Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DietPi-Software | OpenVPN: Remove rsyslog dependency and preserve existing configs on reinstall #3016

Merged
merged 10 commits into from
Jul 30, 2019

Conversation

MichaIng
Copy link
Owner

@MichaIng MichaIng commented Jul 28, 2019

Status: Ready

Reference: #3014

Commit list/description:

  • DietPi-Software | OpenVPN: Remove rsyslog dependency
  • DietPi-Software | OpenVPN: Preserve existing configs, instead inform user that config creation, key and cert generation is skipped
  • DietPi-Software | OpenVPN: Fix install on Buster+ and skip non-required libssl1.0.0 install there, due to major update of easy-rsa
  • DietPi-Software | OpenVPN: Use most current easy-rsa form GitHub on all distro versions. The APT package will use outdated methods earlier or later and the binaries are standalone scripts anyway.
  • DietPi-Software | OpenVPN: LibSSL1.0.0 is and was never required on Stretch, LibSSL1.0.2 did well.
  • DietPi-Software | OpenVPN: Rely on default RSA key size, which is 2048 bit currently
  • DietPi-Software | OpenVPN: Create Diffie-Hellman param via easy-rsa as well
  • DietPi-Software | OpenVPN: On reinstall, if a fresh config set is created (no existing config found), do some pre-v6.26 cleanup by removing the obsolete easy-rsa package and dh2048.pem file

+ DietPi-Software | OpenVPN: Remove rsyslog dependency
+ DietPi-Software | OpenVPN: Preserve existing configs, instead inform user that config creation, key and cert generation is skipped
MichaIng added 9 commits July 29, 2019 17:12
+ CHANGELOG | OpenVPN: Rsyslog is not installed anymore together with OpenVPN server
+ DietPi-Software | OpenVPN: Fix easy-rsa usage on Buster+
+ CHANGELOG | OpenVPN: Resolved an issue where install failed on Debian Buster
+ DietPi-Software | OpenVPN: Fix client cert and key location on Buster
+ DietPi-Software | OpenVPN: LibSSL1.0.0 is not required anymore since Buster
+ DietPi-Software | OpenVPN: Use most current easy-rsa form GitHub, which allows us to use the same method on all systems. The APT package will use outdated methods earlier or later and the binaries are standalone scripts anyway.
+ DietPi-Software | OpenVPN: LibSSL1.0.0 is and was never required on Stretch, LibSSL1.0.2 did well.
+ DietPi-Software | OpenVPN: Rely on default RSA key size, which is 2048 bit currently
+ DietPi-Software | OpenVPN: Create Diffie-Hellman param via easy-rsa as well
+ DietPi-Software | OpenVPN: On reinstall, if a fresh config set is created (no existing config found), do some pre-v6.26 cleanup by removing the obsolete easy-rsa package and dh2048.pem file
+ DietPi-Software | Download_Install(): Add support for tgz and tbz2 file endings and use slightly simplified tar extraction option which allows to skip target dir pre-creation but was not available on Jessie
+ DietPi-Software | OpenVPN: Use new "remote-cert-tls" option as replacement for deprecated "ns-cert-type", which as well solves client connection issue with error:
  "VERIFY nsCertType ERROR: CN=DietPi_OpenVPN_Server, require nsCertType=SERVER"
@MichaIng MichaIng merged commit 165c551 into dev Jul 30, 2019
@MichaIng MichaIng deleted the openvpn branch July 30, 2019 21:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant