mirror of
https://github.com/Nyr/openvpn-install.git
synced 2024-11-24 05:56:08 +03:00
Merge pull request #2 from davift/davift-patch-1
This commit is contained in:
commit
d6045a1d60
69
README.md
69
README.md
@ -1,65 +1,24 @@
|
|||||||
|
**New: [wireguard-install](https://github.com/Nyr/wireguard-install) is also available.**
|
||||||
|
|
||||||
## openvpn-install
|
## openvpn-install
|
||||||
|
OpenVPN [road warrior](http://en.wikipedia.org/wiki/Road_warrior_%28computing%29) installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora.
|
||||||
|
|
||||||
OpenVPN Server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, and Fedora.
|
This script will let you set up your own VPN server in no more than a minute, even if you haven't used OpenVPN before. It has been designed to be as unobtrusive and universal as possible.
|
||||||
|
|
||||||
This repo is originally a fork of https://github.com/Nyr/openvpn-install with some changes and added features.
|
### Installation
|
||||||
|
Run the script and follow the assistant:
|
||||||
|
|
||||||
### Instructions
|
`wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh`
|
||||||
|
|
||||||
Download and execute the script:
|
|
||||||
|
|
||||||
```
|
|
||||||
wget https://raw.githubusercontent.com/davift/openvpn-install/master/openvpn-install.sh
|
|
||||||
chmod +x openvpn-install.sh
|
|
||||||
./openvpn-install.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.
|
Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.
|
||||||
|
|
||||||
### Automation
|
### I want to run my own VPN but don't have a server for that
|
||||||
|
You can get a VPS from just 2€/month at [AlphaVPS](https://alphavps.com/clients/aff.php?aff=474&pid=422).
|
||||||
|
|
||||||
Download the CLI script:
|
### Donations
|
||||||
|
If you want to show your appreciation, you can donate via [PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=VBAYDL34Z7J6L) or [cryptocurrency](https://pastebin.com/raw/M2JJpQpC). Thanks!
|
||||||
|
|
||||||
```
|
### Sponsors
|
||||||
wget https://raw.githubusercontent.com/davift/openvpn-install/master/openvpn-cli.sh
|
This project is proudly sponsored by our friends at [FrogeHost](https://froge.host/?utm_source=nyr).
|
||||||
chmod +x openvpn-cli.sh
|
|
||||||
./openvpn-cli.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
The CLI script allows you to add and revoke users with a single command or for using with Ansible or Terraform.
|
For a commercial VPN with strong anti-censorship capabilities (最强翻墙VPN) from $1/month, check out [Clever VPN](https://www.clever-vpn.net/?wg-referral=01LOULuQoi).
|
||||||
|
|
||||||
```
|
|
||||||
See examples:
|
|
||||||
|
|
||||||
./openvpn-cli.sh add username add a new client
|
|
||||||
./openvpn-cli.sh revoke username revoke a client
|
|
||||||
./openvpn-cli.sh add username@domain.com add a new client and send the configuration via email
|
|
||||||
./openvpn-cli.sh revoke username@domain.com revoke client and send the configuration via email
|
|
||||||
|
|
||||||
```
|
|
||||||
|
|
||||||
### Optional
|
|
||||||
|
|
||||||
If the new client account is a valid email address, the configuration file is automatically sent, as long as MSMTP is installed and configured.
|
|
||||||
|
|
||||||
```
|
|
||||||
sudo apt install msmtp msmtp-mta -y
|
|
||||||
sudo nano /etc/msmtprc
|
|
||||||
```
|
|
||||||
|
|
||||||
MSMTP Configuration Example (for Gmail):
|
|
||||||
|
|
||||||
```
|
|
||||||
defaults
|
|
||||||
auth on
|
|
||||||
tls on
|
|
||||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
|
||||||
logfile ~/.msmtp.log
|
|
||||||
account gmail
|
|
||||||
host smtp.gmail.com
|
|
||||||
port 587
|
|
||||||
from username@gmail.com
|
|
||||||
user username@gmail.com
|
|
||||||
password password
|
|
||||||
account default : gmail
|
|
||||||
```
|
|
||||||
|
@ -121,7 +121,7 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
|
|||||||
read -p "IPv4 address [1]: " ip_number
|
read -p "IPv4 address [1]: " ip_number
|
||||||
done
|
done
|
||||||
[[ -z "$ip_number" ]] && ip_number="1"
|
[[ -z "$ip_number" ]] && ip_number="1"
|
||||||
ip=$((ip -4 addr ; echo -n 'inet 0.0.0.0') | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' | sed -n "$ip_number"p)
