iankelling.org
/
git
/
vpn-setup
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix variable bugs
[vpn-setup]
/
vpn-server-setup
diff --git
a/vpn-server-setup
b/vpn-server-setup
index 30080d4f073b44cc88127fd583b4011786fc1bda..1224ff293333eb7c9fc33f009ef1073c84f01302 100755
(executable)
--- a/
vpn-server-setup
+++ b/
vpn-server-setup
@@
-37,6
+37,10
@@
For ipv6, we assume ipv6_addr routes to the server.
You can save all the keys by storing /etc/openvpn/easy-rsa/keys, and
the script will not generate them if it sees they exist already.
You can save all the keys by storing /etc/openvpn/easy-rsa/keys, and
the script will not generate them if it sees they exist already.
+For future updates to this script, this is a good place to
+take inspiration.
+https://github.com/angristan/openvpn-install/blob/master/openvpn-install.sh
+
Note: Uses GNU getopt options parsing style
EOF
exit $1
Note: Uses GNU getopt options parsing style
EOF
exit $1
@@
-189,11
+193,17
@@
push "dhcp-option DNS 10.8.0.1"
EOF
fi
EOF
fi
-if
$ip6
; then
+if
[[ $ip6 ]]
; then
cat >>$server_dir/server.conf <<EOF
push tun-ipv6 # legacy option that flidas needs, has no harm.
cat >>$server_dir/server.conf <<EOF
push tun-ipv6 # legacy option that flidas needs, has no harm.
-ifconfig-ipv6 $ip6 $ip6_route
+ifconfig-ipv6 $ip6 $ip6route
+EOF
+
+ sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
+ cat >>/etc/sysctl.conf <<'EOF'
+net.ipv6.conf.all.forwarding=1
EOF
EOF
+
fi
fi
@@
-202,7
+212,7
@@
if $route; then
# Be the default gateway for clients.
push "redirect-gateway def1"
EOF
# Be the default gateway for clients.
push "redirect-gateway def1"
EOF
- if
$ip6
; then
+ if
[[ $ip6 ]]
; then
cat >>$server_dir/server.conf <<'EOF'
push "route-ipv6 2000::/3"
EOF
cat >>$server_dir/server.conf <<'EOF'
push "route-ipv6 2000::/3"
EOF
@@
-210,10
+220,8
@@
EOF
fi
sed -i --follow-symlinks '/^ *net\.ipv4\.ip_forward=.*/d' /etc/sysctl.conf
fi
sed -i --follow-symlinks '/^ *net\.ipv4\.ip_forward=.*/d' /etc/sysctl.conf
-sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
cat >>/etc/sysctl.conf <<'EOF'
net.ipv4.ip_forward=1
cat >>/etc/sysctl.conf <<'EOF'
net.ipv4.ip_forward=1
-net.ipv6.conf.all.forwarding=1
EOF
sysctl -p /etc/sysctl.conf
EOF
sysctl -p /etc/sysctl.conf