General cleanup

2024-11-23 21:46:08 +03:00 · 2018-04-21 20:41:16 +02:00 · 2018-04-21 20:41:16 +02:00 · ff254aeb1e
commit ff254aeb1e
parent cb28b57e09
1 changed files with 49 additions and 57 deletions
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@ -1,11 +1,8 @@
 #!/bin/bash
-# OpenVPN road warrior installer for Debian, Ubuntu and CentOS
-
-# This script will work on Debian, Ubuntu, CentOS and probably other distros
-# of the same families, although no support is offered for them. It isn't
-# bulletproof but it will probably work if you simply want to setup a VPN on
-# your Debian/Ubuntu/CentOS box. It has been designed to be as unobtrusive and
-# universal as possible.
+#
+# https://github.com/Nyr/openvpn-install
+#
+# Copyright (c) 2013 Nyr. Released under the MIT License.


 # Detect Debian users running the script with "sh" instead of bash
@ -25,10 +22,6 @@ You need to enable TUN before running this script"
 	exit 3
 fi

-if grep -qs "CentOS release 5" "/etc/redhat-release"; then
-	echo "CentOS 5 is too old and not supported"
-	exit 4
-fi
 if [[ -e /etc/debian_version ]]; then
 	OS=debian
 	GROUPNAME=nogroup
@ -39,7 +32,7 @@ elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then
 	RCLOCAL='/etc/rc.d/rc.local'
 else
 	echo "Looks like you aren't running this installer on Debian, Ubuntu or CentOS"
-	exit 5
+	exit 4
 fi

