Update README.md

8 years ago · c3667633ad
parent f8caf92527
commit c3667633ad
1 changed files with 45 additions and 30 deletions
--- a/README.md
+++ b/README.md
@ -1,13 +1,22 @@
 # vpn-install
 Simple PPTP, L2TP/IPsec, OpenVPN installers for fast, user-friendly deployment.

+## Features
+* PPTP, OpenVPN, IPsec VPN support
+* User-friendly installation and configuration process
+* VPN client-side configs and script generating 
+* Backup and uninstallion support
+* Users control (add, check, delete) scripts, autorestarting, iptables automation.
+
 ## Requirements
-Tested only on Ubuntu 16.04. All packages will be installed from Ubuntu repository.
+* Ubuntu (tested on Ubuntu 16.04, Ubuntu 17.04)
+* Debian (tested on Debian 9)
+* CentOS (tested on CentOS 7)

 ## Installation
 Download: `git clone --depth=1 https://github.com/bedefaced/vpn-install.git`

-And then some of (under root or using *sudo*):
+And then some of (under *root* or using *sudo*):
 * `vpn-install/pptp/install.sh`
 * `vpn-install/openvpn/install.sh`
 * `vpn-install/ipsec/install.sh`
@ -25,38 +34,27 @@ Note that PPTP is **NOT** recommended for transmission secret data, because all
 By default (see [pptpd.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/pptp/pptpd.conf.dist) and [env.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/env.sh)) it uses 172.16.0.0/24 subnet.

 ### Files
-* [adduser.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/adduser.sh) - script for user-friendly chap-secrets file editing.
+* [adduser.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/adduser.sh) - script for user-friendly chap-secrets file editing and client-side setup script generating.
 * [autostart.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/autostart.sh) - script for adding cron jobs (iptables restoring after boot and server running state checking).
+* [backup.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/backup.sh) - script for backuping system config files, parameters, services and packages statuses and uninstall script generating.
 * [checkserver.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/checkserver.sh) - script for cron job, which check server running state.
 * [checkuser.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/checkuser.sh) - script for user-friendly chap-secrets file existing user checking.
 * [deluser.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/deluser.sh) - script for user-friendly chap-secrets file existing user removing.
 * [dns.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/dns.sh) - script for user-friendly modifiying of DNS-resolver settings which will be pushed to Windows clients.
-* [env.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/env.sh) - common for all scripts config variables (subnet, ip, config files paths).
+* [env.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/env.sh) - common for all scripts config variables (packet manager, subnet, ip, config files paths).
 * [install.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/install.sh) - main installation script (wizard).
 * [iptables-setup.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/iptables-setup.sh) - iptables configuration script.
 * [options.pptp.dist](https://github.com/bedefaced/vpn-install/blob/master/pptp/options.pptp.dist) - [PPP options](https://ppp.samba.org/pppd.html) template.
 * [pptpd.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/pptp/pptpd.conf.dist) - [PPTPD config](https://www.freebsd.org/cgi/man.cgi?query=pptpd.conf&sektion=5&manpath=FreeBSD+8.0-RELEASE+and+Ports) template.
+* [setup.sh.dist](https://github.com/bedefaced/vpn-install/blob/master/pptp/setup.sh.dist) - client-side connection installer script template.
 * [sysctl.sh](https://github.com/bedefaced/vpn-install/blob/master/pptp/sysctl.sh) - script for set up IP forwarding and disabling some packets due to security reasons (using sysctl).

 ### Client
 **On Linux:**

-Use default Network Manager (if Ubuntu) VPN-connection creation wizard or set it up manually:
-
-`apt-get install pptp`
-
-Create a new file (for example) **/etc/ppp/peers/pptpserver** and add the following lines, replacing name and password with your own values:
-```
-pty "pptp [IP of VPN] --nolaunchpppd"
-name [LOGIN]
-remotename pptp
-noauth
-require-mppe-128
-```
-Add `[LOGIN] * [PASSWORD] *` line to **/etc/ppp/chap-secrets**.
+During VPN server installation (more precisely: during *adding user* procedure) it will generate client-side *setup.sh* script in *%username%* directory. Client-side setup script was tested on Ubuntu 16.04.

-then
-`pppd call pptpserver` and `poff pptpserver` to close connection.
+You can also use Ubuntu standard Network Manager for PPTP VPN connection.

 **On Windows:**

@ -74,16 +72,19 @@ L2TP implementation: xl2tpd.

 By default (see [xl2tpd.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/xl2tpd.conf.dist) and [env.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/env.sh)) it uses 172.18.0.0/24 subnet.

-IKE encryption algorithms: aes256-sha1, aes128-sha1, 3des-sha1. 
-
-See [ipsec.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/ipsec.conf.dist) for more information.
+IKE encryption algorithms: see [ipsec.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/ipsec.conf.dist).

