1
0
mirror of synced 2024-11-21 20:46:10 +03:00

Update OS support

- Remove support for Ubuntu 18.04 and Debian 9, which reached EOL
  in June 2023 and July 2022, respectively.
- Cleanup
This commit is contained in:
hwdsl2 2024-04-14 11:31:33 -05:00
parent 25670f39e7
commit 1442e9f35c
3 changed files with 20 additions and 112 deletions

View File

@ -60,6 +60,9 @@ check_os() {
elif grep -q "release 8" "$rh_file"; then elif grep -q "release 8" "$rh_file"; then
os_ver=8 os_ver=8
grep -qi stream "$rh_file" && os_ver=8s grep -qi stream "$rh_file" && os_ver=8s
if [ "$os_type$os_ver" = "centos8" ]; then
exiterr "CentOS Linux 8 is EOL and not supported."
fi
elif grep -q "release 9" "$rh_file"; then elif grep -q "release 9" "$rh_file"; then
os_ver=9 os_ver=9
grep -qi stream "$rh_file" && os_ver=9s grep -qi stream "$rh_file" && os_ver=9s
@ -101,6 +104,14 @@ EOF
fi fi
else else
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
if [ "$os_ver" = 8 ] || [ "$os_ver" = 9 ] || [ "$os_ver" = "jessiesid" ] \
|| [ "$os_ver" = "bustersid" ]; then
cat 1>&2 <<EOF
Error: This script requires Debian >= 10 or Ubuntu >= 20.04.
This version of Ubuntu/Debian is too old and not supported.
EOF
exit 1
fi
fi fi
fi fi
} }
@ -157,7 +168,7 @@ confirm_or_abort() {
show_header() { show_header() {
cat <<'EOF' cat <<'EOF'
IKEv2 Script Copyright (c) 2020-2024 Lin Song 10 Apr 2024 IKEv2 Script Copyright (c) 2020-2024 Lin Song 14 Apr 2024
EOF EOF
} }
@ -1221,40 +1232,6 @@ EOF
fi fi
} }
apply_ubuntu1804_nss_fix() {
os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] && [ "$os_arch" = "x86_64" ] \
&& ! dpkg -l libnss3-dev 2>/dev/null | grep -qF '3.49.1'; then
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
nss_url1="https://mirrors.kernel.org/ubuntu/pool/main/n/nss"
nss_url2="https://mirrors.kernel.org/ubuntu/pool/universe/n/nss"
deb1="libnss3_3.49.1-1ubuntu1.9_amd64.deb"
deb2="libnss3-dev_3.49.1-1ubuntu1.9_amd64.deb"
deb3="libnss3-tools_3.49.1-1ubuntu1.9_amd64.deb"
bigecho2 "Applying fix for NSS bug on Ubuntu 18.04..."
mkdir -p /opt/src
cd /opt/src || exit 1
nss_dl=0
/bin/rm -f "$deb1" "$deb2" "$deb3"
export DEBIAN_FRONTEND=noninteractive
if wget -t 3 -T 30 -q "$base_url/$deb1" "$base_url/$deb2" "$base_url/$deb3"; then
apt-get -yqq update || apt-get -yqq update
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
/bin/rm -f "$deb1" "$deb2" "$deb3"
if wget -t 3 -T 30 -q "$nss_url1/$deb1" "$nss_url1/$deb2" "$nss_url2/$deb3"; then
apt-get -yqq update || apt-get -yqq update
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
nss_dl=1
echo "Error: Could not download NSS packages." >&2
fi
fi
/bin/rm -f "$deb1" "$deb2" "$deb3"
[ "$nss_dl" = 1 ] && exit 1
fi
}
restart_ipsec_service() { restart_ipsec_service() {
if [ "$in_container" = 0 ] || { [ "$in_container" = 1 ] && service ipsec status >/dev/null 2>&1; }; then if [ "$in_container" = 0 ] || { [ "$in_container" = 1 ] && service ipsec status >/dev/null 2>&1; }; then
bigecho2 "Restarting IPsec service..." bigecho2 "Restarting IPsec service..."
@ -1748,7 +1725,6 @@ ikev2setup() {
mobike_enable="$mobike_support" mobike_enable="$mobike_support"
fi fi
apply_ubuntu1804_nss_fix
create_ca_server_certs create_ca_server_certs
create_client_cert create_client_cert
export_client_config export_client_config

