rm vpn and admin menu and moved them to debs.

install/Debian/Debian-Wheezy-PBX-PKG-Install-new.sh

@@ -81,12 +81,8 @@ database_name=
 # (Default: fusionpbx)
 database_user_name=
 
-#-------------------------------------------------------------------------------
-#                                (UNDER DEVEL)
-#-------------------------------------------------------------------------------
-#Future Options not yet implamented,
-#Install new admin shell menu & openvpn scripts.
-install_admin_menu=n
+#Enable pbx admin shell menu
+enable_admin_menu=y
 
 #<------Stop Options Edit Here-------->
 ###############################################################################
@@ -706,1234 +702,16 @@ cat << DELIM
 
                          Please reboot your system
 DELIM
-
-fi
-
-# Installing OpenVPN config scripts
-#confgen
-/bin/cat > "/usr/bin/confgen" <<DELIM
-#!/bin/bash
-#########################################################################
-##### Openvpn Confgen ##                        ##  2010may07 v0.1  #####
-#########################################################################
-##### released as public domain. ##        ##  thanks to Bushmills  #####
-#########################################################################
-#####                 by krzee @ Freenode #OpenVPN                  #####
-#####       Just run ./confgen            chmod +x all 3 files      #####
-#####                                                               #####
-# This is a bash script To help you generate configuration files    #####
-# for some of the most commonly desired vpn setups. You can setup   #####
-# lans behind server / clients, or redirect client internet through #####
-# the server							    #####
-# Todo                                                              #####
-# -Allow multiple lans behind each node                             #####
-# -I should ask if each client should have internet redirected.     #####
-#  currently it is all or none                                      #####
-# -I will also generate certificates, performing the role of CA     #####
-#  server                                                           #####
-#####                                                               #####
-#########################################################################
-
-shopt -s nocasematch
-valid_ip()
-{
-  local  ip=$1
-  stat=4
-  if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
-     ip=(${ip//./ })
-     for i in {0..3}; do
-        ((stat -= ip[i]<256))
-     done
-  fi
-  return $((stat&&1))
-}
-
-cat << EOF
-YOU MUST USE 2.1.x FOR THESE CONFIGS
-PRESS ENTER FOR DEFAULT
-EOF
-while : ;do
-
-cat << EOF
-What IP does this server listen to for OpenVPN connections?
-LAN IP if behind a NAT (like a dsl/cablemodem router)
-Default is it runs on all ips (0.0.0.0)
-EOF
-c="0" ; z="0" ; y="0"
-read LISTENIP
-: ${LISTENIP:=0.0.0.0}
-valid_ip ${LISTENIP} && break
-done
-arg[c++]="-L"
-arg[c++]="${LISTENIP}"
-
-while [ -z "${SERVERIP}" ] ;do
-  cat <<EOF
-What Hostname or IP do clients use to reach the server?
-If server is on dynamic IP get a dyndns and enter that here
-EOF
-  read SERVERIP
-done
-carg[z++]="-S"
-carg[z++]="${SERVERIP}"
-
-while ! ((SERVERPORT > 0 && SERVERPORT < 65536)) ;do
-  echo
-  echo "what port does this server listen on?"
-  echo "Default = 1194"
-  read SERVERPORT
-  : ${SERVERPORT:=1194}
-done
-arg[c++]="-p"
-arg[c++]="${SERVERPORT}"
-carg[z++]="-p"
-carg[z++]="${SERVERPORT}"
-
-echo
-echo "What protocol will you tunnel over? Use UDP if possible!"
-echo "Default is udp"
-while : ;do
-echo "(udp/tcp)"
-read PROTO
-case "${PROTO}" in
-  udp) break
-  ;;
-  tcp) break
-  ;;
-   "") PROTO=udp ; break
-  ;;
-esac
-done
-arg[c++]="-P"
-arg[c++]="${PROTO}"
-carg[z++]="-P"
-carg[z++]="${PROTO}"
-
-echo
-echo "Is the server running on windows?"
-while : ;do 
-read -p "(y/n) " job
-case "${job}" in
-  y) SERVERWINDOWS="1"
-     while [ -z "${SKEYDIR}" ] ;do
-       echo
-       echo "What is the full path to the directory the server will keep its keys in?"
-       read -rp "ie: C:\\Program Files\\OpenVPN\\config\\keys
-    " SKEYDIR
-     done
-     SKEYDIR=`echo "${SKEYDIR}" |sed -e 's,\\\\,\\\\\\\\,g'`
-     arg[c++]="-K"
-     arg[c++]="\"${SKEYDIR}\""
-     echo
-     echo "Remember to disable windows firewall on TAP adapter, and during testing disable it all together"
-     break
-  ;;
-  n) while [ -z "${SKEYDIR}" ] ;do
-       echo
-       echo "What is the full path to the directory the server will keep its keys in?"
