Support auto install

- Support automatic install using default options. To do this, users can add the argument "--auto" when running the script. - Cleanup
2024-07-02 17:55:47 +02:00 · 2022-10-01 14:50:01 -05:00 · 2022-10-01 14:50:01 -05:00 · 01865085c6
commit 01865085c6
parent 1b20eadf22
1 changed files with 136 additions and 73 deletions
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@ -120,12 +120,12 @@ find_public_ip() {
 	fi
 }

-abort_and_exit () {
+abort_and_exit() {
 	echo "Abort. No changes were made." >&2
 	exit 1
 }

-get_export_dir () {
+get_export_dir() {
 	export_to_home_dir=0
 	export_dir=~/
 	if [ -n "$SUDO_USER" ] && getent group "$SUDO_USER" >/dev/null 2>&1; then
@ -137,7 +137,7 @@ get_export_dir () {
 	fi
 }

-update_sysctl () {
+update_sysctl() {
 	# Enable net.ipv4.ip_forward for the system
 	echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/99-openvpn-forward.conf
 	if [[ -n "$ip6" ]]; then
@ -166,7 +166,7 @@ EOF
 	sysctl -e -q -p /etc/sysctl.d/99-openvpn-optimize.conf
 }

-new_client () {
+new_client() {
 	get_export_dir
 	# Generates the custom client.ovpn
 	{
@ -198,10 +198,25 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 			exit 1
 		fi
 	fi
+	auto=0
+	while [ "$#" -gt 0 ]; do
+		case $1 in
+			--auto)
+				auto=1
+				shift
+				;;
+			*)
+				echo "Unknown parameter: $1" >&2
+				exit 1
+				;;
+		esac
+	done
 	# Detect some Debian minimal setups where neither wget nor curl are installed
 	if ! hash wget 2>/dev/null && ! hash curl 2>/dev/null; then
-		echo "Wget is required to use this installer."
-		read -n1 -r -p "Press any key to install Wget and continue..."
+		if [ "$auto" = 0 ]; then
+			echo "Wget is required to use this installer."
+			read -n1 -r -p "Press any key to install Wget and continue..."
+		fi
 		export DEBIAN_FRONTEND=noninteractive
 		(
 			set -x
@ -209,11 +224,16 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 			apt-get -yqq install wget >/dev/null
 		) || exit 1
 	fi
-	echo
-	echo 'Welcome to this OpenVPN server installer!'
-	echo
-	echo 'I need to ask you a few questions before starting setup.'
-	echo 'You can use the default options and just press enter if you are OK with them.'
+	if [ "$auto" = 0 ]; then
+		echo
+		echo 'Welcome to this OpenVPN server installer!'
+		echo
+		echo 'I need to ask you a few questions before starting setup.'
+		echo 'You can use the default options and just press enter if you are OK with them.'
+	else
+		echo
+		echo 'Starting OpenVPN setup using default options.'
+	fi
 	# If system has a single IPv4, it is selected automatically.
 	if [[ $(ip -4 addr | grep inet | grep -vEc '127(\.[0-9]{1,3}){3}') -eq 1 ]]; then
 		ip=$(ip -4 addr | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}')
@ -233,16 +253,20 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 				done <<< "$ip_list"
 			fi
 			if [ "$ip_match" = 0 ]; then
-				number_of_ip=$(ip -4 addr | grep inet | grep -vEc '127(\.[0-9]{1,3}){3}')
-				echo
-				echo "Which IPv4 address should be used?"
-				ip -4 addr | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' | nl -s ') '
-				read -rp "IPv4 address [1]: " ip_number
-				until [[ -z "$ip_number" || "$ip_number" =~ ^[0-9]+$ && "$ip_number" -le "$number_of_ip" ]]; do
-					echo "$ip_number: invalid selection."
+				if [ "$auto" = 0 ]; then
+					echo
+					echo "Which IPv4 address should be used?"
+					number_of_ip=$(ip -4 addr | grep inet | grep -vEc '127(\.[0-9]{1,3}){3}')
+					ip -4 addr | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' | nl -s ') '
 					read -rp "IPv4 address [1]: " ip_number
-				done
