From 6dcf65e7029bc2e1127d0993ef87e1542ae93b8d Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 14:37:24 -0400 Subject: [PATCH 01/43] update install to allow managament port --- install_openvpn.sh | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 6916c4c..2c2536e 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -19,11 +19,12 @@ set -euo pipefail function display_usage() { cat <] [--api-port ] [--keys-port ] +Usage: install_server.sh [--hostname ] [--api-port ] [--keys-port ] [--management-port ] --hostname The hostname to be used to access the management API and access keys --api-port The port number for the management API --keys-port The port number for the access keys + --management-port The port number for the monitor app EOF } @@ -208,7 +209,7 @@ function generate_openvpn_config_file() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm ${SB_IMAGE} ovpn_genconfig -u udp://${PUBLIC_HOSTNAME}:${API_PORT} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm ${SB_IMAGE} ovpn_genconfig -u udp://${PUBLIC_HOSTNAME}:${API_PORT} -e "management 0.0.0.0 ${MANAGEMENT_PORT}" 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -220,7 +221,7 @@ function start_openvpn() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -269,16 +270,27 @@ install_openvpn() { log_for_sentry "Setting API port" API_PORT="${FLAGS_API_PORT}" + if [[ $API_PORT == 0 ]]; then + API_PORT=${SB_API_PORT:-$(get_random_port)} + fi + + log_for_sentry "Setting MANAGEMENT por" + MANAGEMENT_PORT="${FLAGS_MANAGEMENT_PORT}" + + if[[$MANAGEMENT_PORT == $API_PORT ]]; then + log_error "Api MANAGEMENT port don't igual to api port" + exit 1 + fi + log_for_sentry "Setting PUBLIC_HOSTNAME" # TODO(fortuna): Make sure this is IPv4 PUBLIC_HOSTNAME=${FLAGS_HOSTNAME:-${SB_PUBLIC_IP:-$(curl -4s https://ipinfo.io/ip)}} - if [[ $API_PORT == 0 ]]; then - API_PORT=${SB_API_PORT:-$(get_random_port)} - fi + while[[$MANAGEMENT_PORT == 0 || $MANAGEMENT_PORT == $API_PORT]]; do + MANAGEMENT_PORT=${SB_MANAGEMENT_PORT:-$(get_random_port)} + done readonly SB_IMAGE=${SB_IMAGE:-kylemanna/openvpn} - if [[ -z $PUBLIC_HOSTNAME ]]; then local readonly MSG="Failed to determine the server's IP address." @@ -350,6 +362,12 @@ function parse_flags() { exit 1 fi ;; + --management-port) + FLAGS_MANAGEMENT_PORT=$1 + if ! is_valid_port $FLAGS_MANAGEMENT_PORT; then + log_error "Invalid value for $flag: $FLAGS_MANAGEMENT_PORT" + exit 1 + fi --) break ;; From b00aa60eecf93418a4b28f797e65de3010049878 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 14:45:46 -0400 Subject: [PATCH 02/43] fix missing space --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 2c2536e..b45ea28 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -277,7 +277,7 @@ install_openvpn() { log_for_sentry "Setting MANAGEMENT por" MANAGEMENT_PORT="${FLAGS_MANAGEMENT_PORT}" - if[[$MANAGEMENT_PORT == $API_PORT ]]; then + if [[$MANAGEMENT_PORT == $API_PORT ]]; then log_error "Api MANAGEMENT port don't igual to api port" exit 1 fi From 1d8d81ba6f9b365af58cd14967d3db4f33d62db2 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 14:49:29 -0400 Subject: [PATCH 03/43] fix missing space --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index b45ea28..4a047ea 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -286,7 +286,7 @@ install_openvpn() { # TODO(fortuna): Make sure this is IPv4 PUBLIC_HOSTNAME=${FLAGS_HOSTNAME:-${SB_PUBLIC_IP:-$(curl -4s https://ipinfo.io/ip)}} - while[[$MANAGEMENT_PORT == 0 || $MANAGEMENT_PORT == $API_PORT]]; do + while [[$MANAGEMENT_PORT == 0 || $MANAGEMENT_PORT == $API_PORT]]; do MANAGEMENT_PORT=${SB_MANAGEMENT_PORT:-$(get_random_port)} done From bf736dad7faa679a6d569eaa7b07add5668677a4 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 14:56:00 -0400 Subject: [PATCH 04/43] update fix error sign ; --- install_openvpn.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 4a047ea..aab871a 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -277,7 +277,7 @@ install_openvpn() { log_for_sentry "Setting MANAGEMENT por" MANAGEMENT_PORT="${FLAGS_MANAGEMENT_PORT}" - if [[$MANAGEMENT_PORT == $API_PORT ]]; then + if [[ $MANAGEMENT_PORT == $API_PORT ]]; then log_error "Api MANAGEMENT port don't igual to api port" exit 1 fi @@ -286,7 +286,7 @@ install_openvpn() { # TODO(fortuna): Make sure this is IPv4 PUBLIC_HOSTNAME=${FLAGS_HOSTNAME:-${SB_PUBLIC_IP:-$(curl -4s https://ipinfo.io/ip)}} - while [[$MANAGEMENT_PORT == 0 || $MANAGEMENT_PORT == $API_PORT]]; do + while [[ $MANAGEMENT_PORT == 0 || $MANAGEMENT_PORT == $API_PORT ]]; do MANAGEMENT_PORT=${SB_MANAGEMENT_PORT:-$(get_random_port)} done @@ -368,6 +368,7 @@ function parse_flags() { log_error "Invalid value for $flag: $FLAGS_MANAGEMENT_PORT" exit 1 fi + ;; --) break ;; From 1215ee85b5a7dfc95efdd4750192a6e29eaa2f72 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 15:01:30 -0400 Subject: [PATCH 05/43] add shift keyword --- install_openvpn.