-       echo "ie: /etc/openvpn/server/keys"
-       read SKEYDIR
-     done
-     arg[c++]="-K"
-     arg[c++]="\"${SKEYDIR}\""
-     while [ -z "${vpnuser}" ] ;do
-       echo
-       echo "What user do you want to drop privileges to after startup?"
-       echo "You must still start OpenVPN as root! After it does what it needs as root it will drop permissions to this"
-       read vpnuser
-     done
-     arg[c++]="-U"
-     arg[c++]="${vpnuser}"
-     while [ -z "${vpngroup}" ] ;do
-       echo
-       echo "What group do you want to drop privileges to after startup?"
-       read vpngroup
-     done
-     arg[c++]="-G"
-     arg[c++]="${vpngroup}"
-     break
-  ;;
-esac
-done
-
-while [ -z "${VPNSUBNET}" ] ;do
-echo
-echo "What subnet will the VPN hand out? ie: 10.8.1.0 255.255.255.0"
-echo "Make sure it is different than any LAN the server or any client are on"
-echo "Default: 10.8.1.0 255.255.255.0"
-read VPNSUBNET
-: ${VPNSUBNET:="10.8.1.0 255.255.255.0"}
-if ((  $(wc -w <<< "$VPNSUBNET") != 2 )); then unset VPNSUBNET ; continue; fi
-read -r VPNNET VPNNETMASK <<< "${VPNSUBNET}"
-valid_ip ${VPNNET} || unset VPNSUBNET
-valid_ip ${VPNNETMASK} || unset VPNSUBNET
-done
-arg[c++]="-V"
-arg[c++]="${VPNSUBNET}"
-
-cat << EOF
-
-Should client to client traffic stay within the OpenVPN server process and not hit the kernel?
-Yes will route traffic from 1 client to another inside the Openvpn server process instead of the OS knowing about it
-No will allow you to firewall client to client traffic
-Default: yes
-EOF
-while : ;do
-read -p "(y/n) " job
-case "$job" in
-  y) arg[c++]="-C"
-     break
-  ;;
-  n) break
-  ;;
-  "") arg[c++]="-C"
-     break
-  ;;
-esac
-done
-
-echo
-default=5
-echo "What verbosity for logfiles?"
-echo "5 for debugging, 3 for normal usage"
-echo "Default: $default"
-while : ;do
-read -rp "(1-9)" VERB
-case "${VERB}" in
-  [1-9]) break
-  ;;
-  "") VERB=$default
-      break
-  ;;
-esac
-done
-arg[c++]="-v"
-arg[c++]="${VERB}"
-carg[z++]="-v"
-carg[z++]="${VERB}"
-
-echo
-echo "Will the server share its LAN with the VPN?"
-echo "Default: no"
-while : ;do
-read -rp "(y/n)" job
-case "${job}" in
-  y) while [ -z "${SERVERLAN}" ] ;do
-     echo
-     echo "What is the LAN subnet?"
-     echo "Make sure this lan is uncommon if you have traveling clients"
-     echo "ie: 192.168.20.0 255.255.255.0"
-     read SERVERLAN
-     if ((  $(wc -w <<< "$SERVERLAN") != 2 )); then unset SERVERLAN ; continue; fi
-
-     while read -r SERVERNET SERVERNETMASK; do
-       valid_ip ${SERVERNET} || unset SERVERLAN
-       valid_ip ${SERVERNETMASK} || unset SERVERLAN
-     done <<< "${SERVERLAN}"
-
-     done
-     arg[c++]="-l"
-     arg[c++]="${SERVERLAN}"
-     break
-  ;;
-  n) break
-  ;;
- "") break
-  ;;
-esac
-done
-
-echo
-echo "Enable Compression?"
-echo "OpenVPN must be compiled with compression to enable this"
-echo "Default: yes"
-while : ;do
-read -p "(y/n) " job
-case "${job}" in
-  y) arg[c++]="-Z"
-     carg[z++]="-Z"
-     break
-  ;;
-  n) break
-  ;;
- "") arg[c++]="-Z"
-     carg[z++]="-Z"
-     break
-  ;;
-esac
-done
-
-echo
-echo "Do you want clients to send all their internet traffic through the server?"
