usage() {
cat <<'EOF'
-usage: ${0##*/} [-d|-h|--help]
+usage: ${0##*/} [-d|-h|--help] [IPV6_ADDR/BITS IPV6_DEFAULT_ROUTE]
-r Do not push default route
-d Do not push dns
traffic goes through the vpn. requires systemd, and might have some
debian specific paths.
+For ipv6, we assume ipv6_addr routes to the server.
+
You can save all the keys by storing /etc/openvpn/easy-rsa/keys, and
the script will not generate them if it sees they exist already.
+For future updates to this script, this is a good place to
+take inspiration.
+https://github.com/angristan/openvpn-install/blob/master/openvpn-install.sh
+
Note: Uses GNU getopt options parsing style
EOF
exit $1
esac
done
+read -r ip6 ip6route <<<"$@"
+
+
apt-get update
# suggests get's us openssl. policy-rc.d is to prevent install from starting services
f=/usr/sbin/policy-rc.d;
EOF
fi
+if [[ $ip6 ]]; then
+ cat >>$server_dir/server.conf <<EOF
+push tun-ipv6 # legacy option that flidas needs, has no harm.
+ifconfig-ipv6 $ip6 $ip6route
+EOF
+
+ sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
+ cat >>/etc/sysctl.conf <<'EOF'
+net.ipv6.conf.all.forwarding=1
+EOF
+
+fi
+
+
if $route; then
cat >>$server_dir/server.conf <<'EOF'
# Be the default gateway for clients.
push "redirect-gateway def1"
EOF
+ if [[ $ip6 ]]; then
+ cat >>$server_dir/server.conf <<'EOF'
+push "route-ipv6 2000::/3"
+EOF
+ fi
fi
sed -i --follow-symlinks '/^ *net\.ipv4\.ip_forward=.*/d' /etc/sysctl.conf
-sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
cat >>/etc/sysctl.conf <<'EOF'
net.ipv4.ip_forward=1
-net.ipv6.conf.all.forwarding=1
EOF
sysctl -p /etc/sysctl.conf