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/install_openvpn.sh b/install_openvpn.sh index aab871a..dd13ce5 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -364,6 +364,7 @@ function parse_flags() { ;; --management-port) FLAGS_MANAGEMENT_PORT=$1 + shift if ! is_valid_port $FLAGS_MANAGEMENT_PORT; then log_error "Invalid value for $flag: $FLAGS_MANAGEMENT_PORT" exit 1 From e4d3c9a4b891117a4198d187f26b924f02d04ca7 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 15:07:38 -0400 Subject: [PATCH 06/43] add management por to filter get options --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index dd13ce5..8166805 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -334,7 +334,7 @@ function is_valid_port() { } function parse_flags() { - params=$(getopt --longoptions hostname:,api-port:,keys-port: -n $0 -- $0 "$@") + params=$(getopt --longoptions hostname:,api-port:,keys-port:,management-port: -n $0 -- $0 "$@") [[ $? == 0 ]] || exit 1 eval set -- $params From 08e7b6ce33efad50029e1d8a6b77814c2a7e39c9 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 15:35:57 -0400 Subject: [PATCH 07/43] fix error in get options --- install_openvpn.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 8166805..99b9649 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -277,11 +277,6 @@ install_openvpn() { log_for_sentry "Setting MANAGEMENT por" MANAGEMENT_PORT="${FLAGS_MANAGEMENT_PORT}" - if [[ $MANAGEMENT_PORT == $API_PORT ]]; then - log_error "Api MANAGEMENT port don't igual to api port" - exit 1 - fi - log_for_sentry "Setting PUBLIC_HOSTNAME" # TODO(fortuna): Make sure this is IPv4 PUBLIC_HOSTNAME=${FLAGS_HOSTNAME:-${SB_PUBLIC_IP:-$(curl -4s https://ipinfo.io/ip)}} @@ -384,6 +379,10 @@ function parse_flags() { log_error "--api-port must be different from --keys-port" exit 1 fi + if [[ $FLAGS_API_PORT != 0 && $FLAGS_MANAGEMENT_PORT == $FLAGS_API_PORT ]]; then + log_error "--api-port must be different from --management-port" + exit 1 + fi return 0 } @@ -392,6 +391,7 @@ function main() { declare FLAGS_HOSTNAME="" declare -i FLAGS_API_PORT=1194 declare -i FLAGS_KEYS_PORT=0 + declare -i FLAGS_MANAGEMENT_PORT=5555 parse_flags "$@" install_openvpn } From b8c25b1eaa9802ad7d2451dfbbbff4e220def85e Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 16:24:51 -0400 Subject: [PATCH 08/43] update run openvpn --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 99b9649..b753bf1 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -221,7 +221,7 @@ function start_openvpn() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 From 597e91e1739193e585774e0dc047310e6740366a Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 16:47:02 -0400 Subject: [PATCH 09/43] start open vpn monitor --- install_openvpn.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/install_openvpn.sh b/install_openvpn.sh index b753bf1..5bf8aee 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -229,6 +229,13 @@ function start_openvpn() { log_error "FAILED" } +function start_openvpn_monitor() { + # By itself, local messes up the return code. + local readonly STDERR_OUTPUT + + STDERR_OUTPUT=$(docker run --name openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) +} + function start_watchtower() { # Start watchtower to automatically fetch docker image updates. # Set watchtower to refresh every 30 seconds if a custom SB_IMAGE is used (for @@ -394,6 +401,7 @@ function main() { declare -i FLAGS_MANAGEMENT_PORT=5555 parse_flags "$@" install_openvpn + start_openvpn_monitor } main "$@" \ No newline at end of file From b0978a569dcd1681852ba9dadaa5cc11ae14e71c Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 18:21:39 -0400 Subject: [PATCH 10/43] add network alias to containers --- install_openvpn.