|
ip=$((ip -4 addr ; echo -n 'inet 0.0.0.0') | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' | sed -n "$ip_number"p | head -1)
|
||||||
# If $ip is a private IP address, the server must be behind NAT
|
# If $ip is a private IP address, the server must be behind NAT
|
||||||
if echo "$ip" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168|0\.0\.0\.0)'; then
|
if echo "$ip" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168|0\.0\.0\.0)'; then
|
||||||
echo
|
echo
|
||||||
@ -137,7 +137,7 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
|
|||||||
[[ -z "$public_ip" ]] && public_ip="$get_public_ip"
|
[[ -z "$public_ip" ]] && public_ip="$get_public_ip"
|
||||||
fi
|
fi
|
||||||
# Seting the default gateway's interface for public side of the NAT since it was used to get_public_ip
|
# Seting the default gateway's interface for public side of the NAT since it was used to get_public_ip
|
||||||
out_interface=$(ip r | grep -E '^default' | awk '{print $5}')
|
out_interface=$(ip r | grep -E '^default' | awk '{print $5}' | head -1)
|
||||||
# If system has a single IPv6, it is selected automatically
|
# If system has a single IPv6, it is selected automatically
|
||||||
if [[ $(ip -6 addr | grep -c 'inet6 [23]') -eq 1 ]]; then
|
if [[ $(ip -6 addr | grep -c 'inet6 [23]') -eq 1 ]]; then
|
||||||
ip6=$(ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}')
|
ip6=$(ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}')
|
||||||
@ -189,11 +189,13 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
|
|||||||
echo " 4) OpenDNS"
|
echo " 4) OpenDNS"
|
||||||
echo " 5) Quad9"
|
echo " 5) Quad9"
|
||||||
echo " 6) AdGuard"
|
echo " 6) AdGuard"
|
||||||
|
echo " 7) Other"
|
||||||
read -p "DNS server [1]: " dns
|
read -p "DNS server [1]: " dns
|
||||||
until [[ -z "$dns" || "$dns" =~ ^[1-6]$ ]]; do
|
until [[ -z "$dns" || "$dns" =~ ^[1-7]$ ]]; do
|
||||||
echo "$dns: invalid selection."
|
echo "$dns: invalid selection."
|
||||||
read -p "DNS server [1]: " dns
|
read -p "DNS server [1]: " dns
|
||||||
done
|
done
|
||||||
|
|
||||||
case "$dns" in
|
case "$dns" in
|
||||||
1|"")
|
1|"")
|
||||||
resolver='the current system resolvers'
|
resolver='the current system resolvers'
|
||||||
@ -213,6 +215,21 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
|
|||||||
6)
|
6)
|
||||||
resolver='AdGuard'
|
resolver='AdGuard'
|
||||||
;;
|
;;
|
||||||
|
7)
|
||||||
|
if [[ "$dns" == 7 ]]; then
|
||||||
|
read -p "Enter custom DNS server 1: " dns_custom_1
|
||||||
|
until [[ "$dns_custom_1" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; do
|
||||||
|
echo "$dns_custom_1: invalid DNS server."
|
||||||
|
read -p "Enter custom DNS server 1: " dns_custom_1
|
||||||
|
done
|
||||||
|
read -p "Enter custom DNS server 2: " dns_custom_2
|
||||||
|
until [[ "$dns_custom_2" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; do
|
||||||
|
echo "$dns_custom_2: invalid DNS server."
|
||||||
|
read -p "Enter custom DNS server 2: " dns_custom_2
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
resolver='Other'
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
echo
|
echo
|
||||||
echo "Enter a name for the first client:"
|
echo "Enter a name for the first client:"
|
||||||
@ -349,6 +366,10 @@ server 10.8.0.0 255.255.255.0" > /etc/openvpn/server/server.conf
|
|||||||
echo 'push "dhcp-option DNS 94.140.14.14"' >> /etc/openvpn/server/server.conf
|
echo 'push "dhcp-option DNS 94.140.14.14"' >> /etc/openvpn/server/server.conf
|
||||||
echo 'push "dhcp-option DNS 94.140.15.15"' >> /etc/openvpn/server/server.conf
|
echo 'push "dhcp-option DNS 94.140.15.15"' >> /etc/openvpn/server/server.conf
|
||||||
;;
|
;;
|
||||||
|
7)
|
||||||
|
echo 'push "dhcp-option DNS '$dns_custom_1'"' >> /etc/openvpn/server/server.conf
|
||||||
|
echo 'push "dhcp-option DNS '$dns_custom_2'"' >> /etc/openvpn/server/server.conf
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
echo 'push "block-outside-dns"' >> /etc/openvpn/server/server.conf
|
echo 'push "block-outside-dns"' >> /etc/openvpn/server/server.conf
|
||||||
echo "keepalive 10 120
|
echo "keepalive 10 120
|
||||||
|
Loading…
Reference in New Issue
Block a user