-echo "Default: no"
-while : ;do
-read -p "(y/n) " job
-case "${job}" in
-  y) arg[c++]="-R"
-     echo
-     echo "Be sure to setup NAT for $VPNSUBNET" 
-     [ -z "${SERVERWINDOWS}" ] &&
-     echo "Linux ie: iptables -t nat -A POSTROUTING -s ${VPNNET}/${VPNNETMASK} -o eth0 -j MASQUERADE" ||
-     echo "See: http://www.windowsnetworking.com/articles_tutorials/NAT_Windows_2003_Setup_Configuration.html"
-     echo
-     echo "Be sure to enable IP forwarding on the server"
-     [ -z "${SERVERWINDOWS}" ] &&
-     (echo "Linux: net.ipv4.ip_forward = 1 in sysctl.conf"; echo "FBSD: gateway_enable="YES" in /etc/rc.conf") || 
-     echo "See: http://support.microsoft.com/kb/315236"
-     break
-  ;; 
-  n) break
-  ;;
- "") break
-  ;;
-esac
-done
-
-getccd()
-{
-if [ -z "${CCD}" ] ;then
-  while [ -z "${CCD}" ] ;do
-   cat << EOF
-
-   You have a client with a LAN behind it, you will need to enable ccd entries on the server
-   this uses client-config-dir to add per-client entries in to server.conf
-   What is the full path to the directory you want your ccd entries in?
-   Remember that the server needs read access to this directory while running.
-EOF
-   if [ -n "${SERVERWINDOWS}" ] ;then
-      read -rp "ie: C:\\Program Files\\OpenVPN\\config\\ccd
-    " CCD
-      CCD=`echo "$CCD"|sed -e 's,\\\\,\\\\\\\\,g'`
-   else
-      read -p "ie: /etc/openvpn/server/ccd" CCD
-   fi
-  done
-  arg[c++]="-D"
-  arg[c++]="\"$CCD\""
-  mkdir ccd
-fi
-}
-
-echo
-echo "Do you have a client with a LAN behind it which should be able to access the VPN?"
-echo "Default: no"
-while : ;do
-read -p "(y/n) " job
-case "${job}" in
-  y) getccd
-     while [ -z "${CN}" ] ;do
-       echo
-       read -rp "what is the EXACT common-name of the client whose LAN you want to route over? " CN
-     done
-     while [ -z "${CSUBNET}" ] ;do
-       echo
-       echo "what LAN subnet is behind it?"
-       echo "ie: 192.168.10.0 255.255.255.0"
-       read CSUBNET
-       if ((  $(wc -w <<< "$CSUBNET") != 2 )); then unset CSUBNET ; echo "error, enter a NETWORK and NETMASK"; continue; fi
-       read -r CNET CNETMASK <<< "${CSUBNET}"
-       ! valid_ip ${CNET} && echo "$CNET is not a valid IP" && unset CSUBNET
-       ! valid_ip ${CNETMASK} && echo "$CNETMASK is not a valid IP" && unset CSUBNET
-     done
-     CLANCN[y]="${CN}"
-     arg[c++]="-c"
-     arg[c++]="${CLANCN[$y]} ${CSUBNET}"
-     echo "iroute \"${CSUBNET}\"" > ccd/${CLANCN[$y]}
-     echo "make sure you place the file `pwd`/ccd/${CLANCN[y++]} into ${CCD}/ on your server"
-     unset CN CSUBNET 
-     echo
-     echo "Do you have another client with a LAN behind it which should be able to access the VPN?"
-     echo "Default: no"
-     continue
-  ;;
-  n) break
-  ;;
- "") break
-  ;;
-esac
-done
-
-echo
-echo "What is the server's name?"
-echo "I will use this for key/cert/config filenames"
-echo "Default: server"
-read SNAME
-: ${SNAME:="server"}
-arg[c++]="-o"
-[ -n "${SERVERWINDOWS}" ] && arg[c++]="${SNAME}.ovpn" || arg[c++]="${SNAME}.conf"
-echo "Generating Server config"
-./genserver.sh "${arg[@]}"
-zarg=("${carg[@]}")
-makeclient()
-{
-  echo
-  echo "Is $client running on windows?"
-  while : ;do
-  read -rp "(y/n) " job
-  case "${job}" in
-    y) CWIN="1"
-      while [ -z "${CKEYDIR}" ] ;do
-       echo
-       echo "What is the full path to the directory $client will keep its keys in?"
