Minor improvements and clean up

vpnsetup.sh

@@ -17,12 +17,6 @@
 # Attribution required: please include my name in any derivative and let me
 # know how you have improved it! 
 
-if [ "$(uname)" = "Darwin" ]; then
-  echo 'DO NOT run this script on your Mac! It should only be run on a newly-created EC2 instance'
-  echo 'or other dedicated server / VPS, after you have modified it to set the variables below.'
-  exit 1
-fi
-
 # Please define your own values for these variables
 # - All values MUST be quoted using 'single quotes'
 # - DO NOT use these characters inside values:  \ " '
@@ -34,6 +28,14 @@ VPN_PASSWORD='your_very_secure_password'
 # Be sure to read *important notes* at the URL below:
 # https://github.com/hwdsl2/setup-ipsec-vpn#important-notes
 
+### Do not edit below this line
+
+if [ "$(uname)" = "Darwin" ]; then
+  echo 'DO NOT run this script on your Mac! It should only be run on a newly-created EC2 instance'
+  echo 'or other dedicated server / VPS, after you have modified it to set the variables above.'
+  exit 1
+fi
+
 if [ "$(lsb_release -si 2>/dev/null)" != "Ubuntu" ] && [ "$(lsb_release -si 2>/dev/null)" != "Debian" ]; then
   echo "Looks like you aren't running this script on a Ubuntu or Debian system."
   exit 1
@@ -64,10 +66,10 @@ fi
 mkdir -p /opt/src
 cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; }
 
-# Update package index and install wget, dig (dnsutils), sed and nano
+# Update package index and install Wget and dig (dnsutils)
 export DEBIAN_FRONTEND=noninteractive
 apt-get -y update
-apt-get -y install wget dnsutils sed nano
+apt-get -y install wget dnsutils
 
 echo
 echo 'Please wait... Trying to find Public/Private IP of this server.'
@@ -124,6 +126,10 @@ tar xvzf "$SWAN_FILE" && rm -f "$SWAN_FILE"
 cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Aborting."; exit 1; }
 make programs && make install
 
+# Check if the install was successful
+/usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}"
+[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; }
+
 # Prepare various config files
 # Create IPsec (Libreswan) configuration
 SYS_DT="$(/bin/date +%Y-%m-%d-%H:%M:%S)"

vpnsetup_centos.sh

@@ -16,12 +16,6 @@
 # Attribution required: please include my name in any derivative and let me
 # know how you have improved it! 
 
-if [ "$(uname)" = "Darwin" ]; then
-  echo 'DO NOT run this script on your Mac! It should only be run on a dedicated server / VPS'
-  echo 'or a newly-created EC2 instance, after you have modified it to set the variables below.'
-  exit 1
-fi
-
 # Please define your own values for these variables
 # - All values MUST be quoted using 'single quotes'
 # - DO NOT use these characters inside values:  \ " '
@@ -33,6 +27,14 @@ VPN_PASSWORD='your_very_secure_password'
 # Be sure to read *important notes* at the URL below:
 # https://github.com/hwdsl2/setup-ipsec-vpn#important-notes
 
+### Do not edit below this line
+
+if [ "$(uname)" = "Darwin" ]; then
+  echo 'DO NOT run this script on your Mac! It should only be run on a dedicated server / VPS'
+  echo 'or a newly-created EC2 instance, after you have modified it to set the variables above.'
+  exit 1
+fi
+
 if [ ! -f /etc/redhat-release ]; then
   echo "Looks like you aren't running this script on a CentOS/RHEL system."
   exit 1
@@ -76,8 +78,8 @@ fi
 mkdir -p /opt/src
 cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; }
 
-# Install wget, dig (bind-utils) and nano
-yum -y install wget bind-utils nano
+# Install Wget and dig (bind-utils)
+yum -y install wget bind-utils
 
 echo
 echo 'Please wait... Trying to find Public/Private IP of this server.'
@@ -163,6 +165,10 @@ tar xvzf "$SWAN_FILE" && rm -f "$SWAN_FILE"
 cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Aborting."; exit 1; }
 make programs && make install
 
