{"id":26910071,"url":"https://github.com/leomoon-studios/openvpn-installer-for-linux","last_synced_at":"2025-07-04T17:10:45.335Z","repository":{"id":118350968,"uuid":"107200619","full_name":"leomoon-studios/openvpn-installer-for-linux","owner":"leomoon-studios","description":"OpenVPN installer written in Bash","archived":false,"fork":false,"pushed_at":"2024-08-03T09:33:01.000Z","size":46,"stargazers_count":11,"open_issues_count":2,"forks_count":6,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-01T13:37:23.189Z","etag":null,"topics":["centos","debian","dns","linux","openvpn-installer","openvpn-server","protocol","security","silent","tls","ubuntu"],"latest_commit_sha":null,"homepage":"https://leomoon.com/downloads/scripts/openvpn-installer-for-linux/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leomoon-studios.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-10-17T01:08:11.000Z","updated_at":"2024-08-03T09:33:05.000Z","dependencies_parsed_at":null,"dependency_job_id":"f66eb4d3-ed0f-428c-9965-f2a13ece5d4a","html_url":"https://github.com/leomoon-studios/openvpn-installer-for-linux","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/leomoon-studios/openvpn-installer-for-linux","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leomoon-studios%2Fopenvpn-installer-for-linux","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leomoon-studios%2Fopenvpn-installer-for-linux/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leomoon-studios%2Fopenvpn-installer-for-linux/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leomoon-studios%2Fopenvpn-installer-for-linux/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leomoon-studios","download_url":"https://codeload.github.com/leomoon-studios/openvpn-installer-for-linux/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leomoon-studios%2Fopenvpn-installer-for-linux/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263585897,"owners_count":23484488,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["centos","debian","dns","linux","openvpn-installer","openvpn-server","protocol","security","silent","tls","ubuntu"],"created_at":"2025-04-01T13:30:51.382Z","updated_at":"2025-07-04T17:10:45.310Z","avatar_url":"https://github.com/leomoon-studios.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenVPN Installer for Linux\n## Introduction\nHaving your own OpenVPN service is very important these days but setting one up can be very tedious!\n\nThis script will setup a secure OpenVPN server on Ubuntu, Debian, CentOS, Fedora and Arch Linux at home or on a VPS.\n\nIt is recommended to use the default encryption settings and only change port, protocol, DNS resolver and domain settings.\n\n## Features\n*   Installs and configures a secure OpenVPN server on\n*   Automatic setup of firewall rules using iptables\n*   Has many customization options\n*   Ability to define a FQDN with OpenVPN\n*   Includes silent and CLI install\n*   Includes silent and CLI management (\u0026ldquo;sudo lmovpn\u0026rdquo;):\n    *   Add a new client\n    *   List active clients\n    *   Revoke existing client\n    *   Debug OpenVPN using journalctl\n    *   Restart OpenVPN service\n    *   Uninstall OpenVPN\n\n## Authors\n*   Amin Babaeipanah\n\n## Limitations\n*   No IPv6 support\n\n## Changelog\n*   3.1.0 2023-08-15:\n    *   Enabled epel for Oracle Linux\n    *   Added retry to curl when getting WANIP\n    *   Added --no-same-owner when extracting easy-rsa\n    *   Added dns lookup if icanhazip fails\n    *   Added support for CentOS 9\n    *   Changed easyrsa from 3.0.7 to 3.1.2 with minor fixes\n    *   Removed unnecessary removal of hardcoded ciphers on Fedora\n    *   Fixed OpenVPN Uninstall option having wrong text\n    *   Fixed OpenVPN Uninstall option only supporting Ubuntu\n*   3.05 2021-09-04:\n    *   Added compatibility with AlmaLinux 8\n    *   Added compatibility with Rocky Linux 8\n    *   Added compatibility with Oracle Linux 8\n    *   Fixed compatibility with RHEL and EPEL\n    *   Minor improvements\n*   3.04 2021-01-13:\n    *   Increased sysctl priority\n    *   Fixed adguard IPs\n    *   Fixed key-direction from tls-crypt\n*   3.03:\n    *   Fixed OpenVPN service path\n    *   Minor fix for OpenVPN Uninstall function\n*   3.02:\n    *   Fixed self-delete\n*   3.01:\n    *   Minor improvements\n    *   Minor bugfixes\n*   3.00:\n    *   Complete rewrite\n    *   Added CLI support with setup customization\n    *   Added silent install with setup customization\n*   2.00:\n    *   Added multi distro support\n    *   Minor improvements\n*   1.58:\n    *   Added auth-nocache to stop password caching of OpenVPN\n    *   Changed deprecated ns-cert-type to --remote-cert-tls\n    *   Removed unnecessary echo command\n*   1.57:\n    *   Minor bugfix\n*   1.56:\n    *   Firewall fix\n*   1.55:\n    *   KEY_NAME will have the same name as client\n    *   KEY_CN will have the same name as client\n    *   Added gateway detection. if not found, google dns will be used\n    *   Automated key generation for both server and user\n    *   Added OpenVPN restart after revoking a license\n    *   Fixed “’link-mtu’ is used inconsistently” warning message\n*   1.54:\n    *   