-       read -rp "ie: C:\\Program Files\\OpenVPN\\config\\keys
-   " CKEYDIR
-       CKEYDIR=`echo "${CKEYDIR}" |sed -e 's,\\\\,\\\\\\\\,g'`
-      done
-       carg[z++]="-K"
-       carg[z++]="\"${CKEYDIR}\""
-       unset CKEYDIR
-       echo
-       echo "Remember to disable windows firewall on TAP adapter, and during testing disable it all together"
-       break
-    ;;
-    n) while [ -z "${CKEYDIR}" ] ;do
-       echo
-       echo "What is the full path to the directory $client will keep its keys in?"
-       read -rp "ie: /etc/openvpn/config/keys " CKEYDIR
-       done
-       carg[z++]="-K"
-       carg[z++]="\"${CKEYDIR}\""
-       while [ -z "${vpnuser}" ] ;do
-         echo
-         echo "What user do you want to drop privileges to after startup?"
-         echo "You must still start OpenVPN as root! After it does what it needs as root it will drop permissions to this"
-         read vpnuser
-       done
-       carg[z++]="-U"
-       carg[z++]="${vpnuser}"
-       while [ -z "${vpngroup}" ] ;do
-         echo
-         echo "What group do you want to drop privileges to after startup?"
-         read vpngroup
-       done
-       carg[z++]="-G"
-       carg[z++]="${vpngroup}"
-       unset CKEYDIR vpnuser vpngroup
-       break
-    ;;
-  esac
-  done
-  carg[z++]="-o"
-  [ -n "${CWIN}" ] && carg[z++]="${client}.ovpn" || carg[z++]="${client}.conf"
-  echo "Generating client config for $client"
-  ./genclient.sh "${carg[@]}"
-  carg=("${zarg[@]}")
-}
-
-echo "Generating Client config(s)"
-if [ -n "${CLANCN}" ] ;then
-   for client in ${CLANCN[@]} ;do
-   makeclient
-   done
-   C="1"
 fi
-[ -z "${C}" ] && while [ -z "${client}" ] ;do echo "What is the client common-name?" && read client ;done && makeclient
 
-while : ;do
-echo
-echo "Do you Want to generate another client config?"
-echo "Default: no"
-read -p "(y/n) " job
-case "${job}" in
-  y) unset client
-     while [ -z "${client}" ]; do
-        read -p "What is the client common-name? " client
-     done
-     makeclient
-     continue
-  ;;
-  n) break
-  ;;
- "") break
-  ;;
-esac
-done
-DELIM
-
-#genclient.sh
-/bin/cat > "/usr/bin/genclient.sh" <<DELIM
-#!/bin/bash
-#########################################################################
-##### Openvpn Confgen ##                        ##  2010may07 v0.1  #####
-#########################################################################
-##### released as public domain. ##        ##  thanks to Bushmills  #####
-#########################################################################
-#####                 by krzee @ Freenode #OpenVPN                  #####
-#####       Just run ./confgen            chmod +x all 3 files      #####
-#####                                                               #####
-# This is a bash script To help you generate configuration files for     
-# some of the most commonly desired vpn setups.  You can setup lans      
-# behind server / clients, or redirect client internet through the server
-# Todo                                                                   
-# -Allow multiple lans behind each node                             #####
-# -I should ask if each client should have internet redirected.     #####
-#  currently it is all or none                                      #####
-# -I will also generate certificates, performing the role of CA     #####
-#  server                                                           #####
-#####                                                               #####
-#########################################################################
-
-help()
-{
-  cat <<EOF
-Name:
-     genclient -- This script sets up the OpenVPN client config
-Synopsis:
-     genclient [-Z] [-v verbosity] [-U user] [-G group] [-p port] [-P protocol] [-o outputfile] -S hostname -K keydir
-Options:
-     -h   - Help.  This message!
-     -S   - The hostname or IP of the server
-     -p   - Port of the server
-     -P   - protocol of the server (udp/tcp)
-     -U   - Username to run as (not for windows)
-     -G   - Group to run as (not for windows)
-     -K   - Directory of the clients keys on the client machine.
