search

Nyr / openvpn-install

OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora
MIT License
19.1k stars 4.9k forks source link

Version check is againt ubuntu 1804, should be 18 #1018

Closed TinCanTech closed 1 year ago

TinCanTech commented 1 year ago

https://github.com/Nyr/openvpn-install/blob/d4ae10ec2530747a1f5d78a7dea9e635a124db6c/openvpn-install.sh#L47

TinCanTech commented 1 year ago

After change to -lt 18 (My version: 20), script completes without error:

Welcome to this OpenVPN road warrior installer!

Which IPv4 address should be used?
     1) 10.1.101.101
     2) ...
IPv4 address [1]: 1

This server is behind NAT. What is the public IPv4 address or hostname?
Public IPv4 address / hostname [a.b.c.d]: 

Which protocol should OpenVPN use?
   1) UDP (recommended)
   2) TCP
Protocol [1]: 

What port should OpenVPN listen to?
Port [1194]: 

Select a DNS server for the clients:
   1) Current system resolvers
   2) Google
   3) 1.1.1.1
   4) OpenDNS
   5) Quad9
   6) AdGuard
DNS server [1]: 

Enter a name for the first client:
Name [client]: 

OpenVPN installation is ready to begin.
Press any key to continue...
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]                                                  
Get:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease [108 kB]                                                
Ign:5 https://www.mirrorservice.org/sites/packages.linuxmint.com/packages ulyana InRelease                               
Hit:6 https://www.mirrorservice.org/sites/packages.linuxmint.com/packages ulyana Release                                 
Hit:7 http://archive.canonical.com/ubuntu focal InRelease                                       
Get:8 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]                       
Hit:3 https://build.openvpn.net/debian/openvpn/stable focal InRelease                
Get:9 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 DEP-11 Metadata [275 kB]
Get:10 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 DEP-11 Metadata [408 kB]
Get:11 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 DEP-11 Metadata [940 B]            
Get:12 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 DEP-11 Metadata [7,972 B]
Get:13 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 DEP-11 Metadata [30.5 kB]       
Get:15 http://security.ubuntu.com/ubuntu focal-security/main amd64 DEP-11 Metadata [60.0 kB]               
Get:16 http://security.ubuntu.com/ubuntu focal-security/universe amd64 DEP-11 Metadata [94.2 kB]
Get:17 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 DEP-11 Metadata [940 B]
Fetched 1,213 kB in 1s (815 kB/s)   
Reading package lists... Done
Reading package lists... Done
Building dependency tree       
Reading state information... Done
ca-certificates is already the newest version (20211016ubuntu0.20.04.1).
openssl is already the newest version (1.1.1f-1ubuntu2.16).
openvpn is already the newest version (2.5.8-focal0).
The following packages were automatically installed and are no longer required:
  linux-headers-5.4.0-135 linux-headers-5.4.0-135-generic linux-image-5.4.0-135-generic linux-modules-5.4.0-135-generic
  linux-modules-extra-5.4.0-135-generic
Use 'apt autoremove' to remove them.
0 to upgrade, 0 to newly install, 0 to remove and 0 not to upgrade.

Notice
------
'init-pki' complete; you may now create a CA or requests.

Your newly created PKI dir is:
* /etc/openvpn/server/easy-rsa/pki

* Using Easy-RSA configuration: 

* IMPORTANT: Easy-RSA 'vars' template file has been created in your new PKI.
             Edit this 'vars' file to customise the settings for your PKI.
             To use a global vars file, use global option --vars=<YOUR_VARS>

* Using x509-types directory: /etc/openvpn/server/easy-rsa/x509-types

* Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020

* Using Easy-RSA configuration: /etc/openvpn/server/easy-rsa/pki/vars
..+++++
.......................+++++

Notice
------
CA creation complete and you may now import and sign cert requests.
Your new CA certificate file for publishing is at:
/etc/openvpn/server/easy-rsa/pki/ca.crt

* Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020

* Using Easy-RSA configuration: /etc/openvpn/server/easy-rsa/pki/vars
Generating a RSA private key
.......................................+++++
............................................................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/9ca80481/temp.e4836406'
-----

Notice
------
Keypair and certificate request completed. Your files are:
req: /etc/openvpn/server/easy-rsa/pki/reqs/server.req
key: /etc/openvpn/server/easy-rsa/pki/private/server.key
Using configuration from /etc/openvpn/server/easy-rsa/pki/9ca80481/temp.f3a5a4f0
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'server'
Certificate is to be certified until Jan 16 04:21:03 2033 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Notice
------
Certificate created at:
* /etc/openvpn/server/easy-rsa/pki/issued/server.crt

Notice
------
Inline file created:
* /etc/openvpn/server/easy-rsa/pki/inline/server.inline

* Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020

* Using Easy-RSA configuration: /etc/openvpn/server/easy-rsa/pki/vars
Generating a RSA private key
......+++++
....................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/c8782a00/temp.8cfd4cc8'
-----

Notice
------
Keypair and certificate request completed. Your files are:
req: /etc/openvpn/server/easy-rsa/pki/reqs/client.req
key: /etc/openvpn/server/easy-rsa/pki/private/client.key
Using configuration from /etc/openvpn/server/easy-rsa/pki/c8782a00/temp.53a575cc
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'client'
Certificate is to be certified until Jan 16 04:21:03 2033 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Notice
------
Certificate created at:
* /etc/openvpn/server/easy-rsa/pki/issued/client.crt

Notice
------
Inline file created:
* /etc/openvpn/server/easy-rsa/pki/inline/client.inline

* Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020

* Using Easy-RSA configuration: /etc/openvpn/server/easy-rsa/pki/vars
Using configuration from /etc/openvpn/server/easy-rsa/pki/d0bae1f8/temp.2972015a

Notice
------
An updated CRL has been created.
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
2023-01-19 04:21:04 WARNING: Using --genkey --secret filename is DEPRECATED.  Use --genkey secret filename instead.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.

Finished!

The client configuration is available in: /root/client.ovpn
New clients can be added by running this script again.
Nyr commented 1 year ago

Sorry, but what is the issue? Version detection seems to work correctly in my Ubuntu 20.04 image.

Can you post the contents of your /etc/os-release file?

TinCanTech commented 1 year ago

Ah, in fact, it is Linux-Mint:

# cat /etc/os-release
NAME="Linux Mint"
VERSION="20 (Ulyana)"
ID=linuxmint
ID_LIKE=ubuntu
PRETTY_NAME="Linux Mint 20"
VERSION_ID="20"
HOME_URL="https://www.linuxmint.com/"
SUPPORT_URL="https://forums.linuxmint.com/"
BUG_REPORT_URL="http://linuxmint-troubleshooting-guide.readthedocs.io/en/latest/"
PRIVACY_POLICY_URL="https://www.linuxmint.com/"
VERSION_CODENAME=ulyana
UBUNTU_CODENAME=focal
Nyr commented 1 year ago

Yeah, Mint is not officially supported as I do not test there.

I guess it works, so of course you can edit the version check as needed.