+# Check if the install was successful
+/usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}"
+[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; }
+
 # Prepare various config files
 # Create IPsec (Libreswan) configuration
 SYS_DT="$(/bin/date +%Y-%m-%d-%H:%M:%S)"
@@ -424,9 +430,9 @@ if [ ! -f /etc/ipsec.d/cert8.db ] ; then
 fi
 
 # Restore SELinux contexts
-restorecon /etc/ipsec.d/*db 2>/dev/null
-restorecon /usr/local/sbin -Rv 2>/dev/null
-restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
+/sbin/restorecon /etc/ipsec.d/*db 2>/dev/null
+/sbin/restorecon /usr/local/sbin -Rv 2>/dev/null
+/sbin/restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
 
 # Reload sysctl.conf
 /sbin/sysctl -p

vpnupgrade_Libreswan.sh

@@ -13,6 +13,8 @@
 # Check https://libreswan.org and update version number if necessary
 SWAN_VER=3.16
 
+### Do not edit below this line
+
 if [ "$(lsb_release -si 2>/dev/null)" != "Ubuntu" ] && [ "$(lsb_release -si 2>/dev/null)" != "Debian" ]; then
   echo "Looks like you aren't running this script on a Ubuntu or Debian system."
   exit 1
@@ -85,10 +87,10 @@ esac
 mkdir -p /opt/src
 cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; }
 
-# Update package index and install wget and nano
+# Update package index and install Wget
 export DEBIAN_FRONTEND=noninteractive
 apt-get -y update
-apt-get -y install wget nano
+apt-get -y install wget
 
 # Install necessary packages
 apt-get -y install libnss3-dev libnspr4-dev pkg-config libpam0g-dev \
@@ -110,15 +112,9 @@ make programs && make install
 # Restart IPsec service
 /usr/sbin/service ipsec restart
 
-# Check if Libreswan install was successful
+# Check if the install was successful
 /usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}"
-if [ "$?" != "0" ]; then
-  echo
-  echo "Sorry, something went wrong."
-  echo "Libreswan ${SWAN_VER} was NOT installed successfully."
-  echo "Exiting script."
-  exit 1
-fi
+[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; }
 
 echo
 echo "Congratulations! Libreswan ${SWAN_VER} was installed successfully!"

vpnupgrade_Libreswan_centos.sh

@@ -13,6 +13,8 @@
 # Check https://libreswan.org and update version number if necessary
 SWAN_VER=3.16
 
+### Do not edit below this line
+
 if [ ! -f /etc/redhat-release ]; then
   echo "Looks like you aren't running this script on a CentOS/RHEL system."
   exit 1
@@ -88,8 +90,8 @@ esac
 mkdir -p /opt/src
 cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; }
 
-# Install wget and nano
-yum -y install wget nano
+# Install Wget
+yum -y install wget
 
 # Add the EPEL repository
 if grep -qs "release 6" /etc/redhat-release; then
@@ -133,22 +135,16 @@ cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Abor
 make programs && make install
 
 # Restore SELinux contexts
-restorecon /etc/ipsec.d/*db 2>/dev/null
-restorecon /usr/local/sbin -Rv 2>/dev/null
-restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
+/sbin/restorecon /etc/ipsec.d/*db 2>/dev/null
+/sbin/restorecon /usr/local/sbin -Rv 2>/dev/null
+/sbin/restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
 
 # Restart IPsec service
 /sbin/service ipsec restart
 
-# Check if Libreswan install was successful
+# Check if the install was successful
 /usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}"
-if [ "$?" != "0" ]; then
-  echo
-  echo "Sorry, something went wrong."
-  echo "Libreswan ${SWAN_VER} was NOT installed successfully."
-  echo "Exiting script."
-  exit 1
-fi
+[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; }
 
 echo
 echo "Congratulations! Libreswan ${SWAN_VER} was installed successfully!"