-            For windows this must be formatted like '"C:\\Program Files\\OpenVPN\\config"'
-            With both single & double quotes and escaped backslashes
-     -v   - Verbosity level. Between 1 and 9 (3 is good for normal, 5 for debug)
-     -Z   - Enable compression (requires lzo compiled in)
-     -o   - Output file for the config
-Example:
-genclient -Z -o krzee.conf -S vpnhost.com -K '"C:\\Program Files\\OpenVPN\\config\\keys"'
-
-  This would configure a client with compression, verbosity of 4, connecting to vpnhost.com on 1194 udp
-It would be set to find its keys in C:\Program Files\OpenVPN\config\keys
-EOF
-  exit 0
-}
-[ -z "$1" ] && help
-unset USER
-while [ -n "$1" ]; do
-case $1 in
-    -h) help;shift 1;;          # function help is called
-    -S) SERVERIP="$2";shift 2;;
-    -p) PORT="$2";shift 2;;
-    -P) PROTO="$2";shift 2;;
-    -U) USER="$2";shift 2;;
-    -G) GROUP="$2";shift 2;;
-    -K) KEYDIR="$2";shift 2;;
-    -v) VERB="$2";shift 2;;
-    -Z) COMPRESS="1";shift 1;;
-    -o) CONFIG="$2";shift 2;;
-    --) shift;break;; # end of options
-    -*) echo "error: no such option $1. -h for help";exit 1;;
-    *)  break;;
-esac
-done
-
-[ -z "${SERVERIP}${KEYDIR}" ] && help     # not sure - was this OR condition? then this is wrong now
-: ${PORT:=1194}
-: ${PROTO:=udp}
-: ${VERB:=4}
-: ${CONFIG:="client.ovpn"}
-CN=${CONFIG%.*}
-
-(cat << EOF
-# If there is ANYTHING in this config which you do not understand, read the openvpn manual
-# Look up the first word in the manual, ie: to learn about the client
-#  Command, look up --client in the man page
-# Made for openvpn 2.1.x
-client
-dev tun
-remote $SERVERIP $PORT $PROTO
-resolv-retry infinite
-nobind
-cd $KEYDIR
-ca ca.crt
-cert ${CN}.crt
-key ${CN}.key
-tls-auth ta.key 1
-persist-key
-persist-tun
-verb $VERB
-EOF
-echo -ne "${USER:+user $USER\n}"
-echo -ne "${GROUP:+group $GROUP\n}"
-echo -ne "${COMPRESS:+comp-lzo\n}"
-) > $CONFIG
-DELIM
-
-#GENSERVER.sh
-/bin/cat > "/usr/bin/genserver.sh" <<DELIM
-#!/bin/bash
-#########################################################################
-##### Openvpn Confgen ##                        ##  2010may07 v0.1  #####
-#########################################################################
-##### released as public domain. ##        ##  thanks to Bushmills  #####
-#########################################################################
-#####                 by krzee @ Freenode #OpenVPN                  #####
-#####       Just run ./confgen            chmod +x all 3 files      #####
-#####                                                               #####
-# This is a bash script To help you generate configuration files for     
-# some of the most commonly desired vpn setups.  You can setup lans      
-# behind server / clients, or redirect client internet through the server
-# Todo                                                                   
-# -Allow multiple lans behind each node                             #####
-# -I should ask if each client should have internet redirected.     #####
-#  currently it is all or none                                      #####
-# -I will also generate certificates, performing the role of CA     #####
-#  server                                                           #####
-#####                                                               #####
-#########################################################################
-
-help()
-{
-  cat <<EOF
-Name:
-     genserver - Script that sets up the OpenVPN server config
-                 You must have openvpn 2.1+ to use this.
-
-Synopsis:
-     genserver [-Z] [-R] [-C] [-v verbosity] [-U user] [-G group] [-p port] [-P protocol] [-o outputfile]
-               [-L ip] [-V network] [-l "network netmask"] [-D ccd_dir [-c "CN network netmask"]] -K keydir
-
-Options:
-     -h   - Help.  This message!
-     -L   - IP to bind to on local interface.  0.0.0.0 if not used.
-     -p   - Port of the server (default=1194)
-     -P   - protocol of the server (udp/tcp, default=udp)
-     -U   - Username to run as (not for windows)
-     -G   - Group to run as (not for windows)
-     -K   - Directory of the servers keys on the server.
-            For windows this must be formatted like: -K '"C:\\Program Files\\OpenVPN\\config"'
-            With both single & double quotes and escaped backslashes
-     -V   - Subnet to use for VPN clients. (default=10.8.1.0)
-     -C   - Use to enable --client-to-client config option
-     -c   - Configures client lan.  Needs the client common-name, network, and network.
-            example: -c "krzee 192.168.5.0 255.255.255.0"
-            this will create ccd entry, and setup routes. REQUIRES -D
-     -l   - Enables routing the Server LAN over the VPN. Must be quoted network netmask.  
-            example: -l "192.168.10.0 255.255.255.0"
-     -R   - Use to enable --push "redirect-gateway def1"
-            This will force client internet through the VPN
-            You must NAT the vpn subnet and enable ip forwarding, both on your server.
-     -v   - Verbosity level. Between 1 and 9 (3 is good for normal, 5 for debug)
-     -Z   - Use to enable compression (requires lzo compiled in)
-     -o   - Output file for the config (default=server.ovpn)
-     -D   - Directory for CCD config files, you need this for lans behind clients and static vpn ips.
-            If you do not use -D you will not have CCD files
-
-Example:
-genclient -Z -C -v 3 -p 1194 -P udp -o server.conf -L 10.0.0.1 -K "/etc/openvpn" -l "10.0.0.0 255.255.255.0" -D "/etc/openvpn/ccd" -c "krzee 192.168.5.0 255.255.255.0" -V 10.8.1.0
-
-  This would configure the server to use compression, enable client-to-client routing inside the server process,
-set the log verbosity to 3, run the server on 1194 udp, setup keys the be in /etc/openvpn/ in the config, 
-configure routing for a server lan of 10.0.0.0/24 and client lan behind krzee with a lan of "192.168.5.0/24,
-and it would use 10.8.1.0/24 for vpn clients.  
-
-genclient -R -Z -L 10.0.0.1 -K '"C:\\Program Files\\OpenVPN\\config"'
-
-  This would configure a server config that would force users to route internet through the server over the vpn.
-Note, you must enable IP forwarding and NAT on your server OS for this to work.
-It would run on port 1194 udp, output to server.ovpn, use a verb of 4, and a vpn subnet of 10.8.1.0/24
-
-EOF
-  exit 1
-}
-[ -z "$1" ] && help
-c=0
-unset SERVERUSER
-while [ -n "$1" ]; do
-case $1 in
-    -h) help;shift 1;;          # function help is called
-    -L) SERVERLISTENIP="$2";shift 2;;
-    -p) SERVERPORT="$2";shift 2;;
-    -P) PROTO="${2}";shift 2;;
-    -U) SERVERUSER="$2";shift 2;;
-    -G) SERVERGROUP="$2";shift 2;;
-    -K) KEYDIR="$2";shift 2;;
-    -V) VPNSUBNET="$2";shift 2;;
-    -C) C2C="1";shift 1;;
-    -v) VERB="$2";shift 2;;
-    -l) SERVERSUBNET="$2";shift 2;;
-    -Z) COMPRESS="1";shift 1;;
-    -R) REDIRECT="1";shift 1;;
-    -o) CONFIG="$2";shift 2;;
-    -c) CLAN[c++]="$2";shift 2;;
-    -D) CCD="$2";shift 2;;
-    --) shift;break;; # end of options
-    -*) echo "error: no such option $1. -h for help";exit 1;;
-    *)  break;;
-esac
-done
-[ -z "$KEYDIR" ] && help
-: ${SERVERPORT:=1194}
-: ${PROTO:="udp"}
-: ${VPNSUBNET:="10.8.1.0"}
-: ${VERB:=4}
-: ${CONFIG:="server.ovpn"}
-CN=${CONFIG%.*}
-[ -z "$CCD" -a -n "$CLAN" ] && (echo "You can not have a client LAN without CCD entries"; help)
-(
-cat << EOF
-# If there is ANYTHING in this config which you do not understand, read the openvpn manual
-# Look up the first word in the manual, ie: to learn about the local
-#  Command, look up --local in the man page
-# Made for openvpn 2.1.x
-port $SERVERPORT
-proto $PROTO
-dev tun
-cd $KEYDIR
-ca ca.crt
-cert ${CN}.crt
-key ${CN}.key
-dh dh2048.pem
-tls-auth ta.key 0
-server $VPNSUBNET
-persist-key
-persist-tun
-topology subnet
-keepalive 10 120
-verb $VERB
-EOF
-echo -ne "${SERVERLISTENIP:+local $SERVERLISTENIP\n}"
-echo -ne "${CCD:+client-config-dir $CCD\n}"
-echo -ne "${SERVERUSER:+user $SERVERUSER\n}"
-echo -ne "${SERVERGROUP:+group $SERVERGROUP\n}"
-echo -ne "${C2C:+client-to-client\n}"
-echo -ne "${COMPRESS:+comp-lzo\n}"
-echo -ne "${REDIRECT:+push \"redirect-gateway def1\"\n}"
-echo -ne "${SERVERSUBNET:+push \"route $SERVERSUBNET\"  # Lan behind server\n}"
-while ((c--)); do
-  read CLANCN CSUBNET <<< "${CLAN[c]}"
-  echo "push \"route $CSUBNET\"  # Lan behind ${CLANCN}"
-  echo "route $CSUBNET  # Lan behind ${CLANCN}" 
-done ) >$CONFIG
-exit 0
-DELIM
-
-#chmod these files to be executable
-for i in confgen genclient.sh genserver.sh ;do chmod +x /usr/bin/${i} ; done
+#Install openvpn & pbx admin menu shell script.
