mirror/openvpn-install
1
0
Fork 0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-12-03 02:16:04 +03:00
Code Issues Projects Releases Wiki Activity
190 Commits 1 Branch 0 Tags 1.5 MiB
feb51617e6
Commit Graph

190 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Etzion Bar-Noy
feb51617e6
Merge pull request #2 from Nyr/master 
Update to easy-rsa v3.1.2
 2023-03-22 14:54:35 +02:00
Nyr
d4ae10ec25 Update to easy-rsa v3.1.2 2023-01-18 18:40:18 +01:00
Etzion Bar-Noy
1289fa813c
Merge branch 'Nyr:master' into master 2022-11-27 12:01:04 +02:00
Nyr
f943387083 Update to easy-rsa v3.1.1 
--no-install-recommends is now required for Debian:
https://github.com/OpenVPN/easy-rsa/issues/725
 2022-10-13 21:17:39 +02:00
Nyr
f2c44dea40 Change "block-outside-dns" placement 
This is mainly to work around a bug in Viscosity for macOS:
https://www.sparklabs.com/forum/viewtopic.php?t=3152
 2022-09-23 17:07:43 +02:00
Etzion Bar-Noy
72662214f8
Merge pull request #1 from Nyr/master 
Merging original repo head
 2022-09-08 07:46:50 +03:00
Nyr
d28c8e74e7 Fix resolv.conf detection 
Some systems have other DNS servers along with 127.0.0.53 in /etc/resolv.conf
 2022-08-21 20:33:34 +02:00
Nyr
1a118b72f8 Update README.md 2022-08-21 19:33:38 +02:00
Etzion Bar-Noy
fc8069d529
update README.md 
Reflecting the addition of OEL support
 2022-06-13 00:59:35 +03:00
Etzion Bar-Noy
71bfa04962
Add quick support for OEL8 
OEL8 behaves well (tested these changes), and requires only two minor changes.
 2022-06-13 00:58:51 +03:00
Nyr
c0a3562f64 Update to easy-rsa v3.1.0 2022-05-19 17:59:35 +02:00
Nyr
2c5bb08f4e Update to easy-rsa v3.0.9 2022-05-18 15:16:11 +02:00
Nyr
0709b9498c Update easy-rsa to v3.0.9-rc1 for Ubuntu 22.04 2022-05-05 11:44:36 +02:00
Nyr
a7474c95ca Restore git.io 
git.io will not stop functioning after all:
https://github.blog/changelog/2022-04-25-git-io-deprecation/?#changelog-64536
 2022-04-29 16:44:49 +02:00
Nyr
36f1d82cba Replace git.io 
git.io will stop functioning by the end of this workweek:
https://github.blog/changelog/2022-04-25-git-io-deprecation/
 2022-04-27 12:37:53 +02:00
Nyr
8b6c81f79e Ubuntu 22.04 support 2022-04-21 21:11:44 +02:00
Nyr
94c94bbbc9 Add support for AlmaLinux and Rocky Linux 
An unrelated fix to avoid one harmless warning during removal is also included.
 2021-09-03 18:58:25 +02:00
Nyr
2cce4599e2 Check for wget or curl 2021-08-16 20:22:36 +02:00
Nyr
4f737ac2f8
Merge pull request #849 from trivvz/patch-1 
Increase priority of openvpn-forward.conf
 2021-06-19 13:54:25 +02:00
Tomasz Wojdat
01b64d65c8
Increase priority of openvpn-forward.conf 
`30-openvpn-forward.conf` renamed to `99-openvpn-forward.conf`.
 2021-03-11 22:49:04 +01:00
Nyr
cb8730b621
Merge pull request #756 from randomshell/patch-2 
Use openvpn status path from systemd service
 2021-02-22 19:36:58 +01:00
Nyr
26e39cf4d7 Update AdGuard DNS IP 
AdGuard changed their DNS IP recently:
https://adguard.com/en/blog/adguard-dns-new-addresses.html

