You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
2.2 KiB
76 lines
2.2 KiB
#!/bin/bash
|
|
|
|
if [ -z "$PUBLICIP" ]; then
|
|
echo 'No PUBLICIP, exiting...'
|
|
exit 1
|
|
fi
|
|
|
|
|
|
mkdir -p /dev/net
|
|
if [ ! -e /dev/net/tun ]; then
|
|
mknod /dev/net/tun c 10 200
|
|
fi
|
|
|
|
if [ -z "$DNS_ONLY" ]; then
|
|
DNS_ONLY=n
|
|
fi
|
|
|
|
if [ ! -e /etc/openvpn/server.conf ]; then
|
|
echo "Configuration file not found. Initializing..."
|
|
openvpn-initialize
|
|
fi
|
|
|
|
OPENVPN_CONFIG_FILE=/etc/openvpn/server.conf
|
|
|
|
if [ -z $DNS1 ]; then
|
|
echo "DNS1 env variable not set, setting as deafault Cloudflare's 1.1.1.1"
|
|
DNS1='1.1.1.1'
|
|
sed -i -e 's/"dhcp-option DNS .*"/"dhcp-option DNS '${DNS1}'"/g' ${OPENVPN_CONFIG_FILE}
|
|
else
|
|
|
|
if [[ $DNS1 =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
|
|
echo "The DNS1 address is ${DNS1}"
|
|
sed -i -e 's/"dhcp-option DNS .*"/"dhcp-option DNS '${DNS1}'"/g' ${OPENVPN_CONFIG_FILE}
|
|
else
|
|
if echo "$DNS1" | grep -qP '^[a-z0-9](?!.*--)[a-z0-9-]{1,61}[a-z0-9]$' ; then
|
|
echo "DNS1 name of the container vaild"
|
|
|
|
DNS1=$(host pihole | grep -oE "\b((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b")
|
|
|
|
if [ ! -z "$DNS1" ]; then
|
|
echo "The DNS1 container address is ${DNS1}"
|
|
sed -i -e 's/"dhcp-option DNS .*"/"dhcp-option DNS '${DNS1}'"/g' ${OPENVPN_CONFIG_FILE}
|
|
else
|
|
echo "Impossible to resolve the DNS1 container address, exiting..."
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "DNS1 name of the container not vaild, please try to not use spaces or special characters, exiting..."
|
|
exit 1
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if [[ "$DNS_ONLY" = 'y' ]]; then
|
|
sed -i 's/#push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"/g' ${OPENVPN_CONFIG_FILE}
|
|
else
|
|
sed -i 's/push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"/g' ${OPENVPN_CONFIG_FILE}
|
|
fi
|
|
|
|
|
|
# Get the \"public\" interface from the default route
|
|
NIC=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)
|
|
export NIC
|
|
|
|
# Add iptable rules
|
|
if [[ "$DNS_ONLY" = 'y' ]]; then
|
|
add-openvpn-ipv4-dns-rules
|
|
else
|
|
add-openvpn-ipv4-rules
|
|
fi
|
|
|
|
if [ "$IPV6_SUPPORT" = 'y' ]; then
|
|
add-openvpn-ipv6-rules
|
|
fi
|
|
|
|
exec openvpn --config server.conf
|
|
|