+apt-get -y install --force-yes openvpn-scripts pbx-admin-menu
 
 #Install admin shell menu
-if [[ $install_admin_menu == y ]]; then
-/bin/cat > "/usr/bin/menu.sh" <<DELIM
-#!/bin/bash
-#Date Dec, 1 2013 8:30 EST
-################################################################################
-# The MIT License (MIT)
-#
-# Copyright (c) <2013> Richard Neese <[email protected]>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-################################################################################
-
-# Disacle CTL C (Disable CTL-C so you can not escape the menu)
-#trap "" SIGTSTP
-trap "" 2
-
-# Reassign ctl+d to ctl+_
-stty eof  '^_'
-
-################################################################################
-
-#Base Varitables
-USRBASE="/usr"
-BACKUPDIR="/root/pbx-backup"
-
-#Freeswitch/Fusionpbx Directories
-# Freeswitch logs dir
-FS_LOG="/var/log/freeswitch"
-#freeswitch db/recording/storage/voicemail/fax dir
-FS_LIB="/var/lib/freeswitch"
-FS_DB="/var/lib/freeswitch/db"
-FS_REC="/var/lib/freeswitch/recordings"
-FS_STOR="/var/lib/freeswitch/storage"
-#freeswitch modules dir
-FS_MOD="/$USRBASE/lib/freeswitch/mod"
-#defalt configs dir / grammer / lang / sounds
-FS_DFLT_CONF="/$USRBASE/share/freeswitch/conf"
-FS_GRAM="/$USRBASE/share/freeswitch/grammar"
-FS_LANG="/$USRBASE/share/freeswitch/lang"
-FS_SCRPT="/$USRBASE/share/freeswitch/scripts"
-#Freeswitch Sounds Dir
-FS_SNDS="/$USRBASE/share/freeswitch/sounds"
-#Freeswitch active config files
-FS_ACT_CONF="/etc/freeswitch"
-#WWW directory
-WWW_PATH="$USRBASE/share/nginx/www"
-#WUI Name
-WUI_NAME="fusionpbx"
-#Fusionpbx DB Dir
-FPBX_DB="/var/lib/fusionpbx/db"
-#FusionPBX Scripts Dir (DialPLan Scripts for use with Freeswitch)
-FPBX_SCRPT="/var/lib/fusionpbx/scripts"
-
-################################################################################
-# Set Root Password
-set_root(){
-/usr/bin/passwd
-}
-
-# Set System Time Zone
-set_tz(){
-/usr/sbin/dpkg-reconfigure tzdata
-}
-
-#Networking
-# Wide Area Network Interface
-set_wan(){
-# Configure hostename
-read -r -p "Please set your system hostname (pbx):" HN
-#Configure domain
-read -r -p "Please set your system domainname (mydomain.com):" DN
-# Configure WAN / Primary network interface
-read -r -p "Please  set your system doman IP (Same as the Domain IP ) :" IP
-read -r -p "Please enter the network mask :" NM
-read -r -p "Please enter the network gateway :" GW
-read -r -p "Please enter the primary dns source:" NS1
-read -r -p "Please enter the secondary dns source :" NS2
-cat << EOF > /etc/network/interfaces
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# The primary network interface
-allow-hotplug eth0
-iface eth0 inet static
-      address $IP
-      netmask $NM
-      gateway $GW
-      dns-nameservers $NS1 $NS2
-EOF
-
-cat << EOF > /etc/hosts
-127.0.0.1       localhost $HN
-::1             localhost ip6-localhost ip6-loopback
-fe00::0         ip6-localnet
-ff00::0         ip6-mcastprefix
-ff02::1         ip6-allnodes
-ff02::2         ip6-allrouters
-$IP     $HN.$DN $HN
+if [[ $enable_admin_menu == y ]]; then
+cat << EOF>> /root/.profile
+/usr/bin/pbx-admin-menu.sh
 EOF
-
-cat << EOF > /etc/hostname
-$HN
-EOF
-}
-
-# Local Area Network Interface
-set_lan(){
-# Configure LAN network interface
-read -r -p "Please  set your system doman IP (Same as the Domain IP ) :" IP
-read -r -p "Please enter the network mask :" NM
-read -r -p "Please enter the network gateway :" GW