View File

@ -41,7 +41,6 @@ check_vz() {
check_os() { check_os() {
os_type=$(lsb_release -si 2>/dev/null) os_type=$(lsb_release -si 2>/dev/null)
os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
[ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID") [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
case $os_type in case $os_type in
[Uu]buntu) [Uu]buntu)
@ -58,14 +57,11 @@ check_os() {
;; ;;
esac esac
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
if [ "$os_ver" = 8 ] || [ "$os_ver" = "jessiesid" ]; then if [ "$os_ver" = 8 ] || [ "$os_ver" = 9 ] || [ "$os_ver" = "jessiesid" ] \
exiterr "Debian 8 or Ubuntu < 16.04 is not supported." || [ "$os_ver" = "bustersid" ]; then
fi
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] \
&& [ "$os_arch" != "x86_64" ]; then
cat 1>&2 <<EOF cat 1>&2 <<EOF
Error: For Ubuntu 18.04, this script supports only the x86_64 architecture. Error: This script requires Debian >= 10 or Ubuntu >= 20.04.
This system runs on $os_arch and is unsupported. This version of Ubuntu/Debian is too old and not supported.
EOF EOF
exit 1 exit 1
fi fi
@ -180,35 +176,6 @@ install_pkgs() {
) || exiterr2 ) || exiterr2
} }
install_nss_pkgs() {
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] && [ "$os_arch" = "x86_64" ] \
&& ! dpkg -l libnss3-dev 2>/dev/null | grep -qF '3.49.1'; then
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
nss_url1="https://mirrors.kernel.org/ubuntu/pool/main/n/nss"
nss_url2="https://mirrors.kernel.org/ubuntu/pool/universe/n/nss"
deb1="libnss3_3.49.1-1ubuntu1.9_amd64.deb"
deb2="libnss3-dev_3.49.1-1ubuntu1.9_amd64.deb"
deb3="libnss3-tools_3.49.1-1ubuntu1.9_amd64.deb"
bigecho "Installing NSS packages on Ubuntu 18.04..."
cd /opt/src || exit 1
nss_dl=0
/bin/rm -f "$deb1" "$deb2" "$deb3"
if wget -t 3 -T 30 -q "$base_url/$deb1" "$base_url/$deb2" "$base_url/$deb3"; then
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
/bin/rm -f "$deb1" "$deb2" "$deb3"
if wget -t 3 -T 30 -q "$nss_url1/$deb1" "$nss_url1/$deb2" "$nss_url2/$deb3"; then
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
nss_dl=1
echo "Error: Could not download NSS packages." >&2
fi
fi
/bin/rm -f "$deb1" "$deb2" "$deb3"
[ "$nss_dl" = 1 ] && exit 1
fi
}
get_libreswan() { get_libreswan() {
bigecho "Downloading Libreswan..." bigecho "Downloading Libreswan..."
cd /opt/src || exit 1 cd /opt/src || exit 1
@ -356,7 +323,6 @@ vpnupgrade() {
start_setup start_setup
update_apt_cache update_apt_cache
install_pkgs install_pkgs
install_nss_pkgs
get_libreswan get_libreswan
install_libreswan install_libreswan
update_ikev2_script update_ikev2_script

View File

@ -72,7 +72,6 @@ EOF
check_os() { check_os() {
os_type=$(lsb_release -si 2>/dev/null) os_type=$(lsb_release -si 2>/dev/null)
os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
[ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID") [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
case $os_type in case $os_type in
[Uu]buntu) [Uu]buntu)
@ -89,14 +88,11 @@ check_os() {
;; ;;
esac esac
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
if [ "$os_ver" = 8 ] || [ "$os_ver" = "jessiesid" ]; then if [ "$os_ver" = 8 ] || [ "$os_ver" = 9 ] || [ "$os_ver" = "jessiesid" ] \
exiterr "Debian 8 or Ubuntu < 16.04 is not supported." || [ "$os_ver" = "bustersid" ]; then
fi
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] \
&& [ "$os_arch" != "x86_64" ]; then
cat 1>&2 <<EOF cat 1>&2 <<EOF
Error: For Ubuntu 18.04, this script supports only the x86_64 architecture. Error: This script requires Debian >= 10 or Ubuntu >= 20.04.
This system runs on $os_arch and is unsupported. This version of Ubuntu/Debian is too old and not supported.
EOF EOF
exit 1 exit 1
fi fi
@ -273,35 +269,6 @@ install_vpn_pkgs() {
fi fi
} }
install_nss_pkgs() {
if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] && [ "$os_arch" = "x86_64" ] \
&& ! dpkg -l libnss3-dev 2>/dev/null | grep -qF '3.49.1'; then
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
nss_url1="https://mirrors.kernel.org/ubuntu/pool/main/n/nss"
nss_url2="https://mirrors.kernel.org/ubuntu/pool/universe/n/nss"
deb1="libnss3_3.49.1-1ubuntu1.9_amd64.deb"
deb2="libnss3-dev_3.49.1-1ubuntu1.9_amd64.deb"
deb3="libnss3-tools_3.49.1-1ubuntu1.9_amd64.deb"
bigecho "Installing NSS packages on Ubuntu 18.04..."
cd /opt/src || exit 1
nss_dl=0
/bin/rm -f "$deb1" "$deb2" "$deb3"
if wget -t 3 -T 30 -q "$base_url/$deb1" "$base_url/$deb2" "$base_url/$deb3"; then
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
/bin/rm -f "$deb1" "$deb2" "$deb3"
if wget -t 3 -T 30 -q "$nss_url1/$deb1" "$nss_url1/$deb2" "$nss_url2/$deb3"; then
apt-get -yqq install "./$deb1" "./$deb2" "./$deb3" >/dev/null
else
nss_dl=1
echo "Error: Could not download NSS packages." >&2
fi
fi
/bin/rm -f "$deb1" "$deb2" "$deb3"
[ "$nss_dl" = 1 ] && exit 1
fi
}
install_fail2ban() { install_fail2ban() {
bigecho "Installing Fail2Ban to protect SSH..." bigecho "Installing Fail2Ban to protect SSH..."
( (
@ -790,7 +757,6 @@ vpnsetup() {
install_setup_pkgs install_setup_pkgs
detect_ip detect_ip
install_vpn_pkgs install_vpn_pkgs
install_nss_pkgs
install_fail2ban install_fail2ban
get_helper_scripts get_helper_scripts
get_libreswan get_libreswan