 -t 0.001 read -N 999999 -t 0.001
# Detect OpenVZ 6
if [[ $(uname -r | cut -d "." -f 1) -eq 2 ]]; then
echo "The system is running an old kernel, which is incompatible with this installer."
exit
fi
# Detect OS # Detect OS
# $os_version variables aren't always in use, but are kept here for convenience # $os_version variables aren't always in use, but are kept here for convenience
if grep -qs "ubuntu" /etc/os-release; then if grep -qs "ubuntu" /etc/os-release; then
@ -44,8 +38,8 @@ Supported distros are Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora.
exit exit
fi fi
if [[ "$os" == "ubuntu" && "$os_version" -lt 1804 ]]; then if [[ "$os" == "ubuntu" && "$os_version" -lt 2204 ]]; then
echo "Ubuntu 18.04 or higher is required to use this installer. echo "Ubuntu 22.04 or higher is required to use this installer.
This version of Ubuntu is too old and unsupported." This version of Ubuntu is too old and unsupported."
exit exit
fi fi
@ -55,15 +49,15 @@ if [[ "$os" == "debian" ]]; then
echo "Debian Testing and Debian Unstable are unsupported by this installer." echo "Debian Testing and Debian Unstable are unsupported by this installer."
exit exit
fi fi
if [[ "$os_version" -lt 9 ]]; then if [[ "$os_version" -lt 11 ]]; then
echo "Debian 9 or higher is required to use this installer. echo "Debian 11 or higher is required to use this installer.
This version of Debian is too old and unsupported." This version of Debian is too old and unsupported."
exit exit
fi fi
fi fi
if [[ "$os" == "centos" && "$os_version" -lt 7 ]]; then if [[ "$os" == "centos" && "$os_version" -lt 9 ]]; then
echo "CentOS 7 or higher is required to use this installer. echo "CentOS 9 or higher is required to use this installer.
This version of CentOS is too old and unsupported." This version of CentOS is too old and unsupported."
exit exit
fi fi
@ -231,8 +225,8 @@ LimitNPROC=infinity" > /etc/systemd/system/openvpn-server@server.service.d/disab
apt-get update apt-get update
apt-get install -y --no-install-recommends openvpn openssl ca-certificates $firewall apt-get install -y --no-install-recommends openvpn openssl ca-certificates $firewall
elif [[ "$os" = "centos" ]]; then elif [[ "$os" = "centos" ]]; then
yum install -y epel-release dnf install -y epel-release
yum install -y openvpn openssl ca-certificates tar $firewall dnf install -y openvpn openssl ca-certificates tar $firewall
else else
# Else, OS must be Fedora # Else, OS must be Fedora
dnf install -y openvpn openssl ca-certificates tar $firewall dnf install -y openvpn openssl ca-certificates tar $firewall
@ -260,7 +254,7 @@ LimitNPROC=infinity" > /etc/systemd/system/openvpn-server@server.service.d/disab
# Without +x in the directory, OpenVPN can't run a stat() on the CRL file # Without +x in the directory, OpenVPN can't run a stat() on the CRL file
chmod o+x /etc/openvpn/server/ chmod o+x /etc/openvpn/server/
# Generate key for tls-crypt # Generate key for tls-crypt
openvpn --genkey --secret /etc/openvpn/server/tc.key openvpn --genkey secret /etc/openvpn/server/tc.key
# Create the DH parameters file using the predefined ffdhe2048 group # Create the DH parameters file using the predefined ffdhe2048 group
echo '-----BEGIN DH PARAMETERS----- echo '-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
@ -405,14 +399,8 @@ WantedBy=multi-user.target" >> /etc/systemd/system/openvpn-iptables.service
if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$port" != 1194 ]]; then if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$port" != 1194 ]]; then
# Install semanage if not already present # Install semanage if not already present
if ! hash semanage 2>/dev/null; then if ! hash semanage 2>/dev/null; then
if [[ "$os_version" -eq 7 ]]; then
# Centos 7
yum install -y policycoreutils-python
else
# CentOS 8 or Fedora
dnf install -y policycoreutils-python-utils dnf install -y policycoreutils-python-utils
fi fi
fi
semanage port -a -t openvpn_port_t -p "$protocol" "$port" semanage port -a -t openvpn_port_t -p "$protocol" "$port"
fi fi
# If the server is behind NAT, use the correct IP address # If the server is behind NAT, use the correct IP address
@ -553,7 +541,7 @@ else
apt-get remove --purge -y openvpn apt-get remove --purge -y openvpn
else else
# Else, OS must be CentOS or Fedora # Else, OS must be CentOS or Fedora
yum remove -y openvpn dnf remove -y openvpn
rm -rf /etc/openvpn/server rm -rf /etc/openvpn/server
fi fi
echo echo