diff --git a/openvpn-install.sh b/openvpn-install.sh index 997feaf..5c730fc 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -27,84 +27,6 @@ # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# Detect Debian users running the script with "sh" instead of bash -if readlink /proc/$$/exe | grep -q "dash"; then - echo 'This installer needs to be run with "bash", not "sh".' - exit 1 -fi - -# Discard stdin. Needed when running from an one-liner which includes a newline -read -N 999999 -t 0.001 - -# Detect OpenVZ 6 -if [[ $(uname -r | cut -d "." -f 1) -eq 2 ]]; then - echo "The system is running an old kernel, which is incompatible with this installer." - exit 1 -fi - -# Detect OS -# $os_version variables aren't always in use, but are kept here for convenience -if grep -qs "ubuntu" /etc/os-release; then - os="ubuntu" - os_version=$(grep 'VERSION_ID' /etc/os-release | cut -d '"' -f 2 | tr -d '.') - group_name="nogroup" -elif [[ -e /etc/debian_version ]]; then - os="debian" - os_version=$(grep -oE '[0-9]+' /etc/debian_version | head -1) - group_name="nogroup" -elif [[ -e /etc/almalinux-release || -e /etc/rocky-release || -e /etc/centos-release ]]; then - os="centos" - os_version=$(grep -shoE '[0-9]+' /etc/almalinux-release /etc/rocky-release /etc/centos-release | head -1) - group_name="nobody" -elif grep -qs "Amazon Linux release 2" /etc/system-release; then - os="centos" - os_version="7" - group_name="nobody" -elif [[ -e /etc/fedora-release ]]; then - os="fedora" - os_version=$(grep -oE '[0-9]+' /etc/fedora-release | head -1) - group_name="nobody" -else - echo "This installer seems to be running on an unsupported distribution. -Supported distros are Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora and Amazon Linux 2." - exit 1 -fi - -if [[ "$os" == "ubuntu" && "$os_version" -lt 1804 ]]; then - echo "Ubuntu 18.04 or higher is required to use this installer. -This version of Ubuntu is too old and unsupported." - exit 1 -fi - -if [[ "$os" == "debian" && "$os_version" -lt 9 ]]; then - echo "Debian 9 or higher is required to use this installer. -This version of Debian is too old and unsupported." - exit 1 -fi - -if [[ "$os" == "centos" && "$os_version" -lt 7 ]]; then - echo "CentOS 7 or higher is required to use this installer. -This version of CentOS is too old and unsupported." - exit 1 -fi - -# Detect environments where $PATH does not include the sbin directories -if ! grep -q sbin <<< "$PATH"; then - echo '$PATH does not include sbin. Try using "su -" instead of "su".' - exit 1 -fi - -if [ "$(id -u)" != 0 ]; then - echo "This installer must be run as root. Try 'sudo bash $0'" - exit 1 -fi - -if [[ ! -e /dev/net/tun ]] || ! ( exec 7<>/dev/net/tun ) 2>/dev/null; then - echo "The system does not have the TUN device available. -TUN needs to be enabled before running this installer." - exit 1 -fi - check_ip() { IP_REGEX='^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX" @@ -190,6 +112,86 @@ new_client() { chmod 600 "$export_dir$client".ovpn } +ovpnsetup() { + +# Detect Debian users running the script with "sh" instead of bash +if readlink /proc/$$/exe | grep -q "dash"; then + echo 'This installer needs to be run with "bash", not "sh".' + exit 1 +fi + +# Discard stdin. Needed when running from an one-liner which includes a newline +read -N 999999 -t 0.001 + +# Detect OpenVZ 6 +if [[ $(uname -r | cut -d "." -f 1) -eq 2 ]]; then + echo "The system is running an old kernel, which is incompatible with this installer." + exit 1 +fi + +# Detect OS +# $os_version variables aren't always in use, but are kept here for convenience +if grep -qs "ubuntu" /etc/os-release; then + os="ubuntu" + os_version=$(grep 'VERSION_ID' /etc/os-release | cut -d '"' -f 2 | tr -d '.') + group_name="nogroup" +elif [[ -e /etc/debian_version ]]; then + os="debian" + os_version=$(grep -oE '[0-9]+' /etc/debian_version | head -1) + group_name="nogroup" +elif [[ -e /etc/almalinux-release || -e /etc/rocky-release || -e /etc/centos-release ]]; then + os="centos" + os_version=$(grep -shoE '[0-9]+' /etc/almalinux-release /etc/rocky-release /etc/centos-release | head -1) + group_name="nobody" +elif grep -qs "Amazon Linux release 2" /etc/system-release; then + os="centos" + os_version="7" + group_name="nobody" +elif [[ -e /etc/fedora-release ]]; then + os="fedora" + os_version=$(grep -oE '[0-9]+' /etc/fedora-release | head -1) + group_name="nobody" +else + echo "This installer seems to be running on an unsupported distribution. +Supported distros are Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora and Amazon Linux 2." + exit 1 +fi + +if [[ "$os" == "ubuntu" && "$os_version" -lt 1804 ]]; then + echo "Ubuntu 18.04 or higher is required to use this installer. +This version of Ubuntu is too old and unsupported." + exit 1 +fi + +if [[ "$os" == "debian" && "$os_version" -lt 9 ]]; then + echo "Debian 9 or higher is required to use this installer. +This version of Debian is too old and unsupported." + exit 1 +fi + +if [[ "$os" == "centos" && "$os_version" -lt 7 ]]; then + echo "CentOS 7 or higher is required to use this installer. +This version of CentOS is too old and unsupported." + exit 1 +fi + +# Detect environments where $PATH does not include the sbin directories +if ! grep -q sbin <<< "$PATH"; then + echo '$PATH does not include sbin. Try using "su -" instead of "su".' + exit 1 +fi + +if [ "$(id -u)" != 0 ]; then + echo "This installer must be run as root. Try 'sudo bash $0'" + exit 1 +fi + +if [[ ! -e /dev/net/tun ]] || ! ( exec 7<>/dev/net/tun ) 2>/dev/null; then + echo "The system does not have the TUN device available. +TUN needs to be enabled before running this installer." + exit 1 +fi + if [[ ! -e /etc/openvpn/server/server.conf ]]; then if [ "$os" = "centos" ]; then if grep -qs "hwdsl2 VPN script" /etc/sysconfig/nftables.conf \ @@ -880,3 +882,9 @@ else ;; esac fi +} + +## Defer setup until we have the complete script +ovpnsetup "$@" + +exit 0