Fabio/openvpn-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
472 commits 5 branches 0 tags 1.7 MiB
Commit graph

292 commits

Author SHA1 Message Date
dex4k
5400deadad
OpenVPN script but asks for pass for CA authority 
Adds extra security in case server in breached. If an attacker is able to take your CA private key it is encrypted with a passphrase. The regular script allows anyone who is able to steal with CA private key to issue new clients for your VPN. Obviously your server should be protected enough your private key is not stolen in the first place, but this adds an extra level of security.
 2019-07-15 22:41:05 +01:00
Stanislas
dea1d6db2b
Add support for lz4-v2 (#444) 
Close #366
 2019-07-05 17:49:31 +02:00
angristan
5844a8440f Add support for Debian 10 
Fix #439
 2019-06-30 23:06:42 +02:00
Kcchouette
73095990eb Fix APT repo for Ubuntu 16.04 (#421) 2019-05-13 18:38:10 +02:00
Stanislas
a0685af1a3
Update mv easy-rsa command 
Maybe fix #420
 2019-05-12 20:59:15 +02:00
Stanislas
066b48bd84
Add support for Ubuntu 19.04 (#416) 2019-04-22 21:59:04 +02:00
Nathan Lopez
3bf72c7df7 Fix Variable Substitution for ENDPOINT (#397) 2019-02-26 22:39:00 +01:00
Stanislas
6e402289bd
Add Vagrantfile for easier testing (#396) 2019-02-25 23:31:18 +01:00
angristan
52d67286de Fix auto-install 2019-02-25 21:54:36 +01:00
Stanislas
7ba776ce7a
Improve automated install (#395) 
#390 follow up, fixes #261
 2019-02-25 21:30:46 +01:00
Cliff Cotino
f023de298d Headless installation (#390) 
Fixes #261
 2019-02-25 20:02:50 +01:00
randomshell
a0027f1b42 Update easy-rsa to 3.0.6 (#393) 2019-02-21 15:59:57 +01:00
Samuel FORESTIER
676e68fe4f Removes trailing space within server configuration (#369) 2018-12-16 19:14:34 +01:00
xiagw
19820e886e Remove OpenVPN log during uninstallation (#339) 2018-10-19 12:10:56 +02:00
angristan
0d19b57e7f Fix iptables-openvpn service on Debian 8 2018-10-08 21:11:52 +02:00
angristan
bca57c483d Fix "ping6" and "ping -6" usage 2018-10-01 21:00:26 +02:00
GoliathLabs
c9c6089cd6 Use ping -6 instead of ping6 (#317) 2018-09-30 21:17:30 +02:00
angristan
043843850e Improve Debian detection 
e.g. for Raspbian
 2018-09-29 20:15:20 +02:00
Sidd
d2bd051d97 Spelling fixes (#314) 2018-09-28 16:36:00 +02:00
angristan
ef6c2c2a78 Improve -y usage with package managers 2018-09-27 22:23:40 +02:00
angristan
e231c8924a CentOS: Make sure epel-release is installed before openvpn 2018-09-27 22:09:12 +02:00
angristan
9716e868a0 Fix service handling on Ubuntu 16.04 2018-09-27 19:57:01 +02:00
angristan
0648e6a0b7 Fix IPv6 connectivity test 2018-09-27 19:52:52 +02:00
angristan
e4a9851b4f Remove revoked client from ifconfig-pool-persist 2018-09-24 15:24:31 +02:00
angristan
0f117352c7 Remove hardcoded ciphers from Fedora systemd service 2018-09-24 14:33:08 +02:00
angristan
bbea708175 Do not modify package-provided systemd service 2018-09-24 14:26:41 +02:00
angristan
071baf477f Update link, DNS name 2018-09-24 11:45:12 +02:00
angristan
73c52daf84 Add Quad9 uncensored 2018-09-24 11:42:29 +02:00
angristan
1dad1579ad Better code 2018-09-24 11:37:13 +02:00
angristan
8d5d080cc0 Remove plaintext metadata from client certificate 2018-09-24 11:32:43 +02:00
angristan
b0fdb24984 Improve Debian/Ubuntu detection 2018-09-23 22:23:13 +02:00
Jun Hui
c14355a34c Update easy-rsa to 3.0.5 (#301) 2018-09-23 17:09:33 +02:00
angristan
70ebe5620d secp256r1 -> prime256v1 2018-09-23 17:06:15 +02:00
angristan
8e1cf382c3 Fix unset usage 2018-09-23 16:33:59 +02:00
angristan
5a67d3b3e7 Fix regex 2018-09-23 16:30:48 +02:00
GoliathLabs
ecf5f0d623 Add Arch Linux support (#303) 2018-09-23 16:27:36 +02:00
angristan
8de3957afb Disable and stop OpenVPN upon removal 2018-09-23 14:32:24 +02:00
angristan
7f35106687 Fix condition 2018-09-23 14:30:08 +02:00
angristan
09b29ddc9c Fix OS condition 2018-09-23 14:26:28 +02:00
angristan
ef30d3c9df Fix service on Ubuntu 16.04 2018-09-23 14:25:18 +02:00
angristan
e2906fd5e4 Use APT repo for Ubuntu 16.04 
Ubuntu 16.04 has OpenVPN 2.3.10
 2018-09-23 12:47:52 +02:00
angristan
21f15d9aef Little fixes according to OpenVPN 2.4 
Yeah, seconds, really :)
 2018-09-23 00:47:18 +02:00
angristan
c2a502be92 Add support for tls-crypt 
Choice between tls-auth/tls-crypt
 2018-09-22 22:34:10 +02:00
angristan
f716380080 Fixes 2018-09-22 22:33:25 +02:00
angristan
62c89af954 Support ncp-ciphers 
Since OpenVPN 2.4, there is negotiable crypto parameters (NCP)
It means you can use a cipher suite like with HTTPS. By default the suite is AES-256-GCM:AES-256-CBC, so that means than since 2.4 is out, everyone using a 2.4 client + server was using AES 256 GCM, regardless of the --cipher option. With this commit, the chosen cipher will be the only cipher in the NCP cipher list, thus fixing this issue.
 2018-09-22 18:18:36 +02:00
angristan
a85c13e4ec Move setup questions to installQuestions () 2018-09-22 17:59:21 +02:00
angristan
bbdabedbec Add --auth choice (HMAC digest algorithm) 2018-09-22 17:54:30 +02:00
angristan
e0b4a5aae7 Use read -rp 2018-09-22 16:42:48 +02:00
angristan
3a5e23c5c1 Add ECDH support 2018-09-22 16:41:28 +02:00
angristan
cfa5eed6bd Re-add possibility to use a hostname as the endpoint 2018-09-22 16:17:51 +02:00