mirror/setup-ipsec-vpn
1
0
Fork 0
mirror of synced 2024-11-25 22:36:04 +03:00
Code Issues Projects Releases Wiki Activity

Minor improvements and clean up

Browse Source
This commit is contained in:
hwdsl2 2016-05-21 03:59:08 -05:00
parent 59a914ec6d
commit 8628301d28
4 changed files with 112 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
extras/vpnupgrade_Libreswan.sh
View File

@ -58,20 +58,23 @@ fi
clear clear
echo "Welcome! This script will build and install Libreswan $SWAN_VER on your server." cat <<EOF
echo "Additional packages required for Libreswan compilation will also be installed." Welcome! This script will build and install Libreswan $SWAN_VER on your server.
echo Additional packages required for Libreswan compilation will also be installed.
echo "This is intended for use on servers running an older version of Libreswan."
echo "Your existing VPN configuration files will NOT be modified." This is intended for use on servers running an older version of Libreswan.
Your existing VPN configuration files will NOT be modified.
EOF
if [ "$(sed 's/\..*//' /etc/debian_version)" = "7" ]; then if [ "$(sed 's/\..*//' /etc/debian_version)" = "7" ]; then
echo cat <<'EOF'
echo 'IMPORTANT: Workaround required for Debian 7 (Wheezy).' IMPORTANT: Workaround required for Debian 7 (Wheezy).
echo 'First, run the script at: https://git.io/vpndebian7' First, run the script at: https://git.io/vpndebian7
echo 'Continue only after completing this workaround.' Continue only after completing this workaround.
EOF
fi fi
echo
printf "Do you wish to continue? [y/N] " printf "Do you wish to continue? [y/N] "
read -r response read -r response
case $response in case $response in
@ -126,4 +129,5 @@ service ipsec restart
echo echo
echo "Libreswan $SWAN_VER was installed successfully! " echo "Libreswan $SWAN_VER was installed successfully! "
echo echo
exit 0 exit 0

15
extras/vpnupgrade_Libreswan_centos.sh
View File

@ -67,13 +67,15 @@ fi
clear clear
echo "Welcome! This script will build and install Libreswan $SWAN_VER on your server." cat <<EOF
echo "Additional packages required for Libreswan compilation will also be installed." Welcome! This script will build and install Libreswan $SWAN_VER on your server.
echo Additional packages required for Libreswan compilation will also be installed.
echo "This is intended for use on servers running an older version of Libreswan."
echo "Your existing VPN configuration files will NOT be modified." This is intended for use on servers running an older version of Libreswan.
Your existing VPN configuration files will NOT be modified.
EOF
echo
printf "Do you wish to continue? [y/N] " printf "Do you wish to continue? [y/N] "
read -r response read -r response
case $response in case $response in
@ -149,4 +151,5 @@ service ipsec restart
echo echo
echo "Libreswan $SWAN_VER was installed successfully! " echo "Libreswan $SWAN_VER was installed successfully! "
echo echo
exit 0 exit 0