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 5bf8aee..e9fea26 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -221,7 +221,7 @@ function start_openvpn() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn --network-alias openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -233,7 +233,12 @@ function start_openvpn_monitor() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn-monitor --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + local readonly RET=$? + if [[ $RET -eq 0 ]]; then + return 0 + fi + log_error "FAILED" } function start_watchtower() { @@ -401,7 +406,8 @@ function main() { declare -i FLAGS_MANAGEMENT_PORT=5555 parse_flags "$@" install_openvpn - start_openvpn_monitor + #run_step "Starting OpenVPN Monitor" start_openvpn_monitor + run_step "Starting OpenVPN Monitor" start_openvpn_monitor } main "$@" \ No newline at end of file From c20bdb9d3174b4bee3956dd60067cef4ee32e44c Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Jun 2020 18:46:10 -0400 Subject: [PATCH 11/43] add detach when run container --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index e9fea26..8f69df0 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -233,7 +233,7 @@ function start_openvpn_monitor() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn-monitor --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run -d --name openvpn-monitor --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 From 11ea35f6ac50c0dc7e1b2cdeaab1270424ac91a1 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 10:28:37 -0400 Subject: [PATCH 12/43] add custom network to service vpn --- install_openvpn.sh | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 8f69df0..3f0561a 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -202,14 +202,14 @@ function join() { } function init_pki() { - sudo docker run -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm -it ${SB_IMAGE} ovpn_initpki + sudo docker run --network vpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm -it ${SB_IMAGE} ovpn_initpki } function generate_openvpn_config_file() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm ${SB_IMAGE} ovpn_genconfig -u udp://${PUBLIC_HOSTNAME}:${API_PORT} -e "management 0.0.0.0 ${MANAGEMENT_PORT}" 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --network vpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn --rm ${SB_IMAGE} ovpn_genconfig -u udp://${PUBLIC_HOSTNAME}:${API_PORT} -e "management 0.0.0.0 ${MANAGEMENT_PORT}" 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -221,7 +221,7 @@ function start_openvpn() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn --network-alias openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn --network vpn --network-alias openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -233,7 +233,19 @@ function start_openvpn_monitor() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run -d --name openvpn-monitor --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run -d --name openvpn-monitor --network vpn --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + local readonly RET=$? + if [[ $RET -eq 0 ]]; then + return 0 + fi + log_error "FAILED" +} + +function create_network() { + # By itself, local messes up the return code. + local readonly STDERR_OUTPUT + + STDERR_OUTPUT=$(docker network create vpn 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -250,7 +262,7 @@ function start_watchtower() { docker_watchtower_flags+=(-v /var/run/docker.sock:/var/run/docker.sock) # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run -d "${docker_watchtower_flags[@]}" v2tec/watchtower --cleanup --tlsverify --interval $WATCHTOWER_REFRESH_SECONDS 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run -d --network vpn "${docker_watchtower_flags[@]}" v2tec/watchtower --cleanup --tlsverify --interval $WATCHTOWER_REFRESH_SECONDS 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -306,6 +318,9 @@ install_openvpn() { exit 1 fi + #create network + run_step "Generate network to vpn service" create_network + #Generate OpenVPN config file run_step "Generate OpenVPN config file" generate_openvpn_config_file From f09f81c7f9434f186bb3b710d68708f93e2d77e1 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 11:25:34 -0400 Subject: [PATCH 13/43] add monitor enable or not by parameter --- install_openvpn.sh | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 3f0561a..3c6cf25 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -19,12 +19,13 @@ set -euo pipefail function display_usage() { cat <] [--api-port ] [--keys-port ] [--management-port ] +Usage: install_server.sh [--hostname ] [--api-port ] [--keys-port ] [--management-port ] [--monitor-enable ] - --hostname The