X-Git-Url: https://iankelling.org/git/?p=vpn-setup;a=blobdiff_plain;f=vpn-server-setup;h=1224ff293333eb7c9fc33f009ef1073c84f01302;hp=30080d4f073b44cc88127fd583b4011786fc1bda;hb=fc6198e7dc708aa5abc3a393e55a9f90bbf0f4d3;hpb=dbea144f7249f9c244e748ac972fd86a54ee2086

diff --git a/vpn-server-setup b/vpn-server-setup
index 30080d4..1224ff2 100755
--- a/vpn-server-setup
+++ b/vpn-server-setup
@@ -37,6 +37,10 @@ For ipv6, we assume ipv6_addr routes to the server.
 You can save all the keys by storing /etc/openvpn/easy-rsa/keys, and
 the script will not generate them if it sees they exist already.
 
+For future updates to this script, this is a good place to
+take inspiration.
+https://github.com/angristan/openvpn-install/blob/master/openvpn-install.sh
+
 Note: Uses GNU getopt options parsing style
 EOF
   exit $1
@@ -189,11 +193,17 @@ push "dhcp-option DNS 10.8.0.1"
 EOF
 fi
 
-if $ip6; then
+if [[ $ip6 ]]; then
   cat >>$server_dir/server.conf <<EOF
 push tun-ipv6 # legacy option that flidas needs, has no harm.
-ifconfig-ipv6 $ip6 $ip6_route
+ifconfig-ipv6 $ip6 $ip6route
+EOF
+
+  sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
+  cat >>/etc/sysctl.conf <<'EOF'
+net.ipv6.conf.all.forwarding=1
 EOF
+
 fi
 
 
@@ -202,7 +212,7 @@ if $route; then
 # Be the default gateway for clients.
 push "redirect-gateway def1"
 EOF
-  if $ip6; then
+  if [[ $ip6 ]]; then
     cat >>$server_dir/server.conf <<'EOF'
 push "route-ipv6 2000::/3"
 EOF
@@ -210,10 +220,8 @@ EOF
 fi
 
 sed -i --follow-symlinks '/^ *net\.ipv4\.ip_forward=.*/d' /etc/sysctl.conf
-sed -i --follow-symlinks '/^ *net.ipv6.conf.all.forwarding=.*/d' /etc/sysctl.conf
 cat >>/etc/sysctl.conf <<'EOF'
 net.ipv4.ip_forward=1
-net.ipv6.conf.all.forwarding=1
 EOF
 sysctl -p /etc/sysctl.conf