From 684761015e18f458b124b4820fb17e7d3b49f54a Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Thu, 21 Jan 2016 11:50:35 -0600 Subject: [PATCH] Minor improvements and clean up --- vpnsetup.sh | 22 ++++++++++++++-------- vpnsetup_centos.sh | 28 +++++++++++++++++----------- vpnupgrade_Libreswan.sh | 16 ++++++---------- vpnupgrade_Libreswan_centos.sh | 22 +++++++++------------- 4 files changed, 46 insertions(+), 42 deletions(-) diff --git a/vpnsetup.sh b/vpnsetup.sh index 65c893e..1c761f4 100644 --- a/vpnsetup.sh +++ b/vpnsetup.sh @@ -17,12 +17,6 @@ # Attribution required: please include my name in any derivative and let me # know how you have improved it! -if [ "$(uname)" = "Darwin" ]; then - echo 'DO NOT run this script on your Mac! It should only be run on a newly-created EC2 instance' - echo 'or other dedicated server / VPS, after you have modified it to set the variables below.' - exit 1 -fi - # Please define your own values for these variables # - All values MUST be quoted using 'single quotes' # - DO NOT use these characters inside values: \ " ' @@ -34,6 +28,14 @@ VPN_PASSWORD='your_very_secure_password' # Be sure to read *important notes* at the URL below: # https://github.com/hwdsl2/setup-ipsec-vpn#important-notes +### Do not edit below this line + +if [ "$(uname)" = "Darwin" ]; then + echo 'DO NOT run this script on your Mac! It should only be run on a newly-created EC2 instance' + echo 'or other dedicated server / VPS, after you have modified it to set the variables above.' + exit 1 +fi + if [ "$(lsb_release -si 2>/dev/null)" != "Ubuntu" ] && [ "$(lsb_release -si 2>/dev/null)" != "Debian" ]; then echo "Looks like you aren't running this script on a Ubuntu or Debian system." exit 1 @@ -64,10 +66,10 @@ fi mkdir -p /opt/src cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; } -# Update package index and install wget, dig (dnsutils), sed and nano +# Update package index and install Wget and dig (dnsutils) export DEBIAN_FRONTEND=noninteractive apt-get -y update -apt-get -y install wget dnsutils sed nano +apt-get -y install wget dnsutils echo echo 'Please wait... Trying to find Public/Private IP of this server.' @@ -124,6 +126,10 @@ tar xvzf "$SWAN_FILE" && rm -f "$SWAN_FILE" cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Aborting."; exit 1; } make programs && make install +# Check if the install was successful +/usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}" +[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; } + # Prepare various config files # Create IPsec (Libreswan) configuration SYS_DT="$(/bin/date +%Y-%m-%d-%H:%M:%S)" diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh index 7bfa1cb..0be8cdd 100644 --- a/vpnsetup_centos.sh +++ b/vpnsetup_centos.sh @@ -16,12 +16,6 @@ # Attribution required: please include my name in any derivative and let me # know how you have improved it! -if [ "$(uname)" = "Darwin" ]; then - echo 'DO NOT run this script on your Mac! It should only be run on a dedicated server / VPS' - echo 'or a newly-created EC2 instance, after you have modified it to set the variables below.' - exit 1 -fi - # Please define your own values for these variables # - All values MUST be quoted using 'single quotes' # - DO NOT use these characters inside values: \ " ' @@ -33,6 +27,14 @@ VPN_PASSWORD='your_very_secure_password' # Be sure to read *important notes* at the URL below: # https://github.com/hwdsl2/setup-ipsec-vpn#important-notes +### Do not edit below this line + +if [ "$(uname)" = "Darwin" ]; then + echo 'DO NOT run this script on your Mac! It should only be run on a dedicated server / VPS' + echo 'or a newly-created EC2 instance, after you have modified it to set the variables above.' + exit 1 +fi + if [ ! -f /etc/redhat-release ]; then echo "Looks like you aren't running this script on a CentOS/RHEL system." exit 1 @@ -76,8 +78,8 @@ fi mkdir -p /opt/src cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; } -# Install wget, dig (bind-utils) and nano -yum -y install wget bind-utils nano +# Install Wget and dig (bind-utils) +yum -y install wget bind-utils echo echo 'Please wait... Trying to find