 ### Files
-* [adduser.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/adduser.sh) - script for user-friendly chap-secrets file editing.
+* [adduser.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/adduser.sh) - script for user-friendly chap-secrets file editing and client-side setup script generating.
 * [autostart.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/autostart.sh) - script for adding cron jobs (iptables restoring after boot and server running state checking).
+* [backup.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/backup.sh) - script for backuping system config files, parameters, services and packages statuses and uninstall script generating.
 * [checkserver.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/checkserver.sh) - script for cron job, which check servers running state.
 * [checkuser.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/checkuser.sh) - script for user-friendly chap-secrets file existing user checking.
+* [client-options.xl2tpd.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/client-options.xl2tpd.dist) - client-side ppp connection template.
+* [client-xl2tpd.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/client-xl2tpd.conf.dist) - client-side xl2tpd config template.
+* [connect.sh.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/connect.sh.dist) - client-side connect script template.
 * [deluser.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/deluser.sh) - script for user-friendly chap-secrets file existing user removing.
+* [disconnect.sh.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/disconnect.sh.dist) - client-side disconnect script template.
 * [dns.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/dns.sh) - script for user-friendly modifiying of DNS-resolver settings which will be pushed to Windows clients.
 * [env.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/env.sh) - common for all scripts config variables (subnet, ip, config files paths).
 * [install.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/install.sh) - main installation script (wizard).
@ -91,15 +92,16 @@ See [ipsec.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec
 * [iptables-setup.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/iptables-setup.sh) - iptables configuration script.
 * [options.xl2tpd.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/options.xl2tpd.dist) - [PPP options](https://ppp.samba.org/pppd.html) template.
 * [psk.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/psk.sh) - script for user-friendly creating pre-shared key in [ipsec.secrets](https://linux.die.net/man/5/ipsec.secrets) file.
+* [setup.sh.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/setup.sh.dist) - client-side connection installer script template.
 * [sysctl.sh](https://github.com/bedefaced/vpn-install/blob/master/ipsec/sysctl.sh) - script for set up IP forwarding and disabling some packets due to security reasons (using sysctl).
 * [xl2tpd.conf.dist](https://github.com/bedefaced/vpn-install/blob/master/ipsec/xl2tpd.conf.dist) - [xl2tpd config](https://linux.die.net/man/5/xl2tpd.conf) file template.

 ### Client
 **On Linux:**

-`apt-get install strongswan xl2tpd`
+During VPN server installation (more precisely: during *adding user* procedure) it will generate client-side *setup.sh* script in *%username%* directory with necessary config files and *connect.sh* and *disconnect.sh* scripts. Client-side scripts was tested on Ubuntu 16.04.

-Download config files from server and follow [guide](https://smekkley.wordpress.com/2015/07/25/ipsec-over-l2tp-access-from-arch-linux-with-strongswan-and-xl2tpd/).
+You can also use Ubuntu standard Network Manager for IPsec VPN connection if you install [network-manager-l2tp plugin](https://github.com/nm-l2tp/network-manager-l2tp).

 **On Windows:**

@ -119,7 +121,10 @@ Port 1194 (default).
 ### Files
 * [adduser.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/adduser.sh) - script for user-friendly client config and key+certificate generating.
 * [autostart.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/autostart.sh) - script for adding cron jobs (iptables restoring after boot and server running state checking).
+* [backup.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/backup.sh) - script for backuping system config files, parameters, services and packages statuses and uninstall script generating.
 * [checkserver.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/checkserver.sh) - script for cron job, which check server running state.
+* [checkuser.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/checkuser.sh) - script for user-friendly existing user checking.
+* [deluser.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/deluser.sh) - script for user-friendly existing user removing (certificate revoking).
 * [dns.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/dns.sh) - script for user-friendly modifiying of DNS-resolver settings which will be pushed to Windows clients.
 * [env.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/env.sh) - common for all scripts config variables (subnet, ip, config files paths).
 * [install.sh](https://github.com/bedefaced/vpn-install/blob/master/openvpn/install.sh) - main installation script (wizard).
@ -132,19 +137,29 @@ Port 1194 (default).
 ### Client
 **On Linux:**

+During VPN server installation (more precisely: during *adding user* procedure) it will generate client-side configs in *%username%* directory.
+
+Then simply:
 ```
 apt-get install openvpn
 openvpn --config config.ovpn
 ```

+You can also use Ubuntu standard Network Manager for OpenVPN connection if you install [network-manager-openvpn-gnome plugin](https://askubuntu.com/questions/187511/how-can-i-use-a-ovpn-file-with-network-manager).
+
+
 **On Windows:**

 Download OpenVPV GUI client: [https://openvpn.net/index.php/open-source/downloads.html](https://openvpn.net/index.php/open-source/downloads.html).

 Import config and connect, or run explorer context menu command.

-## TODO
-* more testing
-* support other OSs
-* PPTP Linux client files autogenerating
-* L2TP/IPsec Linux client files autogenerating
+
+## Uninstallation
+
+During installation script will backup config files which are in system and will create uninstall script. So use some of (under *root* or using *sudo*):
+* `vpn-install/pptp/uninstall/uninstall.sh`
+* `vpn-install/openvpn/uninstall/uninstall.sh`
+* `vpn-install/ipsec/uninstall/uninstall.sh`
+
+These "wizards" will uninstall installed packages, restore system config files (which was before installation), remove added iptables  rules and cron jobs.