From 025148c245bd2b471b28c781b8d95c2133497ff5 Mon Sep 17 00:00:00 2001 From: randomshell Date: Sun, 3 May 2020 13:26:37 +0000 Subject: [PATCH 1/3] Use openvpn status path from systemd service The new systemd service at `/usr/lib/systemd/system/openvpn-server@.service` that comes with openvpn 2.4 includes the status option in `ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf` Using this default allows to have multiple servers with their own status files and all in the same log directory. Example `/run/openvpn-server/status-server.log` `/run/openvpn-server/status-server2.log` --- openvpn-install.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 34f54d0..818fe3d 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -310,7 +310,6 @@ user nobody group $group_name persist-key persist-tun -status openvpn-status.log verb 3 crl-verify crl.pem" >> /etc/openvpn/server/server.conf if [[ "$protocol" = "udp" ]]; then From da299172df2f07aea38c0431d6f6eba42bafb4c6 Mon Sep 17 00:00:00 2001 From: Nyr Date: Wed, 9 Sep 2020 23:18:31 +0200 Subject: [PATCH 2/3] Update to easy-rsa v3.0.8 --- openvpn-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 2c22d78..379078b 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -229,7 +229,7 @@ LimitNPROC=infinity" > /etc/systemd/system/openvpn-server@server.service.d/disab systemctl enable --now firewalld.service fi # Get easy-rsa - easy_rsa_url='https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.7/EasyRSA-3.0.7.tgz' + easy_rsa_url='https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.8/EasyRSA-3.0.8.tgz' mkdir -p /etc/openvpn/server/easy-rsa/ { wget -qO- "$easy_rsa_url" 2>/dev/null || curl -sL "$easy_rsa_url" ; } | tar xz -C /etc/openvpn/server/easy-rsa/ --strip-components 1 chown -R root:root /etc/openvpn/server/easy-rsa/ From 26e39cf4d783694dd1e770670b5d2a0c61ab9fb2 Mon Sep 17 00:00:00 2001 From: Nyr Date: Wed, 30 Sep 2020 00:06:55 +0200 Subject: [PATCH 3/3] Update AdGuard DNS IP AdGuard changed their DNS IP recently: https://adguard.com/en/blog/adguard-dns-new-addresses.html Thanks @trantuanminh1754 for noticing. --- openvpn-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 379078b..1f0df4e 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -310,8 +310,8 @@ server 10.8.0.0 255.255.255.0" > /etc/openvpn/server/server.conf echo 'push "dhcp-option DNS 149.112.112.112"' >> /etc/openvpn/server/server.conf ;; 6) - echo 'push "dhcp-option DNS 176.103.130.130"' >> /etc/openvpn/server/server.conf - echo 'push "dhcp-option DNS 176.103.130.131"' >> /etc/openvpn/server/server.conf + echo 'push "dhcp-option DNS 94.140.14.14"' >> /etc/openvpn/server/server.conf + echo 'push "dhcp-option DNS 94.140.15.15"' >> /etc/openvpn/server/server.conf ;; esac echo "keepalive 10 120