1
0
mirror of synced 2024-11-24 05:46:09 +03:00

Compare commits

..

No commits in common. "2d4cf2cb8f35a18452b967f4b4c7d461b0cc4d24" and "56078b0a1ef7ed8f5a2606b5777540f26f96e2a9" have entirely different histories.

8 changed files with 26 additions and 80 deletions

View File

@ -130,33 +130,7 @@ sh vpn.sh
<details> <details>
<summary> <summary>
如果无法下载,请点这里。 可选:在安装 VPN 时自定义 IKEv2 选项。
</summary>
你也可以使用 `curl` 下载。例如:
```bash
curl -fL https://get.vpnsetup.net -o vpn.sh
sudo sh vpn.sh
```
或者,你也可以使用这些链接:
```bash
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
```
如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器。
</details>
#### 可选:在安装 VPN 时自定义 IKEv2 选项。
在安装 VPN 时,你可以自定义 IKEv2 选项。这是可选的。
<details>
<summary>
选项 1: 使用环境变量自定义 IKEv2 选项。
</summary> </summary>
在安装 VPN 时,你可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下: 在安装 VPN 时,你可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下:
@ -185,24 +159,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
</details> </details>
<details> <details>
<summary> <summary>
选项 2: 在安装 VPN 时跳过 IKEv2然后使用自定义选项配置 IKEv2 如果无法下载,请点这里
</summary> </summary>
在安装 VPN 时,你可以跳过 IKEv2仅安装 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式 你也可以使用 `curl` 下载。例如
```bash ```bash
sudo VPN_SKIP_IKEV2=yes sh vpn.sh curl -fL https://get.vpnsetup.net -o vpn.sh
sudo sh vpn.sh
``` ```
(可选)如需指定另外的 DNS 服务器,请参见上面的选项 1。 或者,你也可以使用这些链接:
然后运行 IKEv2 [辅助脚本](docs/ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 使用自定义选项以交互方式配置 IKEv2:
```bash ```bash
sudo ikev2.sh https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
``` ```
**注:** 如果服务器上已经配置了 IKEv2`VPN_SKIP_IKEV2` 变量无效。在这种情况下,如需自定义 IKEv2 选项,你可以首先 [移除 IKEv2](docs/ikev2-howto-zh.md#移除-ikev2),然后运行 `sudo ikev2.sh` 重新配置 如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器
</details> </details>
## 下一步 ## 下一步

View File

@ -130,33 +130,7 @@ After setup, you may optionally install [WireGuard](https://github.com/hwdsl2/wi
<details> <details>
<summary> <summary>
Click here if you are unable to download. Optional: Customize IKEv2 options during VPN setup.
</summary>
You may also use `curl` to download. For example:
```bash
curl -fL https://get.vpnsetup.net -o vpn.sh
sudo sh vpn.sh
```
Alternative setup URLs:
```bash
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
```
If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
</details>
#### Optional: Customize IKEv2 options during VPN setup.
When installing the VPN, you can optionally customize IKEv2 options.
<details>
<summary>
Option 1: Customize IKEv2 options using environment variables.
</summary> </summary>
When installing the VPN, you can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example: When installing the VPN, you can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example:
@ -185,24 +159,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
</details> </details>
<details> <details>
<summary> <summary>
Option 2: Skip IKEv2 during VPN setup, then set up IKEv2 using custom options. Click here if you are unable to download.
</summary> </summary>
When installing the VPN, you can skip IKEv2 and only install the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes: You may also use `curl` to download. For example:
```bash ```bash
sudo VPN_SKIP_IKEV2=yes sh vpn.sh curl -fL https://get.vpnsetup.net -o vpn.sh
sudo sh vpn.sh
``` ```
(Optional) If you want to specify custom DNS server(s), refer to option 1 above. Alternative setup URLs:
After that, run the IKEv2 [helper script](docs/ikev2-howto.md#set-up-ikev2-using-helper-script) to set up IKEv2 interactively using custom options:
```bash ```bash
sudo ikev2.sh https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
``` ```
**Note:** The `VPN_SKIP_IKEV2` variable has no effect if IKEv2 is already set up on the server. In that case, to customize IKEv2 options, you can first [remove IKEv2](docs/ikev2-howto.md#remove-ikev2), then set it up again using `sudo ikev2.sh`. If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
</details> </details>
## Next steps ## Next steps

View File

@ -188,7 +188,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }
@ -266,8 +266,7 @@ run_setup() {
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \ if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \ || wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then || curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" \ VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
VPN_PASSWORD="$VPN_PASSWORD" \
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \ VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \ VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \ VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \

View File

@ -188,7 +188,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }
@ -266,8 +266,7 @@ run_setup() {
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \ if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \ || wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then || curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" \ VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
VPN_PASSWORD="$VPN_PASSWORD" \
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \ VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \ VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \ VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \

View File

@ -130,7 +130,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }

View File

@ -112,7 +112,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }

View File

@ -158,7 +158,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }

View File

@ -149,7 +149,7 @@ check_dns() {
check_server_dns() { check_server_dns() {
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)." exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
fi fi
} }