Thanks @trantuanminh1754 for noticing.
 2020-09-30 00:06:55 +02:00
Nyr
da299172df Update to easy-rsa v3.0.8 2020-09-09 23:18:31 +02:00
Nyr
7ddd20911b Bugfix 
-N is an illegal option for read in sh, so check if the user is using sh first.
 2020-07-18 18:50:59 +02:00
Nyr
3ba1308a50 Update README.md 2020-07-17 19:06:11 +02:00
Nyr
e32cb6db86 Update README.md 2020-07-17 19:04:07 +02:00
Nyr
13f8b2e00c resolv.conf parsing optimizations 2020-05-29 14:16:29 +02:00
Nyr
221319aa54 Fix #764 2020-05-28 21:29:53 +02:00
Nyr
9847d99849
Merge pull request #760 from sorcun/master 
egrep IP regex optimizations
 2020-05-28 20:38:43 +02:00
Nyr
366d46a8cc Fix #762 
Variables which can be empty, shouldn't be quoted in this situation.
 2020-05-25 17:23:55 +02:00
Orcun
ae7e6d7ae5 egrep IP regex optimizations 2020-05-23 13:52:26 +00:00
Nyr
bfdd480076 Add Quad9 DNS servers 2020-05-21 22:36:12 +02:00
Nyr
f737b02a9a Small style changes 2020-05-21 19:19:31 +02:00
Nyr
6f155b997d Grammar improvements 2020-05-20 23:33:16 +02:00
Nyr
e14c2359c8 Small improvements 2020-05-20 12:09:50 +02:00
Nyr
db0b51228b Fix TUN device check 
Fix for the mistaken stderr redirection, sorry about that. Also, run in a
subshell so we don't need to manually close the file descriptor.
 2020-05-15 18:19:24 +02:00
Nyr
d30e11d019 Improve TUN device check 
While it looks hackish, I don't think there's a better way (in Bash) to open
the /dev/net/tun character device.

Checking for presence of /dev/net/tun like were doing is not good enough.
 2020-05-14 19:05:05 +02:00
Nyr
b392e7da8b Improved easy-rsa setup 
No need to write the tarball to disk.
 2020-05-10 20:02:08 +02:00
Nyr
07249185dd Improve nf_tables test for OVZ 
This test is more reliable and flexible.
 2020-05-05 18:23:21 +02:00
Nyr
2852150a5b OpenVZ nf_tables workaround 
nf_tables is not available in old OpenVZ kernels, so we need to use
iptables-legacy instead.

This issue only affects Debian 10 as it is the only distribution using iptables
with a nf_tables backend by default.

This is supposedly resolved in the newest kernels: https://bit.ly/3fgNZCh

Additionally, a bugfix for the ip6tables path is also included.
 2020-05-05 16:47:25 +02:00
randomshell
025148c245
Use openvpn status path from systemd service 
The new systemd service at `/usr/lib/systemd/system/openvpn-server@.service` that comes with openvpn 2.4 includes the status option in `ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf`

Using this default allows to have multiple servers with their own status files and all in the same log directory. Example `/run/openvpn-server/status-server.log` `/run/openvpn-server/status-server2.log`
 2020-05-03 13:26:37 +00:00
Nyr
61549ffcef Improved firewall installation logic 
New logic makes way more sense:
- If either firewalld or iptables are present, use whatever we have
- If not, install firewalld in CentOS/Fedora and iptables in Debian/Ubuntu
 2020-05-01 17:52:12 +02:00
Nyr
ef30d9863c Improved firewall management 
- Always use firewalld for CentOS and Fedora
- Cleaner check to find out if firewalld is active
 2020-04-30 00:28:27 +02:00
Nyr
e0fa45b688 Fixes #642 2020-04-29 13:24:55 +02:00
Nyr
11b929ac82 Reworked OS detection 
- Made OS detection more flexible and fine-grained
- Fedora is now officially supported
 2020-04-24 17:48:24 +02:00
Nyr
f659724a6f Addresses #694 
- Use a checkip service which works fine over HTTP to avoid issues in systems
where ca-certificates is not available
- Increase timeout to 10 seconds, because the new service is a bit slower from
some locations
- Improve grep sanitization
 2020-04-21 16:45:49 +02:00
Nyr
cec053def4 Miscellaneous improvements 
- Fix #694: added sanitization during the public IP address configuration and
switch to AWS checkip since the Akamai service doesn't support HTTPS.
- Add validation to cover an unlikely case where: server is behind NAT,
checkip service is unreachable and user doesn't provide input when asked for
the public IP address or hostname.
- Other small improvements not worth describing in detail.
 2020-04-21 02:28:29 +02:00
Nyr
c6159aefb8 Update DNS providers 
- Verisign removed (performance is subpar compared to competitors)
- NTT is back (fast and reliable)
- AdGuard added (for ad blocking)
 2020-04-16 23:42:11 +02:00
Nyr
6f9daf49f5 Small style improvements 2020-04-16 23:33:14 +02:00
Nyr
5229459f99 IPv6 support 
Clients will be provided with IPv6 connectivity if the server has it.

Other very small and unimportant improvements are also included in this commit.
 2020-04-01 01:17:17 +02:00