Support setupVars for pivpnNET, subnetClass and ALLOWED_IPS via unattended setup

[DerDanilo]

Support setupVars for pivpnNET, subnetClass and ALLOWED_IPS via unattended setup.

• OpenVPN --> pivpnNET and subnetClass
• Wireguard --> pivpnNET, subnetClass and ALLOWED_IPS

Fix part of #1273

[DerDanilo]

I am not completely sure that it's early enough to define subnetClass in the function installPiVPN() since I removed it from the top of the script to have it at the actual place were it can be defined. This makes the check easier if it was pre-defined without the need to add another var.

	# Allow custom subnetClass via unattend setupVARs file. Use default if not provided.
	if [ -z "$subnetClass" ]; then
		subnetClass="24"
	fi

Update: According to travis it seems fine.

[orazioedoardo]

Can't test the pull request(s) however I can tell that these lines are used to set the static IP settings when using unattended on Raspbian.

[DerDanilo]

Can't text the pull request(s) however I can tell that these lines are used to set the static IP settings when using unattended on Raspbian.

What does "Can't text the..." mean?

Are those vars required when setting up wireguard VPN or not? I went through the code and checked all references. They only seem to be required in connection with OpenVPN. So not needed with Wireguard.

[orazioedoardo]

What does "Can't text the..." mean?

Test, actually.

Are those vars required when setting up wireguard VPN or not? I went through the code and checked all references. They only seem to be required in connection with OpenVPN. So not needed with Wireguard.

Look at this function.

[DerDanilo]

Thanks. I checked this function before and could not see why those values should be required by wireguard.

The genegrated setupVars.conf file does not contain them either. If I understand the reconfigure=false flag correctly the script should fail if those vars are required.

I can remove the commit regarding those vars. But I'd like to keep the example files correct if possible.

If I understand those vars correctly they allow to specify the local subnet, including mask and the default gw that the VPN server should use itself? DHCP is not required for Wireguard at all, that is why I am asking.

root@v:~# cat /etc/pivpn/wireguard/setupVars.conf
PLAT=Debian
OSCN=buster
USING_UFW=0
IPv4dev=eth0
install_user=wgadmin
install_home=/home/wgadmin
VPN=wireguard
pivpnPORT=1194
pivpnMTU=1280
pivpnDNS1=192.168.25.248
pivpnDNS2=192.168.25.249
pivpnHOST=v.mydomain.com
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=1
pivpnPROTO=udp
pivpnDEV=wg0
pivpnNET=10.10.0.0
subnetClass=24
ALLOWED_IPS="10.10.0.0/24, 192.168.25.0/24"
UNATTUPG=1
INSTALLED_PACKAGES=(iptables-persistent qrencode qrencode iptables-persistent qrencode)

[orazioedoardo]

The genegrated setupVars.conf file does not contain them either.

Because you tested the script on Debian, it does on Raspian.

If I understand those vars correctly they allow to specify the local subnet, including mask and the default gw that the VPN server should use itself?

Yes

Switch target branch to test please.

[DerDanilo]

Because you tested the script on Debian, it does on Raspian.

So if one should use those vars we can leave them in the example file. Maybe we should extend the documentation and explain what those vars are for.

Switch target branch to test please.

Done

[DerDanilo]

How do we get this merged now? In my test installations it was working fine.

[coolapso]

Please resolve the conflicts on your base branch please, seems to be related with the merge of one of your merge requests.

[DerDanilo]

Please resolve the conflicts on your base branch please, seems to be related with the merge of one of your merge requests.

Apparently it was caused by the other merge request I pushed. Will check this soon and get it fixed.

[DerDanilo]

Sorry for the delay. Was busy and then forgot about it. Hope it's fine now and can get merged soon.