1
0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-24 05:56:08 +03:00
Commit Graph

150 Commits

Author SHA1 Message Date
Chris Xiao
6e4454d92a
get easy-rsa from github, validate CA on client side 2018-07-26 20:57:37 -04:00
Birkhoff
7bfa2bb2be
Verify SSL certificate 2018-07-25 17:35:27 -04:00
Birkhoff
dc2ff7fb75
Install easy-rsa instead of downloading tarball from GitHub 2018-07-25 17:17:17 -04:00
Chris Xiao
54d7f66d96
fixed links in ssl docs 2018-07-24 23:27:25 -04:00
Chris Xiao
e52970decc
fixed formatting in documentation 2018-07-24 23:25:48 -04:00
Chris Xiao
3126e9f439
separated documentation files 2018-07-24 23:21:46 -04:00
Chris Xiao
f6c1cd5519
Updated README 2018-07-24 17:07:28 -04:00
Chris Xiao
9eba8d40ce
Fixed a stunnel-related bug; Updated README
stunnel may fail to launch in CentOS with 'setuid' and 'setgid', so I removed those from the config files. Users are now asked to run stunnel with sudo.
2018-07-23 23:07:23 -04:00
Birkhoff
987556aa66
Update README.md 2018-07-14 16:54:34 -04:00
Birkhoff
fd6ba7bd36
Start stunnel on startup 2018-07-11 19:14:18 -04:00
Birkhoff
c5ad0c95e5
Update openvpn-install.sh 2018-07-11 17:34:03 -04:00
Birkhoff
233c460466
Remove stunnel 2018-07-11 17:24:55 -04:00
Birkhoff
06497c24af
Bingo! 2018-07-11 17:22:51 -04:00
Birkhoff
ead883b476
Update filename 2018-07-11 14:48:08 -04:00
Birkhoff
b233ddbfc9
Some slight modifications, client still does not work. 2018-07-11 14:28:52 -04:00
Birkhoff
86a155b4bb
Server works, but client doesn't 2018-07-11 14:14:03 -04:00
Birkhoff
bb6f9ecd78
Buggy Stunnel 2018-07-11 01:18:45 -04:00
Birkhoff
4ce8bbc91b
Rename LICENSE.txt to LICENSE 2018-07-09 18:53:55 -04:00
Birkhoff
5082770598
Update LICENSE.txt 2018-07-09 18:53:34 -04:00
Birkhoff
fc709b79f6
Remove -O 2018-07-08 19:38:29 -04:00
Birkhoff
f6c1456631
Use original URL 2018-07-08 19:37:17 -04:00
Birkhoff
13480ce960
Update LICENSE.txt 2018-07-08 16:25:20 -04:00
Birkhoff
4382d750b4
Update openvpn-install.sh 2018-07-08 16:24:38 -04:00
Birkhoff
b5072b3e59
Customizable cipher mode 2018-07-08 16:22:47 -04:00
Birkhoff
0c37e41692
Customizable Key Renegotiation Period 2018-07-08 16:05:16 -04:00
Birkhoff
885dc56485
Update README.md 2018-07-07 21:54:08 -04:00
Birkhoff
89d8cbd89c
Update README.md 2018-07-07 15:35:19 -04:00
Birkhoff
e498844acf
Update README.md 2018-07-07 15:32:27 -04:00
Birkhoff
c09dcefff1
Renegotiate key every hour 2018-07-07 11:57:15 -04:00
Birkhoff
b652a20556
Update openvpn-install.sh 2018-07-07 11:51:19 -04:00
Nyr
cc81838501 Revert "Improve iptables configuration"
This reverts commit fdc2bfbdac.
2018-06-14 22:40:45 +02:00
Nyr
fdc2bfbdac Improve iptables configuration
See #464.
2018-06-08 17:46:09 +02:00
Nyr
b3953963ba Switch from /etc/sysctl.conf to systemd-sysctl 2018-06-08 16:07:49 +02:00
Nyr
6061a29028 Small UX improvements 2018-05-10 17:24:43 +02:00
Nyr
5b9f3b62b8
Merge pull request #460 from Kcchouette/patch-1
Fixes a typo.
2018-05-03 14:26:22 +02:00
Kcchouette
269551c25f
Update openvpn-install.sh 2018-05-03 11:03:15 +02:00
Nyr
d717353769 Cleanup
- SELinux in CentOS already has rules for both udp/1194 and tcp/1194,
so the protocol check was not needed.
- Remove unneeded arguments from some grep and rm commands.
2018-04-26 15:10:18 +02:00
Nyr
83234ddae4 Improve NAT detection
Cleaner and better:
- Not relying in an external service
- Avoids a false positive when the server has multiple public IPv4
addresses and the user selects one which is not the default gateway
2018-04-21 21:06:41 +02:00
Nyr
ff254aeb1e General cleanup 2018-04-21 20:41:16 +02:00
Nyr
cb28b57e09 Remove wget dependency in CentOS
curl is always included with CentOS and wget is always included with
Debian/Ubuntu. So it was useless to install wget in CentOS like we were
doing for those cases when it wasn't already installed. Now curl will
be used instead.
2018-04-19 21:25:18 +02:00
Nyr
2726a148ee Remove IP address detection fallback
It was never used, the one-liner is enough.
2018-04-19 21:00:58 +02:00
Nyr
cb2a5b8028 Clarify NAT configuration dialog
Closes #451.
2018-04-16 17:53:48 +02:00
Nyr
e73503054e Update DNS list
Added 1.1.1.1 and removed two mostly unpopular choices.

Currently discarded services are: Yandex, Neustar, NTT, HE, Quad9 and
Freenom World. The list was starting to get too big.
2018-04-04 17:28:09 +02:00
Nyr
30636c7bf6 Update README.md 2018-04-04 17:27:00 +02:00
Nyr
33452242a1 Fix system resolvers option for environments running systemd-resolved 2018-01-21 18:21:53 +01:00
Nyr
886f32c2da Update README.md 2018-01-21 17:55:00 +01:00
Nyr
02d634437b Update to easy-rsa v3.0.4 2018-01-21 17:54:33 +01:00
Nyr
0397827abe Resolves #353 2017-09-11 18:53:49 +02:00
Nyr
8f881565b7 Update to easy-rsa v3.0.3 2017-08-29 17:56:46 +02:00
Nyr
9c0579052f Fix #352
Set EASYRSA_CRL_DAYS to 3650 instead of the default 180.

OpenVPN 2.4+ enforces the nextUpdate value in the CRL as a hard limit,
and will not work if more than 6 months passed since it was generated.
2017-08-29 17:55:14 +02:00