87
vpnsetup.sh
View File

@ -18,9 +18,9 @@
# ===================================================== # =====================================================
# Define your own values for these variables # Define your own values for these variables
# - IPsec pre-shared key, VPN username and password
# - All values MUST be quoted using 'single quotes' # - All values MUST be quoted using 'single quotes'
# - DO NOT use these characters inside values: \ " ' # - DO NOT use these characters inside values: \ " '
# - IPsec Pre-Shared Key, VPN Username and Password
VPN_IPSEC_PSK=$VPN_IPSEC_PSK VPN_IPSEC_PSK=$VPN_IPSEC_PSK
VPN_USER=$VPN_USER VPN_USER=$VPN_USER
@ -46,7 +46,7 @@ fi
if [ -f /proc/user_beancounters ]; then if [ -f /proc/user_beancounters ]; then
echo "This script does NOT support OpenVZ VPS." echo "This script does NOT support OpenVZ VPS."
echo "Try: https://github.com/Nyr/openvpn-install" echo "Try alternative: https://github.com/Nyr/openvpn-install"
exit 1 exit 1
fi fi
@ -56,11 +56,13 @@ if [ "$(id -u)" != 0 ]; then
fi fi
if [ ! -f /sys/class/net/eth0/operstate ]; then if [ ! -f /sys/class/net/eth0/operstate ]; then
echo "Network interface 'eth0' is not available. Aborting." cat <<'EOF'
echo Network interface 'eth0' is not available. Aborting.
echo "Run 'cat /proc/net/dev' to find the name of the active network interface,"
echo "then search and replace ALL 'eth0' and 'eth+' in this script with that name." Run 'cat /proc/net/dev' to find the name of the active network interface,
exit 1 then search and replace ALL 'eth0' and 'eth+' in this script with that name.
EOF
exit 1
fi fi
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
@ -75,6 +77,7 @@ if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
fi fi
echo "VPN setup in progress... Please be patient." echo "VPN setup in progress... Please be patient."
echo
# Create and change to working dir # Create and change to working dir
mkdir -p /opt/src mkdir -p /opt/src
@ -89,21 +92,25 @@ apt-get -yq install wget dnsutils openssl
apt-get -yq install iproute gawk grep sed net-tools apt-get -yq install iproute gawk grep sed net-tools
if [ "$(sed 's/\..*//' /etc/debian_version)" = "7" ]; then if [ "$(sed 's/\..*//' /etc/debian_version)" = "7" ]; then
echo cat <<'EOF'
echo 'IMPORTANT: Workaround required for Debian 7 (Wheezy).'
echo 'First, run the script at: https://git.io/vpndebian7' IMPORTANT: Workaround required for Debian 7 (Wheezy).
echo 'If not already done so, press Ctrl-C to interrupt.' First, run the script at: https://git.io/vpndebian7
echo If not already done so, press Ctrl-C to interrupt.
echo 'Pausing for 30 seconds ...'
sleep 30 Pausing for 60 seconds...
EOF
sleep 60
fi fi
echo cat <<'EOF'
echo 'Trying to find Public/Private IP of this server...'
echo Trying to find Public/Private IP of this server...
echo 'In case the script hangs here for more than a few minutes,'
echo 'use Ctrl-C to interrupt. Then edit it and manually enter IPs.' In case the script hangs here for more than a few minutes,
echo use Ctrl-C to interrupt. Then edit it and manually enter IPs.
EOF
# In case auto IP discovery fails, you may manually enter server IPs here. # In case auto IP discovery fails, you may manually enter server IPs here.
# If your server only has a public IP, put that public IP on both lines. # If your server only has a public IP, put that public IP on both lines.
@ -447,24 +454,26 @@ service fail2ban restart
service ipsec restart service ipsec restart
service xl2tpd restart service xl2tpd restart
echo cat <<EOF
echo '================================================'
echo ================================================
echo 'IPsec/L2TP VPN server setup is complete!'
echo IPsec/L2TP VPN server setup is complete!
echo 'Connect to your new VPN with these details:'
echo Connect to your new VPN with these details:
echo "Server IP: $PUBLIC_IP"
echo "IPsec PSK: $VPN_IPSEC_PSK" Server IP: $PUBLIC_IP
echo "Username: $VPN_USER" IPsec PSK: $VPN_IPSEC_PSK
echo "Password: $VPN_PASSWORD" Username: $VPN_USER
echo Password: $VPN_PASSWORD
echo "Write these down. You'll need them to connect! "
echo Write these down. You'll need them to connect!
echo 'Important Notes: https://git.io/vpnnotes'
echo 'Setup VPN Clients: https://git.io/vpnclients' Important Notes: https://git.io/vpnnotes
echo Setup VPN Clients: https://git.io/vpnclients
echo '================================================'
echo ================================================
EOF
exit 0 exit 0