Changed RSA to 2048\n    *   Added tls-auth and SHA256\n    *   Fixed lmvpnd not revoking lics\n    *   Fixed netCard variable\n    *   Updated Windows client URL\n\n## Usage\nDownload it using ```curl``` and make it executable:\n```\ncurl -Ls https://raw.githubusercontent.com/leomoon-studios/openvpn-installer/master/src/openvpn-installer -O ~/openvpn-installer\nchmod +x ~/openvpn-installer\n```\nOR download it using ```wget``` and make it executable:\n\n```\nwget https://raw.githubusercontent.com/leomoon-studios/openvpn-installer/master/src/openvpn-installer -O ~/openvpn-installer\nchmod +x ~/openvpn-installer\n```\nRun it and follow the onscreen instructions:\n```\ncd ~/ \u0026\u0026 sudo ./openvpn-installer\n```\nAfter installation is done, use \u0026ldquo;sudo lmovpn\u0026rdquo; to add new clients and manage your OpenVPN server.\n\n## Silent Install\nYou can also run this script silently with default options. The silent option will use the best encryption settings.\n```\nSILENT=y sudo -E ./openvpn-installer\n```\nSilent install will use the options below:\n*\tPort 1194\n*\tUDP protocol\n*\tGoogle DNS resolver\n*\tno compression\n*\tAES-256-GCM cipher for data channel\n*\tECDSA certificate with prime256v1 curve\n*\tTLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 cipher for control channel\n*\tECDH for Diffie-Hellman key with prime256v1 curve\n*\tSHA-256 for digest algorithm\n*\ttls-crypt for additional security\n\nHere are some examples if you want to install silently with custom options:\n```\n#change PORT to 2432 and PROTOCOL to tcp\nSILENT=y PORT=2432 PROTOCOL=tcp sudo -E ./openvpn-installer\n\n#change PORT to 23423, PROTOCOL to tcp and DNS_TYPE to Cloudflare\nSILENT=y PORT=23423 DNS_TYPE=2 sudo -E ./openvpn-installer\n\n#change DATACIPHER_TYPE to AES-256-CBC and CERT_TYPE to RSA\n#since RSA_TYPE and CONTROLCIPHER_TYPE are not defined,\n#default 2048 bits will be used for RSA_TYPE\n#and TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 will be used for CONTROLCIPHER_TYPE\nSILENT=y DATACIPHER_TYPE=4 CERT_TYPE=2 sudo -E ./openvpn-installer\n```\n\n## Silent Install Switches\n*   SILENT=[y|n]\n*   PORT=[1-65535]\n*   PROTOCOL=[tcp|udp]\n    *   udp (default)\n    *   tcp\n*   DNS_TYPE=[1-11]\n    *   1 = Google (global) (default)\n    *   2 = Cloudflare (global)\n    *   3 = AdGuard DNS (global)\n    *   4 = OpenDNS (global)\n    *   5 = Quad9 (global)\n    *   6 = Quad9 uncensored (global)\n    *   7 = NextDNS (global)\n    *   8 = FDN (France)\n    *   9 = DNS.WATCH (Germany)\n    *   10 = Yandex Basic (Russia)\n    *   11 = Current system resolvers in /etc/resolv.conf\n*   COMPRESSION=[y|n]\n    *   n = No Compression (default)\n    *   y = With Compression (not recommended)\n        *   COMPRESSION_TYPE=[1-3]\n            *   1 = lz4-v2 (default)\n            *   2 = lz4\n            *   3 = lzo\n*   DATACIPHER_TYPE=[1-6]\n    *   1 = AES-256-GCM (default)\n    *   2 = AES-192-GCM\n    *   3 = AES-128-GCM\n    *   4 = AES-256-CBC\n    *   5 = AES-192-CBC\n    *   6 = AES-128-CBC\n*   CERT_TYPE=[1-2]\n    *   1 = ECDSA (default)\n        *   CURVE_TYPE=[1-3]\n            *   1 = prime256v1 (default)\n            *   2 = secp384r1\n            *   3 = secp521r1\n        *   CONTROLCIPHER_TYPE=[1-2]\n            *   1 = TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 (default)\n            *   2 = TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384\n    *   2 = RSA\n        *   RSA_TYPE=[1-3]\n            *   1 = 2048 bits (default)\n            *   2 = 3072 bits\n            *   3 = 4096 bits\n        *   CONTROLCIPHER_TYPE=[1-2]\n            *   1 = TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 (default)\n            *   2 = TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384\n*   DH_TYPE=[1-2]\n    * 1 = ECDH\n        *   DHCURVE_TYPE = [1-3]\n            *   1 = prime256v1 (default)\n            *   2 = secp384r1\n            *   3 = secp521r1\n    * 2 = DH\n        *   DHSIZE_TYPE = [1-3]\n            *   1 = 2048 bits (default)\n            *   2 = 3072 bits\n            *   3 = 4096 bits\n*   HMAC_TYPE[1-3]\n    *   1 = SHA-256 (default)\n    *   2 = SHA-384\n    *   3 = SHA-512\n*   TLS_TYPE[1-2]\n    *   1 = tls-crypt (default)\n    *   2 = tls-auth\n*   DOMAIN=[FQDN-STRING]\n\n\n## Silent Management\nYou can also perform management options silently while using lmovpn. Here are some examples:\n\n```\n#add a new client\nMENU=1 CLIENT=amin PASS=n sudo -E lmovpn\n\n#add multiple clients\nUSERS=(desktop laptop mobile)\nfor i in ${USERS[@]};do\n   MENU=1 CLIENT=$i PASS=n sudo -E lmovpn\ndone\n\n#restart OpenVPN server\nMENU=5 sudo -E lmovpn\n```\n\n## Compatibility\n*   Alma Linux 8\n*   Amazon Linux 2\n*   Arch Linux\n*   CentOS 7\n*   CentOS \u003e= 8\n*   Devian \u003e= 10\n*   Fedora \u003e= 35\n*   Oracle Linux 8\n*   Rocky Linux 8\n*   Ubuntu \u003e= 18.04\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleomoon-studios%2Fopenvpn-installer-for-linux","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleomoon-studios%2Fopenvpn-installer-for-linux","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleomoon-studios%2Fopenvpn-installer-for-linux/lists"}