1
0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-24 05:56:08 +03:00
Commit Graph

146 Commits

Author SHA1 Message Date
Chris Xiao
e52970decc
fixed formatting in documentation 2018-07-24 23:25:48 -04:00
Chris Xiao
3126e9f439
separated documentation files 2018-07-24 23:21:46 -04:00
Chris Xiao
f6c1cd5519
Updated README 2018-07-24 17:07:28 -04:00
Chris Xiao
9eba8d40ce
Fixed a stunnel-related bug; Updated README
stunnel may fail to launch in CentOS with 'setuid' and 'setgid', so I removed those from the config files. Users are now asked to run stunnel with sudo.
2018-07-23 23:07:23 -04:00
Birkhoff
987556aa66
Update README.md 2018-07-14 16:54:34 -04:00
Birkhoff
fd6ba7bd36
Start stunnel on startup 2018-07-11 19:14:18 -04:00
Birkhoff
c5ad0c95e5
Update openvpn-install.sh 2018-07-11 17:34:03 -04:00
Birkhoff
233c460466
Remove stunnel 2018-07-11 17:24:55 -04:00
Birkhoff
06497c24af
Bingo! 2018-07-11 17:22:51 -04:00
Birkhoff
ead883b476
Update filename 2018-07-11 14:48:08 -04:00
Birkhoff
b233ddbfc9
Some slight modifications, client still does not work. 2018-07-11 14:28:52 -04:00
Birkhoff
86a155b4bb
Server works, but client doesn't 2018-07-11 14:14:03 -04:00
Birkhoff
bb6f9ecd78
Buggy Stunnel 2018-07-11 01:18:45 -04:00
Birkhoff
4ce8bbc91b
Rename LICENSE.txt to LICENSE 2018-07-09 18:53:55 -04:00
Birkhoff
5082770598
Update LICENSE.txt 2018-07-09 18:53:34 -04:00
Birkhoff
fc709b79f6
Remove -O 2018-07-08 19:38:29 -04:00
Birkhoff
f6c1456631
Use original URL 2018-07-08 19:37:17 -04:00
Birkhoff
13480ce960
Update LICENSE.txt 2018-07-08 16:25:20 -04:00
Birkhoff
4382d750b4
Update openvpn-install.sh 2018-07-08 16:24:38 -04:00
Birkhoff
b5072b3e59
Customizable cipher mode 2018-07-08 16:22:47 -04:00
Birkhoff
0c37e41692
Customizable Key Renegotiation Period 2018-07-08 16:05:16 -04:00
Birkhoff
885dc56485
Update README.md 2018-07-07 21:54:08 -04:00
Birkhoff
89d8cbd89c
Update README.md 2018-07-07 15:35:19 -04:00
Birkhoff
e498844acf
Update README.md 2018-07-07 15:32:27 -04:00
Birkhoff
c09dcefff1
Renegotiate key every hour 2018-07-07 11:57:15 -04:00
Birkhoff
b652a20556
Update openvpn-install.sh 2018-07-07 11:51:19 -04:00
Nyr
cc81838501 Revert "Improve iptables configuration"
This reverts commit fdc2bfbdac.
2018-06-14 22:40:45 +02:00
Nyr
fdc2bfbdac Improve iptables configuration
See #464.
2018-06-08 17:46:09 +02:00
Nyr
b3953963ba Switch from /etc/sysctl.conf to systemd-sysctl 2018-06-08 16:07:49 +02:00
Nyr
6061a29028 Small UX improvements 2018-05-10 17:24:43 +02:00
Nyr
5b9f3b62b8
Merge pull request #460 from Kcchouette/patch-1
Fixes a typo.
2018-05-03 14:26:22 +02:00
Kcchouette
269551c25f
Update openvpn-install.sh 2018-05-03 11:03:15 +02:00
Nyr
d717353769 Cleanup
- SELinux in CentOS already has rules for both udp/1194 and tcp/1194,
so the protocol check was not needed.
- Remove unneeded arguments from some grep and rm commands.
2018-04-26 15:10:18 +02:00
Nyr
83234ddae4 Improve NAT detection
Cleaner and better:
- Not relying in an external service
- Avoids a false positive when the server has multiple public IPv4
addresses and the user selects one which is not the default gateway
2018-04-21 21:06:41 +02:00
Nyr
ff254aeb1e General cleanup 2018-04-21 20:41:16 +02:00
Nyr
cb28b57e09 Remove wget dependency in CentOS
curl is always included with CentOS and wget is always included with
Debian/Ubuntu. So it was useless to install wget in CentOS like we were
doing for those cases when it wasn't already installed. Now curl will
be used instead.
2018-04-19 21:25:18 +02:00
Nyr
2726a148ee Remove IP address detection fallback
It was never used, the one-liner is enough.
2018-04-19 21:00:58 +02:00
Nyr
cb2a5b8028 Clarify NAT configuration dialog
Closes #451.
2018-04-16 17:53:48 +02:00
Nyr
e73503054e Update DNS list
Added 1.1.1.1 and removed two mostly unpopular choices.

Currently discarded services are: Yandex, Neustar, NTT, HE, Quad9 and
Freenom World. The list was starting to get too big.
2018-04-04 17:28:09 +02:00
Nyr
30636c7bf6 Update README.md 2018-04-04 17:27:00 +02:00
Nyr
33452242a1 Fix system resolvers option for environments running systemd-resolved 2018-01-21 18:21:53 +01:00
Nyr
886f32c2da Update README.md 2018-01-21 17:55:00 +01:00
Nyr
02d634437b Update to easy-rsa v3.0.4 2018-01-21 17:54:33 +01:00
Nyr
0397827abe Resolves #353 2017-09-11 18:53:49 +02:00
Nyr
8f881565b7 Update to easy-rsa v3.0.3 2017-08-29 17:56:46 +02:00
Nyr
9c0579052f Fix #352
Set EASYRSA_CRL_DAYS to 3650 instead of the default 180.

OpenVPN 2.4+ enforces the nextUpdate value in the CRL as a hard limit,
and will not work if more than 6 months passed since it was generated.
2017-08-29 17:55:14 +02:00
Nyr
b2d8c73e1b Debian 9 compatibility and small bug fixes
- Removed Debian 9 compatibility warning
- openvpn-blacklist is no longer uninstalled on removal
- Improvement: removal of /usr/share/doc/openvpn* hasn't been needed
for years
- Fixed: live iptables removal was failing for Debian since
6d51476047
2017-06-20 19:19:10 +02:00
Nyr
82776145f2 Add temporal warning for Debian Stretch users 2017-06-18 17:58:53 +02:00
Nyr
c0f0d47a64 Upgrade HMAC digest algorithm to SHA-512
This was long overdue for compatibility reasons. My decision to force
the upgrade now, has been made following recomendations published in
the OpenVPN 2.4 audit performed by Cryptography Engineering LLC.
2017-06-04 13:16:57 +02:00
Nyr
bcca288029 Offer updated 2017-05-30 15:15:14 +02:00