 newclient () {
@ -63,8 +56,8 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 	while :
 	do
 	clear
-		echo "Looks like OpenVPN is already installed"
-		echo ""
+		echo "Looks like OpenVPN is already installed."
+		echo
 		echo "What do you want to do?"
 		echo "   1) Add a new user"
 		echo "   2) Revoke an existing user"
@ -73,16 +66,16 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 		read -p "Select an option [1-4]: " option
 		case $option in
 			1) 
-			echo ""
-			echo "Tell me a name for the client certificate"
-			echo "Please, use one word only, no special characters"
+			echo
+			echo "Tell me a name for the client certificate."
+			echo "Please, use one word only, no special characters."
 			read -p "Client name: " -e -i client CLIENT
 			cd /etc/openvpn/easy-rsa/
 			./easyrsa build-client-full $CLIENT nopass
 			# Generates the custom client.ovpn
 			newclient "$CLIENT"
-			echo ""
-			echo "Client $CLIENT added, configuration is available at" ~/"$CLIENT.ovpn"
+			echo
+			echo "Client $CLIENT added, configuration is available at:" ~/"$CLIENT.ovpn"
 			exit
 			;;
 			2)
@ -90,12 +83,12 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 			# ...but what can I say, I want some sleep too
 			NUMBEROFCLIENTS=$(tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep -c "^V")
 			if [[ "$NUMBEROFCLIENTS" = '0' ]]; then
-				echo ""
+				echo
 				echo "You have no existing clients!"
-				exit 6
+				exit 5
 			fi
-			echo ""
-			echo "Select the existing client certificate you want to revoke"
+			echo
+			echo "Select the existing client certificate you want to revoke:"
 			tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | nl -s ') '
 			if [[ "$NUMBEROFCLIENTS" = '1' ]]; then
 				read -p "Select one client [1]: " CLIENTNUMBER
@ -113,12 +106,12 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 			cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
 			# CRL is read with each client connection, when OpenVPN is dropped to nobody
 			chown nobody:$GROUPNAME /etc/openvpn/crl.pem
-			echo ""
-			echo "Certificate for client $CLIENT revoked"
+			echo
+			echo "Certificate for client $CLIENT revoked!"
 			exit
 			;;
 			3) 
-			echo ""
+			echo
 			read -p "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE
 			if [[ "$REMOVE" = 'y' ]]; then
 				PORT=$(grep '^port ' /etc/openvpn/server.conf | cut -d " " -f 2)
@ -158,10 +151,10 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 					yum remove openvpn -y
 				fi
 				rm -rf /etc/openvpn
-				echo ""
+				echo
 				echo "OpenVPN removed!"
 			else
-				echo ""
+				echo
 				echo "Removal aborted!"
 			fi
 			exit
@ -171,18 +164,26 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 	done
 else
 	clear
-	echo 'Welcome to this quick OpenVPN "road warrior" installer'
-	echo ""
+	echo 'Welcome to this OpenVPN "road warrior" installer!'
+	echo
 	# OpenVPN setup and first user creation
-	echo "I need to ask you a few questions before starting the setup"
-	echo "You can leave the default options and just press enter if you are ok with them"
-	echo ""
-	echo "First I need to know the IPv4 address of the network interface you want OpenVPN"
+	echo "I need to ask you a few questions before starting the setup."
+	echo "You can leave the default options and just press enter if you are ok with them."
+	echo
+	echo "First, provide the IPv4 address of the network interface you want OpenVPN"
 	echo "listening to."
 	# Autodetect IP address and pre-fill for the user
 	IP=$(ip addr | grep 'inet' | grep -v inet6 | grep -vE '127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)
 	read -p "IP address: " -e -i $IP IP
-	echo ""
+	# Try to detect a NATed connection and ask the user about it
+	EXTERNALIP=$(wget -4qO- "http://whatismyip.akamai.com/" 2>/dev/null || curl -4s "http://whatismyip.akamai.com/")
+	if [[ "$IP" != "$EXTERNALIP" ]]; then
+		echo
+		echo "If your server is behind NAT, please provide the public IP address or hostname."
+		echo "If that's not the case, just ignore this and leave the next field blank."
+		read -p "Public IP address / Hostname: " -e PUBLICIP
+	fi
+	echo
 	echo "Which protocol do you want for OpenVPN connections?"
 	echo "   1) UDP (recommended)"
 	echo "   2) TCP"
@ -195,10 +196,10 @@ else
 		PROTOCOL=tcp
 		;;
 	esac
-	echo ""
+	echo
 	echo "What port do you want OpenVPN listening to?"
 	read -p "Port: " -e -i 1194 PORT
-	echo ""
+	echo
 	echo "Which DNS do you want to use with the VPN?"
 	echo "   1) Current system resolvers"
 	echo "   2) 1.1.1.1"
@ -206,12 +207,12 @@ else
 	echo "   4) OpenDNS"
 	echo "   5) Verisign"
 	read -p "DNS [1-5]: " -e -i 1 DNS
-	echo ""
-	echo "Finally, tell me your name for the client certificate"
-	echo "Please, use one word only, no special characters"
+	echo
+	echo "Finally, tell me your name for the client certificate."
+	echo "Please, use one word only, no special characters."
 	read -p "Client name: " -e -i client CLIENT
-	echo ""
-	echo "Okay, that was all I needed. We are ready to setup your OpenVPN server now"
+	echo
+	echo "Okay, that was all I needed. We are ready to set up your OpenVPN server now."
 	read -n1 -r -p "Press any key to continue..."
 	if [[ "$OS" = 'debian' ]]; then
 		apt-get update
@ -375,18 +376,9 @@ exit 0' > $RCLOCAL
 			chkconfig openvpn on
 		fi
 	fi
-	# Try to detect a NATed connection and ask about it to potential LowEndSpirit users
-	EXTERNALIP=$(wget -4qO- "http://whatismyip.akamai.com/" 2>/dev/null || curl -4s "http://whatismyip.akamai.com/")
-	if [[ "$IP" != "$EXTERNALIP" ]]; then
-		echo ""
-		echo "Looks like your server could be behind a NAT!"
-		echo ""
-		echo "If your server is behind a NAT, I need to know the public IP or hostname"
-		echo "If that's not the case, just ignore this and leave the next field blank"
-		read -p "Public IP: " -e PUBLICIP
-		if [[ "$PUBLICIP" != "" ]]; then
-			IP=$PUBLICIP
-		fi
+	# If the serrver is behind a NAT, use the correct IP address
+	if [[ "$PUBLICIP" != "" ]]; then
+		IP=$PUBLICIP
 	fi
 	# client-common.txt is created so we have a template to add further users later
 	echo "client
@ -408,9 +400,9 @@ key-direction 1
 verb 3" > /etc/openvpn/client-common.txt
 	# Generates the custom client.ovpn
 	newclient "$CLIENT"
-	echo ""
+	echo
 	echo "Finished!"
-	echo ""
-	echo "Your client configuration is available at" ~/"$CLIENT.ovpn"
+	echo
+	echo "Your client configuration is available at:" ~/"$CLIENT.ovpn"
 	echo "If you want to add more clients, you simply need to run this script again!"
 fi