hostname to be used to access the management API and access keys - --api-port The port number for the management API - --keys-port The port number for the access keys - --management-port The port number for the monitor app + --hostname The hostname to be used to access the management API and access keys. + --api-port The port number for the management API. (By default is 1194) + --keys-port The port number for the access keys. + --management-port The port number for the managent. (By default is 5555) + --monitor-enable Define if monitor app should be deployed or not. (By default is false). EOF } @@ -355,8 +356,12 @@ function is_valid_port() { (( 0 < "$1" && "$1" <= 65535 )) } +function is_valid_bool() { + (( $1 || !$1 )) +} + function parse_flags() { - params=$(getopt --longoptions hostname:,api-port:,keys-port:,management-port: -n $0 -- $0 "$@") + params=$(getopt --longoptions hostname:,api-port:,keys-port:,monitor-enable:,management-port: -n $0 -- $0 "$@") [[ $? == 0 ]] || exit 1 eval set -- $params @@ -392,6 +397,14 @@ function parse_flags() { exit 1 fi ;; + --monitor-enable) + FLAGS_MONITOR_ENABLE=$1 + shift + if ! is_valid_bool $FLAGS_MONITOR_ENABLE; then + log_error "Invalid value for $flag: $FLAGS_MONITOR_ENABLE" + exit 1 + fi + ;; --) break ;; @@ -419,10 +432,13 @@ function main() { declare -i FLAGS_API_PORT=1194 declare -i FLAGS_KEYS_PORT=0 declare -i FLAGS_MANAGEMENT_PORT=5555 + declare -i FLAGS_MONITOR_ENABLE=false parse_flags "$@" install_openvpn - #run_step "Starting OpenVPN Monitor" start_openvpn_monitor - run_step "Starting OpenVPN Monitor" start_openvpn_monitor + if [[ FLAGS_MONITOR_ENABLE ]]; then + #run_step "Starting OpenVPN Monitor" start_openvpn_monitor + run_step "Starting OpenVPN Monitor" start_openvpn_monitor + fi } main "$@" \ No newline at end of file From b2962d48281a3f7a4c26f55b312ec5a68c3b2d7d Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 12:31:08 -0400 Subject: [PATCH 14/43] update declare variable monitor enable --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 3c6cf25..7563567 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -432,7 +432,7 @@ function main() { declare -i FLAGS_API_PORT=1194 declare -i FLAGS_KEYS_PORT=0 declare -i FLAGS_MANAGEMENT_PORT=5555 - declare -i FLAGS_MONITOR_ENABLE=false + declare FLAGS_MONITOR_ENABLE=false parse_flags "$@" install_openvpn if [[ FLAGS_MONITOR_ENABLE ]]; then From 02c5cf71c4af195d52aef541e3d043348edff114 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 12:59:01 -0400 Subject: [PATCH 15/43] add simbol to variable --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 7563567..13e0cb9 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -435,7 +435,7 @@ function main() { declare FLAGS_MONITOR_ENABLE=false parse_flags "$@" install_openvpn - if [[ FLAGS_MONITOR_ENABLE ]]; then + if [[ $FLAGS_MONITOR_ENABLE ]]; then #run_step "Starting OpenVPN Monitor" start_openvpn_monitor run_step "Starting OpenVPN Monitor" start_openvpn_monitor fi From e004dfa05f658b0292f620644b9a33702e2f3e05 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 14:14:45 -0400 Subject: [PATCH 16/43] change condition to flag monitor --- install_openvpn.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 13e0cb9..f7cf3ea 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -432,10 +432,10 @@ function main() { declare -i FLAGS_API_PORT=1194 declare -i FLAGS_KEYS_PORT=0 declare -i FLAGS_MANAGEMENT_PORT=5555 - declare FLAGS_MONITOR_ENABLE=false + declare FLAGS_MONITOR_ENABLE= $false parse_flags "$@" install_openvpn - if [[ $FLAGS_MONITOR_ENABLE ]]; then + if [ $FLAGS_MONITOR_ENABLE ]; then #run_step "Starting OpenVPN Monitor" start_openvpn_monitor run_step "Starting OpenVPN Monitor" start_openvpn_monitor fi From 14c0a3d8c8b1b9759457c2ba2bbdaaa14f92aa60 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 14:25:00 -0400 Subject: [PATCH 17/43] refactoring code --- install_openvpn.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index f7cf3ea..161c929 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -428,11 +428,11 @@ function parse_flags() { function main() { trap finish EXIT - declare FLAGS_HOSTNAME="" - declare -i FLAGS_API_PORT=1194 - declare -i FLAGS_KEYS_PORT=0 - declare -i FLAGS_MANAGEMENT_PORT=5555 - declare FLAGS_MONITOR_ENABLE= $false + declare FLAGS_HOSTNAME = "" + declare -i FLAGS_API_PORT = 1194 + declare -i FLAGS_KEYS_PORT = 0 + declare -i FLAGS_MANAGEMENT_PORT = 5555 + declare FLAGS_MONITOR_ENABLE = false parse_flags "$@" install_openvpn if [ $FLAGS_MONITOR_ENABLE ]; then From 20e402a4a4fcb88779c77992dd458a9f0079650b Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 14:27:26 -0400 Subject: [PATCH 18/43] roll back refactoring --- install_openvpn.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 161c929..cffc05d 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -428,11 +428,11 @@ function parse_flags() { function main() { trap finish EXIT - declare FLAGS_HOSTNAME = "" - declare -i FLAGS_API_PORT = 1194 - declare -i FLAGS_KEYS_PORT = 0 - declare -i FLAGS_MANAGEMENT_PORT = 5555 - declare FLAGS_MONITOR_ENABLE = false + declare FLAGS_HOSTNAME="" + declare -i FLAGS_API_PORT=1194 + declare -i FLAGS_KEYS_PORT=0 + declare -i FLAGS_MANAGEMENT_PORT=5555 + declare FLAGS_MONITOR_ENABLE=false parse_flags "$@" install_openvpn if [ $FLAGS_MONITOR_ENABLE ]; then From a7a0c5b2fe3051990bfbf78b48abcc09665d1a2f Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 14:49:43 -0400 Subject: [PATCH 19/43] change if condition --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index cffc05d..eb6278b 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -435,7 +435,7 @@ function main() { declare FLAGS_MONITOR_ENABLE=false parse_flags "$@" install_openvpn - if [ $FLAGS_MONITOR_ENABLE ]; then + if $FLAGS_MONITOR_ENABLE; then #run_step "Starting OpenVPN Monitor" start_openvpn_monitor run_step "Starting OpenVPN Monitor" start_openvpn_monitor fi From b5ece4545476addd6f0cafc52434e20cab67d555 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 15:07:33 -0400 Subject: [PATCH 20/43] update validate boolean value --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index eb6278b..7315a01 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - (( $1 || !$1 )) + $1 || !$1 } function parse_flags() { From 14b2113eb86b664002bbdef15b5da4c6518e3700 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 17:12:31 -0400 Subject: [PATCH 21/43] add space expression --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 7315a01..0ace97c 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - $1 || !$1 + $1 || ! $1 } function parse_flags() { From 20d3a91fe5901d139dbf0b6c3b92ed1c2fdf53eb Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 17:24:07 -0400 Subject: [PATCH 22/43] update validator to bool --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 0ace97c..11c10c5 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - $1 || ! $1 + (($1 == true || $1 == false)) } function parse_flags() { From deddf751003c3fe1fe12cd204249ac727e760c50 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Fri, 26 Jun 2020 17:35:41 -0400 Subject: [PATCH 23/43] update condition --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 11c10c5..8a6b01d 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - (($1 == true || $1 == false)) + (($1 == "true" || $1 == "false")) } function parse_flags() { From 1b4f9fb7d059b4e4b4c0c888a16215257da1c88b Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Mon, 13 Jul 2020 23:13:15 -0400 Subject: [PATCH 24/43] update readme to new changes --- README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3eed37a..2feccdd 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # openvpn-docker-scripts - Scripts for creating your own [OpenVPN](https://openvpn.net/) server with [Docker](https://www.docker.com/), based on [this](https://medium.com/@gurayy/set-up-a-vpn-server-with-docker-in-5-minutes-a66184882c45) article and this [repository](https://github.com/kylemanna/docker-openvpn) + Scripts for creating your own [OpenVPN](https://openvpn.net/) server with [Docker](https://www.docker.com/) and optional openvpn monitor, based on [this](https://medium.com/@gurayy/set-up-a-vpn-server-with-docker-in-5-minutes-a66184882c45) article, this [repository](https://github.com/kylemanna/docker-openvpn) and this [repository](https://github.com/ruimarinho/docker-openvpn-monitor) ## Steps @@ -10,6 +10,11 @@ Install OpenVPN and dependencies sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/reisbel/openvpn-docker-scripts/master/install_openvpn.sh)" ``` +Install OpenVPN and Monitor +```bash +sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/reisbel/openvpn-docker-scripts/master/install_openvpn.sh) --monitor-enable true" +``` + ## Create user ```bash From 25c3000a87ce394925d4bd1801a7a002acb47bea Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Mon, 13 Jul 2020 23:15:08 -0400 Subject: [PATCH 25/43] update readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2feccdd..f32229c 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # openvpn-docker-scripts - Scripts for creating your own [OpenVPN](https://openvpn.net/) server with [Docker](https://www.docker.com/) and optional openvpn monitor, based on [this](https://medium.com/@gurayy/set-up-a-vpn-server-with-docker-in-5-minutes-a66184882c45) article, this [repository](https://github.com/kylemanna/docker-openvpn) and this [repository](https://github.com/ruimarinho/docker-openvpn-monitor) + Scripts for creating your own [OpenVPN](https://openvpn.net/) server with [Docker](https://www.docker.com/) and optional openvpn monitor, based on [this](https://medium.com/@gurayy/set-up-a-vpn-server-with-docker-in-5-minutes-a66184882c45) article, this [repository](https://github.com/kylemanna/docker-openvpn) and this [repository](https://github.com/ruimarinho/docker-openvpn-monitor) for openvpn monitor. ## Steps From 59c4d1f35baf511d73557e7b4dafab3ffc608bb6 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Wed, 2 Sep 2020 09:56:24 -0400 Subject: [PATCH 26/43] add script to delete user --- delete_user.sh | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 delete_user.sh diff --git a/delete_user.sh b/delete_user.sh new file mode 100644 index 0000000..dca83f1 --- /dev/null +++ b/delete_user.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +#Color definition +red=$'\e[1;31m' +grn=$'\e[1;32m' +end=$'\e[0m' + +if [ $# -ne 1 ]; then + printf "%s\n" "${red}Usage: Provide the username (only one).${end}" + printf "%s\n" "${grn}Example: $0 juanperez${end}" + exit 1 +else + +# Remove non-ASCII characters of the paramenter 1, the username + export LC_ALL=C + username=$(echo "$1" | tr -cd '[:alnum:]') + + # easy-rsa directory + EasyRsaDir="/etc/openvpn/easy-rsa" + #OpenVPN Dir + OpenVpnDir="/etc/openvpn" + + #User's certificate + CertificateFile="$EasyRsaDir/keys/$username.crt" + + # Verify if the user can read the certificate and can find the certificate + if [ ! -r "$CertificateFile" ]; then + printf "%s\n" "${red}Error. User $username not found or you don't have permission to read the certificate $CertificateFile.${end}" + exit 1 + fi + + + cd $EasyRsaDir + if [ $? -ne 0 ]; then + printf "%s\n" "${red}Error to access to the directory $EasyRsaDir.${end}" + exit 1 + fi + + #Importing the openvpn variables + + source $EasyRsaDir/vars 1 >> /dev/null 2 >> /dev/null + + if [ $? -ne 0 ]; then + printf "%s\n" "${red}Error to import variables.${end}" + exit 1 + fi + + + #After revocation the command send this line + #error 23 at 0 depth lookup:certificate revoked + + #Revoke the certificate and check if the status 23 to the CancellSuccess variable + CancellSuccess=$($EasyRsaDir/revoke-full $username 2> /dev/null | tail -1 | awk '{print $2}') + UserStatus=$(cat $EasyRsaDir/keys/index.txt | grep $username | tail -1 | awk '{ print $1 }' | tr -cd '[:alnum:]') + + #Logical OR in bash script is used with operator -o. + + if [ "$CancellSuccess" -eq 23 -o "$UserStatus" == "R" ]; then + /bin/cp -fbp $EasyRsaDir/keys/crl.pem $OpenVpnDir/keys/crl.pem + #Move the revoved certificate to a direcotory for backup + /bin/mv $EasyRsaDir/keys/$username.crt $EasyRsaDir/revoke-keys/ + /bin/mv $EasyRsaDir/keys/$username.key $EasyRsaDir/revoke-keys/ + /bin/mv $EasyRsaDir/keys/$username.csr $EasyRsaDir/revoke-keys/ + printf "%s\n" "${grn}The user $username was deleted${end}" + else + printf "%s\n" "${red}Error to revoke user $username${end}" + exit 1 + fi +fi \ No newline at end of file From ad46878cc44057cdf4847ecb23ab4f9c2f42f272 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Wed, 2 Sep 2020 10:02:24 -0400 Subject: [PATCH 27/43] update readme to show how delete user --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index f32229c..ab346ed 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,10 @@ sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/reisbel/openvpn-dock ```bash sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/reisbel/openvpn-docker-scripts/master/create_user.sh)" --dump-strings user1 ``` +## Delete user +```bash +sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/dainer88/openvpn-docker-scripts/master/delete_user.sh)" user1 +``` ## References @@ -29,6 +33,9 @@ Outline install script Set Up a VPN Server With Docker In 5 Minutes +Script to delete user + + ## License Apache License - See [LICENSE](LICENSE) for more information. From eb0b8c560976d19e8698153706aa1ac20f26a1b4 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Wed, 2 Sep 2020 10:29:23 -0400 Subject: [PATCH 28/43] update changes to user --- delete_user.