-				[[ -z "$ip_number" ]] && ip_number="1"
+					until [[ -z "$ip_number" || "$ip_number" =~ ^[0-9]+$ && "$ip_number" -le "$number_of_ip" ]]; do
+						echo "$ip_number: invalid selection."
+						read -rp "IPv4 address [1]: " ip_number
+					done
+					[[ -z "$ip_number" ]] && ip_number=1
+				else
+					ip_number=1
+				fi
 				ip=$(ip -4 addr | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' | sed -n "$ip_number"p)
 			fi
 		fi
@ -251,44 +275,66 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 	if printf '%s' "$ip" | grep -qE '^(10|127|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168|169\.254)\.'; then
 		find_public_ip
 		if [ -z "$get_public_ip" ]; then
-			echo
-			echo "This server is behind NAT. What is the public IPv4 address?"
-			read -rp "Public IPv4 address: " public_ip
-			until check_ip "$public_ip"; do
-				echo "Invalid input."
+			if [ "$auto" = 0 ]; then
+				echo
+				echo "This server is behind NAT. What is the public IPv4 address?"
 				read -rp "Public IPv4 address: " public_ip
-			done
+				until check_ip "$public_ip"; do
+					echo "Invalid input."
+					read -rp "Public IPv4 address: " public_ip
+				done
+			else
+				echo "Error: Could not detect this server's public IP." >&2
+				echo "Abort. No changes were made." >&2
+				exit 1
+			fi
 		else
 			public_ip="$get_public_ip"
 		fi
 	fi
+	if [ "$auto" != 0 ]; then
+		echo
+		printf '%s' "Server IP: "
+		[ -n "$public_ip" ] && printf '%s\n' "$public_ip" || printf '%s\n' "$ip"
+		echo "Port: UDP/1194"
+		echo "Client name: client"
+		echo "Client DNS: Google Public DNS"
+	fi
 	# If system has a single IPv6, it is selected automatically
 	if [[ $(ip -6 addr | grep -c 'inet6 [23]') -eq 1 ]]; then
 		ip6=$(ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}')
 	fi
 	# If system has multiple IPv6, ask the user to select one
 	if [[ $(ip -6 addr | grep -c 'inet6 [23]') -gt 1 ]]; then
-		number_of_ip6=$(ip -6 addr | grep -c 'inet6 [23]')
-		echo
-		echo "Which IPv6 address should be used?"
-		ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}' | nl -s ') '
-		read -rp "IPv6 address [1]: " ip6_number
-		until [[ -z "$ip6_number" || "$ip6_number" =~ ^[0-9]+$ && "$ip6_number" -le "$number_of_ip6" ]]; do
-			echo "$ip6_number: invalid selection."
+		if [ "$auto" = 0 ]; then
+			echo
+			echo "Which IPv6 address should be used?"
+			number_of_ip6=$(ip -6 addr | grep -c 'inet6 [23]')
+			ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}' | nl -s ') '
 			read -rp "IPv6 address [1]: " ip6_number
-		done
-		[[ -z "$ip6_number" ]] && ip6_number="1"
+			until [[ -z "$ip6_number" || "$ip6_number" =~ ^[0-9]+$ && "$ip6_number" -le "$number_of_ip6" ]]; do
+				echo "$ip6_number: invalid selection."
+				read -rp "IPv6 address [1]: " ip6_number
+			done
+			[[ -z "$ip6_number" ]] && ip6_number=1
+		else
+			ip6_number=1
+		fi
 		ip6=$(ip -6 addr | grep 'inet6 [23]' | cut -d '/' -f 1 | grep -oE '([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}' | sed -n "$ip6_number"p)
 	fi
-	echo
-	echo "Which protocol should OpenVPN use?"
-	echo "   1) UDP (recommended)"
-	echo "   2) TCP"
-	read -rp "Protocol [1]: " protocol
-	until [[ -z "$protocol" || "$protocol" =~ ^[12]$ ]]; do
-		echo "$protocol: invalid selection."
+	if [ "$auto" = 0 ]; then
+		echo
+		echo "Which protocol should OpenVPN use?"
+		echo "   1) UDP (recommended)"
+		echo "   2) TCP"
 		read -rp "Protocol [1]: " protocol
-	done
+		until [[ -z "$protocol" || "$protocol" =~ ^[12]$ ]]; do
+			echo "$protocol: invalid selection."
+			read -rp "Protocol [1]: " protocol
+		done
+	else
+		protocol=1
+	fi
 	case "$protocol" in
