Update IKEv2 script

- Minor improvements and cleanup
2024-06-30 01:25:53 +02:00 · 2022-02-17 21:36:19 -06:00 · 2022-02-17 21:36:19 -06:00 · 58e82552ae
commit 58e82552ae
parent 7361cec2db
1 changed files with 18 additions and 26 deletions
--- a/extras/ikev2setup.sh
+++ b/extras/ikev2setup.sh
@ -150,7 +150,7 @@ confirm_or_abort() {
 show_header() {
 cat <<'EOF'

-IKEv2 Script   Copyright (c) 2020-2022 Lin Song   16 Feb 2022
+IKEv2 Script   Copyright (c) 2020-2022 Lin Song   18 Feb 2022

 EOF
 }
@ -308,8 +308,7 @@ set_dns_servers() {

 show_welcome() {
 cat <<'EOF'
-Welcome! Use this script to set up IKEv2 on your IPsec VPN server.
-
+Welcome! Use this script to set up IKEv2 on your VPN server.
 I need to ask you a few questions before starting setup.
 You can use the default options and just press enter if you are OK with them.

@ -317,20 +316,12 @@ EOF
 }

 show_start_setup() {
-  if [ -n "$VPN_DNS_NAME" ] || [ -n "$VPN_CLIENT_NAME" ] || [ -n "$VPN_DNS_SRV1" ]; then
-    bigecho "Starting IKEv2 setup in auto mode."
-    printf '%s' "## Using custom option(s): "
-    [ -n "$VPN_DNS_NAME" ] && printf '%s' "VPN_DNS_NAME "
-    [ -n "$VPN_CLIENT_NAME" ] && printf '%s' "VPN_CLIENT_NAME "
-    if [ -n "$VPN_DNS_SRV1" ] && [ -n "$VPN_DNS_SRV2" ]; then
-      printf '%s' "VPN_DNS_SRV1 VPN_DNS_SRV2"
-    elif [ -n "$VPN_DNS_SRV1" ]; then
-      printf '%s' "VPN_DNS_SRV1"
-    fi
-    echo
-  else
-    bigecho "Starting IKEv2 setup in auto mode, using default options."
+  op_text=default
+  if [ -n "$VPN_DNS_NAME" ] || [ -n "$VPN_CLIENT_NAME" ] \
+    || [ -n "$VPN_DNS_SRV1" ] || [ -n "$VPN_PROTECT_CONFIG" ]; then
+    op_text=custom
  fi
+  bigecho "Starting IKEv2 setup in auto mode, using $op_text options."
 }

 show_add_client() {
@ -517,10 +508,10 @@ enter_custom_dns() {
      echo "Invalid DNS server."
      read -rp "Enter primary DNS server: " dns_server_1
    done
-    read -rp "Enter secondary DNS server (enter to skip): " dns_server_2
+    read -rp "Enter secondary DNS server (Enter to skip): " dns_server_2
    until [ -z "$dns_server_2" ] || check_ip "$dns_server_2"; do
      echo "Invalid DNS server."
-      read -rp "Enter secondary DNS server (enter to skip): " dns_server_2
+      read -rp "Enter secondary DNS server (Enter to skip): " dns_server_2
    done
    if [ -n "$dns_server_2" ]; then
      dns_servers="$dns_server_1 $dns_server_2"
@ -612,7 +603,7 @@ select_config_password() {
  if [ "$use_config_password" = "0" ]; then
 cat <<'EOF'

-IKEv2 client config files contain the client certificate, private key and CA certificate.
+IKEv2 client config contains the client certificate, private key and CA certificate.
 This script can optionally generate a random password to protect these files.
 Future client config files will also be protected using this password.

@ -680,6 +671,11 @@ EOF
  else
    echo "MOBIKE support: Not available"
  fi
+  if [ "$use_config_password" = "1" ]; then
+    echo "Protect client config: Yes"
+  else
+    echo "Protect client config: No"
+  fi
 cat <<EOF
 DNS server(s): $dns_servers

@ -1173,12 +1169,8 @@ print_client_revoked() {
 }

 print_setup_complete() {
-  if [ -n "$VPN_DNS_NAME" ] || [ -n "$VPN_CLIENT_NAME" ] || [ -n "$VPN_DNS_SRV1" ]; then
-    printf '\e[2K\r'
-  else
-    printf '\e[2K\e[1A\e[2K\r'
-    [ "$use_defaults" = "1" ] && printf '\e[1A\e[2K\e[1A\e[2K\e[1A\e[2K\r'
-  fi
+  printf '\e[2K\e[1A\e[2K\r'
+  [ "$use_defaults" = "1" ] && printf '\e[1A\e[2K\e[1A\e[2K\e[1A\e[2K\r'
 cat <<EOF
 ================================================

@ -1215,7 +1207,7 @@ EOF
 cat <<'EOF'

 Note: No password is required when importing
-client config files.
+client configuration.
 EOF
  fi
 cat <<'EOF'