Public/Private IP of this server.' @@ -163,6 +165,10 @@ tar xvzf "$SWAN_FILE" && rm -f "$SWAN_FILE" cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Aborting."; exit 1; } make programs && make install +# Check if the install was successful +/usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}" +[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; } + # Prepare various config files # Create IPsec (Libreswan) configuration SYS_DT="$(/bin/date +%Y-%m-%d-%H:%M:%S)" @@ -424,9 +430,9 @@ if [ ! -f /etc/ipsec.d/cert8.db ] ; then fi # Restore SELinux contexts -restorecon /etc/ipsec.d/*db 2>/dev/null -restorecon /usr/local/sbin -Rv 2>/dev/null -restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null +/sbin/restorecon /etc/ipsec.d/*db 2>/dev/null +/sbin/restorecon /usr/local/sbin -Rv 2>/dev/null +/sbin/restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null # Reload sysctl.conf /sbin/sysctl -p diff --git a/vpnupgrade_Libreswan.sh b/vpnupgrade_Libreswan.sh index 9a370e4..669ba5a 100644 --- a/vpnupgrade_Libreswan.sh +++ b/vpnupgrade_Libreswan.sh @@ -13,6 +13,8 @@ # Check https://libreswan.org and update version number if necessary SWAN_VER=3.16 +### Do not edit below this line + if [ "$(lsb_release -si 2>/dev/null)" != "Ubuntu" ] && [ "$(lsb_release -si 2>/dev/null)" != "Debian" ]; then echo "Looks like you aren't running this script on a Ubuntu or Debian system." exit 1 @@ -85,10 +87,10 @@ esac mkdir -p /opt/src cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; } -# Update package index and install wget and nano +# Update package index and install Wget export DEBIAN_FRONTEND=noninteractive apt-get -y update -apt-get -y install wget nano +apt-get -y install wget # Install necessary packages apt-get -y install libnss3-dev libnspr4-dev pkg-config libpam0g-dev \ @@ -110,15 +112,9 @@ make programs && make install # Restart IPsec service /usr/sbin/service ipsec restart -# Check if Libreswan install was successful +# Check if the install was successful /usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}" -if [ "$?" != "0" ]; then - echo - echo "Sorry, something went wrong." - echo "Libreswan ${SWAN_VER} was NOT installed successfully." - echo "Exiting script." - exit 1 -fi +[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; } echo echo "Congratulations! Libreswan ${SWAN_VER} was installed successfully!" diff --git a/vpnupgrade_Libreswan_centos.sh b/vpnupgrade_Libreswan_centos.sh index eca49ff..abac6c2 100644 --- a/vpnupgrade_Libreswan_centos.sh +++ b/vpnupgrade_Libreswan_centos.sh @@ -13,6 +13,8 @@ # Check https://libreswan.org and update version number if necessary SWAN_VER=3.16 +### Do not edit below this line + if [ ! -f /etc/redhat-release ]; then echo "Looks like you aren't running this script on a CentOS/RHEL system." exit 1 @@ -88,8 +90,8 @@ esac mkdir -p /opt/src cd /opt/src || { echo "Failed to change working directory to /opt/src. Aborting."; exit 1; } -# Install wget and nano -yum -y install wget nano +# Install Wget +yum -y install wget # Add the EPEL repository if grep -qs "release 6" /etc/redhat-release; then @@ -133,22 +135,16 @@ cd "libreswan-${SWAN_VER}" || { echo "Failed to enter Libreswan source dir. Abor make programs && make install # Restore SELinux contexts -restorecon /etc/ipsec.d/*db 2>/dev/null -restorecon /usr/local/sbin -Rv 2>/dev/null -restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null +/sbin/restorecon /etc/ipsec.d/*db 2>/dev/null +/sbin/restorecon /usr/local/sbin -Rv 2>/dev/null +/sbin/restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null # Restart IPsec service /sbin/service ipsec restart -# Check if Libreswan install was successful +# Check if the install was successful /usr/local/sbin/ipsec --version 2>/dev/null | grep -qs "${SWAN_VER}" -if [ "$?" != "0" ]; then - echo - echo "Sorry, something went wrong." - echo "Libreswan ${SWAN_VER} was NOT installed successfully." - echo "Exiting script." - exit 1 -fi +[ "$?" != "0" ] && { echo "Sorry, Libreswan ${SWAN_VER} failed to compile or install. Aborting."; exit 1; } echo echo "Congratulations! Libreswan ${SWAN_VER} was installed successfully!"