 		1|"")
 		protocol=udp
@ -297,28 +343,36 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 		protocol=tcp
 		;;
 	esac
-	echo
-	echo "What port should OpenVPN listen to?"
-	read -rp "Port [1194]: " port
-	until [[ -z "$port" || "$port" =~ ^[0-9]+$ && "$port" -le 65535 ]]; do
-		echo "$port: invalid port."
+	if [ "$auto" = 0 ]; then
+		echo
+		echo "What port should OpenVPN listen to?"
 		read -rp "Port [1194]: " port
-	done
-	[[ -z "$port" ]] && port="1194"
-	echo
-	echo "Select a DNS server for the clients:"
-	echo "   1) Current system resolvers"
-	echo "   2) Google Public DNS"
-	echo "   3) Cloudflare DNS"
-	echo "   4) OpenDNS"
-	echo "   5) Quad9"
-	echo "   6) AdGuard DNS"
-	echo "   7) Custom"
-	read -rp "DNS server [2]: " dns
-	until [[ -z "$dns" || "$dns" =~ ^[1-7]$ ]]; do
-		echo "$dns: invalid selection."
+		until [[ -z "$port" || "$port" =~ ^[0-9]+$ && "$port" -le 65535 ]]; do
+			echo "$port: invalid port."
+			read -rp "Port [1194]: " port
+		done
+		[[ -z "$port" ]] && port=1194
+	else
+		port=1194
+	fi
+	if [ "$auto" = 0 ]; then
+		echo
+		echo "Select a DNS server for the clients:"
+		echo "   1) Current system resolvers"
+		echo "   2) Google Public DNS"
+		echo "   3) Cloudflare DNS"
+		echo "   4) OpenDNS"
+		echo "   5) Quad9"
+		echo "   6) AdGuard DNS"
+		echo "   7) Custom"
 		read -rp "DNS server [2]: " dns
-	done
+		until [[ -z "$dns" || "$dns" =~ ^[1-7]$ ]]; do
+			echo "$dns: invalid selection."
+			read -rp "DNS server [2]: " dns
+		done
+	else
+		dns=2
+	fi
 	if [ "$dns" = 7 ]; then
 		read -rp "Enter primary DNS server: " dns1
 		until check_ip "$dns1"; do
@ -331,27 +385,36 @@ if [[ ! -e /etc/openvpn/server/server.conf ]]; then
 			read -rp "Enter secondary DNS server (Enter to skip): " dns2
 		done
 	fi
-	echo
-	echo "Enter a name for the first client:"
-	read -rp "Name [client]: " unsanitized_client
-	# Allow a limited set of characters to avoid conflicts
-	client=$(sed 's/[^0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-]/_/g' <<< "$unsanitized_client")
-	[[ -z "$client" ]] && client="client"
-	echo
-	echo "OpenVPN installation is ready to begin."
+	if [ "$auto" = 0 ]; then
+		echo
+		echo "Enter a name for the first client:"
+		read -rp "Name [client]: " unsanitized_client
+		# Allow a limited set of characters to avoid conflicts
+		client=$(sed 's/[^0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-]/_/g' <<< "$unsanitized_client")
+		[[ -z "$client" ]] && client=client
+	else
+		client=client
+	fi
+	if [ "$auto" = 0 ]; then
+		echo
+		echo "OpenVPN installation is ready to begin."
+	fi
 	# Install a firewall if firewalld or iptables are not already available
 	if ! systemctl is-active --quiet firewalld.service && ! hash iptables 2>/dev/null; then
 		if [[ "$os" == "centos" || "$os" == "fedora" ]]; then
 			firewall="firewalld"
 			# We don't want to silently enable firewalld, so we give a subtle warning
 			# If the user continues, firewalld will be installed and enabled during setup
-			echo "firewalld, which is required to manage routing tables, will also be installed."
+			echo
+			echo "Note: firewalld, which is required to manage routing tables, will also be installed."
 		elif [[ "$os" == "debian" || "$os" == "ubuntu" ]]; then
 			# iptables is way less invasive than firewalld so no warning is given
 			firewall="iptables"
 		fi
 	fi
-	read -n1 -r -p "Press any key to continue..."
+	if [ "$auto" = 0 ]; then
+		read -n1 -r -p "Press any key to continue..."
+	fi
 	echo
 	echo "Installing OpenVPN, please wait..."
 	# If running inside a container, disable LimitNPROC to prevent conflicts