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/delete_user.sh b/delete_user.sh index dca83f1..98c434e 100644 --- a/delete_user.sh +++ b/delete_user.sh @@ -13,7 +13,7 @@ else # Remove non-ASCII characters of the paramenter 1, the username export LC_ALL=C - username=$(echo "$1" | tr -cd '[:alnum:]') + username = $1 #$(echo "$1" | tr -cd '[:alnum:]') # easy-rsa directory EasyRsaDir="/etc/openvpn/easy-rsa" From c9c81787762a21b54c091b80f0a11e7a58bf2570 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Wed, 2 Sep 2020 10:31:57 -0400 Subject: [PATCH 29/43] udpate get user in delete script --- delete_user.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/delete_user.sh b/delete_user.sh index 98c434e..061bc9e 100644 --- a/delete_user.sh +++ b/delete_user.sh @@ -13,7 +13,7 @@ else # Remove non-ASCII characters of the paramenter 1, the username export LC_ALL=C - username = $1 #$(echo "$1" | tr -cd '[:alnum:]') + username = echo "$1" #$(echo "$1" | tr -cd '[:alnum:]') # easy-rsa directory EasyRsaDir="/etc/openvpn/easy-rsa" From ae5c1178eed01fb0e05a1482ec0b24cfecc3dc40 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 24 Dec 2020 14:05:27 -0300 Subject: [PATCH 30/43] update name variable in validation --- install_openvpn.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 8a6b01d..7ba215d 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - (($1 == "true" || $1 == "false")) + (("$1" == "true" || "$1" == "false")) } function parse_flags() { @@ -441,4 +441,4 @@ function main() { fi } -main "$@" \ No newline at end of file +main "$@" From 3e7fee01d147d884c889e678c7099550a4c4ccd3 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 24 Dec 2020 18:33:25 -0300 Subject: [PATCH 31/43] update condition to validate bool --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 7ba215d..5f5ade3 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - (("$1" == "true" || "$1" == "false")) + (("$1" == true || "$1" == false)) } function parse_flags() { From 6d3a0013b25c4752a2e4f03d713e61f2a058cfb9 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 09:26:38 -0300 Subject: [PATCH 32/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 5f5ade3..7ba215d 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - (("$1" == true || "$1" == false)) + (("$1" == "true" || "$1" == "false")) } function parse_flags() { From a0df59c296490779d725df96b9e90e9ccb93f0be Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 09:37:12 -0300 Subject: [PATCH 33/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 7ba215d..2a0dfe5 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -398,7 +398,7 @@ function parse_flags() { fi ;; --monitor-enable) - FLAGS_MONITOR_ENABLE=$1 + FLAGS_MONITOR_ENABLE=${1} shift if ! is_valid_bool $FLAGS_MONITOR_ENABLE; then log_error "Invalid value for $flag: $FLAGS_MONITOR_ENABLE" From 838569c3264ffa97142f8029a8cf871e74e47685 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 09:47:14 -0300 Subject: [PATCH 34/43] Update install_openvpn.sh --- install_openvpn.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/install_openvpn.sh b/install_openvpn.sh index 2a0dfe5..1bd8421 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,6 +357,7 @@ function is_valid_port() { } function is_valid_bool() { + print "$1" "true" (("$1" == "true" || "$1" == "false")) } From 31ef6f5f7be0bd5653cb0b239792b493a964fe74 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 09:49:07 -0300 Subject: [PATCH 35/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 1bd8421..1969a26 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - print "$1" "true" + printf "$1" "true" (("$1" == "true" || "$1" == "false")) } From ccb0805d09372d2a88fc53a08cfe23c098b4567d Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 09:55:19 -0300 Subject: [PATCH 36/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 1969a26..16e0624 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - printf "$1" "true" + printf "$1" (("$1" == "true" || "$1" == "false")) } From c6fcca4b094f548adecbd37944a50b67fd6cde8e Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 10:00:33 -0300 Subject: [PATCH 37/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 16e0624..4fc904c 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - printf "$1" + printf "${1}" (("$1" == "true" || "$1" == "false")) } From 4e03d9d99ea8fd405eee0b87adf8ae566384ebf7 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 10:05:41 -0300 Subject: [PATCH 38/43] Update install_openvpn.sh --- install_openvpn.