search

xhdix / openconnect-installer

Automatically set up an Openconnect/Anyconnect VPN server(ocserv) with Let's Encrypt with just one command in CentOS 8.
The Unlicense
124 stars 35 forks source link

Debian port? #6

Open mfat opened 3 years ago

mfat commented 3 years ago

Can I run this in debian? If no, are you planning a port? Thanks.

xhdix commented 3 years ago

I had it before: https://github.com/xhdix/openconnect-installer/blob/master/alpha/ocserv-debian-letsencrypt.sh

But Debian package updates were very slow: https://tracker.debian.org/pkg/ocserv

So I decided to just support CentOS and reduce the complexity.

However, the installation commands are the same as the above file, and probably only the sed commands are different (and will be like https://github.com/xhdix/openconnect-installer/blob/master/install.sh sed commands). If doing so confuses you, let me know so I can create a temporary script for you.

mfat commented 3 years ago

I'd appreciated if you do, I am no expert with these stuff. Just want a server up and running.

mfat commented 3 years ago

Also got this after installing with the debian script:

root@host:~# systemctl status ocserv.service 
● ocserv.service - OpenConnect SSL VPN server
   Loaded: loaded (/etc/systemd/system/ocserv.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2021-02-16 09:32:12 GMT; 1s ago
     Docs: man:ocserv(8)
  Process: 22097 ExecStart=/usr/sbin/ocserv --foreground --pid-file /var/run/ocserv.pid --config /etc/ocserv/ocserv.conf (code=exited, status=1/FAILURE)
 Main PID: 22097 (code=exited, status=1/FAILURE)

Feb 16 09:32:12 mfat.ir ocserv[22097]: listening (UDP) on [::]:3210...
Feb 16 09:32:12 mfat.ir ocserv[22097]: main: initialized ocserv 0.11.6
Feb 16 09:32:12 mfat.ir ocserv[22098]: sec-mod: reading supplemental config from files
Feb 16 09:32:12 mfat.ir ocserv[22098]: sec-mod: error loading file '/etc/letsencrypt/live//privkey.pem'
Feb 16 09:32:12 mfat.ir ocserv[22098]: GnuTLS error (at sec-mod.c:691): Error while reading file.
Feb 16 09:32:12 mfat.ir ocserv[22097]: main: tlslib.c:731: error loading file '/etc/letsencrypt/live//fullchain.pem'
Feb 16 09:32:12 mfat.ir ocserv[22097]: main: tlslib.c:870: error loading the certificate or key file
Feb 16 09:32:12 mfat.ir systemd[1]: ocserv.service: Main process exited, code=exited, status=1/FAILURE
Feb 16 09:32:12 mfat.ir systemd[1]: ocserv.service: Unit entered failed state.
Feb 16 09:32:12 mfat.ir systemd[1]: ocserv.service: Failed with result 'exit-code'.
xhdix commented 3 years ago

I hope new commit will fix that problem: https://github.com/xhdix/openconnect-installer/blob/master/alpha/ocserv-debian-letsencrypt.sh (Not tested yet)