71
vpnsetup_centos.sh
View File

@ -18,9 +18,9 @@
# ===================================================== # =====================================================
# Define your own values for these variables # Define your own values for these variables
# - IPsec pre-shared key, VPN username and password
# - All values MUST be quoted using 'single quotes' # - All values MUST be quoted using 'single quotes'
# - DO NOT use these characters inside values: \ " ' # - DO NOT use these characters inside values: \ " '
# - IPsec Pre-Shared Key, VPN Username and Password
VPN_IPSEC_PSK=$VPN_IPSEC_PSK VPN_IPSEC_PSK=$VPN_IPSEC_PSK
VPN_USER=$VPN_USER VPN_USER=$VPN_USER
@ -55,7 +55,7 @@ fi
if [ -f /proc/user_beancounters ]; then if [ -f /proc/user_beancounters ]; then
echo "This script does NOT support OpenVZ VPS." echo "This script does NOT support OpenVZ VPS."
echo "Try: https://github.com/Nyr/openvpn-install" echo "Try alternative: https://github.com/Nyr/openvpn-install"
exit 1 exit 1
fi fi
@ -65,11 +65,13 @@ if [ "$(id -u)" != 0 ]; then
fi fi
if [ ! -f /sys/class/net/eth0/operstate ]; then if [ ! -f /sys/class/net/eth0/operstate ]; then
echo "Network interface 'eth0' is not available. Aborting." cat <<'EOF'
echo Network interface 'eth0' is not available. Aborting.
echo "Run 'cat /proc/net/dev' to find the name of the active network interface,"
echo "then search and replace ALL 'eth0' and 'eth+' in this script with that name." Run 'cat /proc/net/dev' to find the name of the active network interface,
exit 1 then search and replace ALL 'eth0' and 'eth+' in this script with that name.
EOF
exit 1
fi fi
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
@ -84,6 +86,7 @@ if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
fi fi
echo "VPN setup in progress... Please be patient." echo "VPN setup in progress... Please be patient."
echo
# Create and change to working dir # Create and change to working dir
mkdir -p /opt/src mkdir -p /opt/src
@ -93,12 +96,14 @@ cd /opt/src || exit 1
yum -y install wget bind-utils openssl yum -y install wget bind-utils openssl
yum -y install iproute gawk grep sed net-tools yum -y install iproute gawk grep sed net-tools
echo cat <<'EOF'
echo 'Trying to find Public/Private IP of this server...'
echo Trying to find Public/Private IP of this server...
echo 'In case the script hangs here for more than a few minutes,'
echo 'use Ctrl-C to interrupt. Then edit it and manually enter IPs.' In case the script hangs here for more than a few minutes,
echo use Ctrl-C to interrupt. Then edit it and manually enter IPs.
EOF
# In case auto IP discovery fails, you may manually enter server IPs here. # In case auto IP discovery fails, you may manually enter server IPs here.
# If your server only has a public IP, put that public IP on both lines. # If your server only has a public IP, put that public IP on both lines.
@ -462,24 +467,26 @@ service fail2ban restart
service ipsec restart service ipsec restart
service xl2tpd restart service xl2tpd restart
echo cat <<EOF
echo '================================================'
echo ================================================
echo 'IPsec/L2TP VPN server setup is complete!'
echo IPsec/L2TP VPN server setup is complete!
echo 'Connect to your new VPN with these details:'
echo Connect to your new VPN with these details:
echo "Server IP: $PUBLIC_IP"
echo "IPsec PSK: $VPN_IPSEC_PSK" Server IP: $PUBLIC_IP
echo "Username: $VPN_USER" IPsec PSK: $VPN_IPSEC_PSK
echo "Password: $VPN_PASSWORD" Username: $VPN_USER
echo Password: $VPN_PASSWORD
echo "Write these down. You'll need them to connect! "
echo Write these down. You'll need them to connect!
echo 'Important Notes: https://git.io/vpnnotes'
echo 'Setup VPN Clients: https://git.io/vpnclients' Important Notes: https://git.io/vpnnotes
echo Setup VPN Clients: https://git.io/vpnclients
echo '================================================'
echo ================================================
EOF
exit 0 exit 0