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 4fc904c..b947634 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,8 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - printf "${1}" - (("$1" == "true" || "$1" == "false")) + (("${1}" == "true" || "${1}" == "false")) } function parse_flags() { From 38403650f38fa39799cfa9d5d368c07b8eed13b4 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 10:09:45 -0300 Subject: [PATCH 39/43] Update install_openvpn.sh --- install_openvpn.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/install_openvpn.sh b/install_openvpn.sh index b947634..6d9fb8d 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,6 +357,7 @@ function is_valid_port() { } function is_valid_bool() { + printf $1 'true' (("${1}" == "true" || "${1}" == "false")) } From d653f7c4efbdf3045ffb0e9410204a5fe8ef9627 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 10:10:54 -0300 Subject: [PATCH 40/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 6d9fb8d..cf3fe8c 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -357,7 +357,7 @@ function is_valid_port() { } function is_valid_bool() { - printf $1 'true' + printf "true" (("${1}" == "true" || "${1}" == "false")) } From 13cf42e96c4148d82c3f407cc5b523d0c1ba3423 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Tue, 5 Jan 2021 10:16:33 -0300 Subject: [PATCH 41/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index cf3fe8c..f2f9a42 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -433,7 +433,7 @@ function main() { declare -i FLAGS_API_PORT=1194 declare -i FLAGS_KEYS_PORT=0 declare -i FLAGS_MANAGEMENT_PORT=5555 - declare FLAGS_MONITOR_ENABLE=false + declare FLAGS_MONITOR_ENABLE=true parse_flags "$@" install_openvpn if $FLAGS_MONITOR_ENABLE; then From 587a470dc2894c5e3675aef34b54d2ed6ab5da01 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Thu, 25 Feb 2021 09:41:19 -0300 Subject: [PATCH 42/43] add restart opcion to initialize automatically if restart pc --- install_openvpn.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index 8a6b01d..1ba023f 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -222,7 +222,7 @@ function start_openvpn() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run --name openvpn --network vpn --network-alias openvpn -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run --name openvpn --network vpn --network-alias openvpn --restart unless-stopped -v ${OPEN_VPN_DATA_DIR}:/etc/openvpn -d -p ${API_PORT}:${API_PORT}/udp -p ${MANAGEMENT_PORT}:${MANAGEMENT_PORT} --cap-add=NET_ADMIN ${SB_IMAGE} 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 @@ -234,7 +234,7 @@ function start_openvpn_monitor() { # By itself, local messes up the return code. local readonly STDERR_OUTPUT - STDERR_OUTPUT=$(docker run -d --name openvpn-monitor --network vpn --network-alias openvpn-monitor -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) + STDERR_OUTPUT=$(docker run -d --name openvpn-monitor --network vpn --network-alias openvpn-monitor --restart unless-stopped -e OPENVPNMONITOR_SITES_0_ALIAS=UDP -e OPENVPNMONITOR_SITES_0_HOST=openvpn -e OPENVPNMONITOR_SITES_0_NAME=UDP -e OPENVPNMONITOR_SITES_0_PORT=${MANAGEMENT_PORT} -e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True -e OPENVPNMONITOR_SITES_1_ALIAS=TCP -e OPENVPNMONITOR_SITES_1_HOST=openvpn -e OPENVPNMONITOR_SITES_1_NAME=TCP -e OPENVPNMONITOR_SITES_1_PORT=${MANAGEMENT_PORT} -p 80:80 ruimarinho/openvpn-monitor 2>&1 >/dev/null) local readonly RET=$? if [[ $RET -eq 0 ]]; then return 0 From 58668674b0c3511a430afe6d883a6c422da48ee9 Mon Sep 17 00:00:00 2001 From: Dainer Mesa Date: Sun, 11 Jun 2023 20:44:16 -0400 Subject: [PATCH 43/43] Update install_openvpn.sh --- install_openvpn.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_openvpn.sh b/install_openvpn.sh index f3ad080..d9294d6 100644 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -310,7 +310,7 @@ install_openvpn() { MANAGEMENT_PORT=${SB_MANAGEMENT_PORT:-$(get_random_port)} done - readonly SB_IMAGE=${SB_IMAGE:-kylemanna/openvpn} + readonly SB_IMAGE=${SB_IMAGE:-kylemanna/openvpn:2.4} if [[ -z $PUBLIC_HOSTNAME ]]; then local readonly MSG="Failed to determine the server's IP address."