-
-cat << EOF >> /etc/network/interfaces
-
-# The secondary network interface
-allow-hotplug eth1
-iface eth0 inet static
-        address $IP
-        netmask $NM
-        gateway $GW
-EOF
-}
-
-# Setup Wifi Interface
-set_wlan(){
-# Configure WIFI network interface
-read -r -p "Please set your wireless IP  :" WIP
-read -r -p "Please enter the network mask :" WNM
-read -r -p "Please enter the network gateway :" WGW
-cat << EOF >> /etc/network/interfaces
-
-# The wifi network interface
-allow-hotplug wlan0
-iface wlan0 inet static
-        wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
-        address $WIP
-        netmask $WNM
-        gateway $WGW
-EOF
-
-#configuring wpa security
-read -r -p "Please set your wireless network SSID :" MYSSID
-read -r -p "Please enter your wireless security password :" PHRASE
-cat << EOF >> /etc/wap_supplicant/wpa_supplicant.conf
-network={
-        ssid="$MYSSID"
-        scan_ssid=1
-        key_mgmt=WPA-PSK
-        psk="$PHRASE"
-}
-EOF
-}
-
-# Start/Stop/Restart Web Services
-web_options(){
-while : ;do
-list_web_options
- read -r web
- case "$web" in
- start|stop|restart) break ;;
-  1) web="start" && break ;;
-  2) web="stop" && break ;;
-  3) web="restart" && break ;;
-  4) return ;;
-  *) continue ;;
- esac
-done
-
-/etc/init.d/nginx $web  >/dev/null 2>&1
-/etc/init.d/php5-fpm $web  >/dev/null 2>&1
-}
-
-list_web_options(){
-cat << EOF
-1) start / enable Web Interface
-2) stop /disable Web Interface
-3) restart if non responsive.
-4) Return to main menu
-Choice:
-EOF
-}
-
-# Setup/configure OpenVPN
-set_vpn(){
-while : ;do
-$USRBASE/bin/confgen
-done
-}
-
-# Factory Reset System
-factory_reset(){
-echo "This will wipe and set your system back to factory default"
-echo "it will remove all call detail records / custom conifgs / "
-echo " sounds / recordings / faxes / and reset the gui. "
-while : ;do
-read -p "Are you sure you wish to factory reset you pbx? (y/Y/n/N)"
-case "$REPLY" in
- n|N) break ;;
- y|Y)
-
-# stop system services
-for i in nginx php5-fpm fail2ban freeswitch
-do /etc/init.d/"${i}" stop > /dev/null 2>&1
-done
-
-# remove freeswitch related files
-rm -f "$FS_DB"/* "$FS_LOG"/*.log "$FS_LOG"/freeswitch.xml.fsxml
-rm -rf "$FS_LOG"/xml-cdr/* "$FS_STOR"/fax/* "$FS_REC"/*
-
-rm -rf "$FPBX_SCRPT"/*
-
-#Put Fusionpbx Freeswitch configs into place
-cp -r "$WWW_PATH"/"$WUI_NAME"/resources/install/scripts/* "$FPBX_SCRPT"
-
-#chown freeswitch script files
-chown -R freeswitch:freeswitch "$FPBX_SCRPT"
-
-#Clean out the freeswitch conf dir
-rm -rf "$FS_ACT_CONF"/*
-
-#Put Fusionpbx Freeswitch configs into place
-cp -r "$WWW_PATH"/"$WUI_NAME"/resources/templates/conf/* "$FS_ACT_CONF"
-
-#chown freeswitch  conf files
-chown -R freeswitch:freeswitch "$FS_ACT_CONF"
-
-#fix permissions for "$FS_ACT_CONF" so www-data can write to it
-find "$FS_ACT_CONF" -type f -exec chmod 660 {} +
-find "$FS_ACT_CONF" -type d -exec chmod 770 {} +
-
-# remove fusionpbx db and config files
-
-if [ -f "$FBPX_DB"/fusionpbx.db ] 
-then
-rm -f "$FBPX_DB"/fusionpbx.db
-fi
-
-rm -f "$WWW_PATH"/"$WUI_NAME"/resources/config.php
-
-# reset network interfaces to defaults
-cat << EOF > /etc/network/interfaces
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# The primary network interface
-allow-hotplug eth0
-iface eth0 inet dhcp
-
-EOF
-
-/bin/sed -i /etc/default/freeswitch -e s,'^DAEMON_OPTS=.*','DAEMON_OPTS="-scripts /var/lib/fusionpbx/scripts -rp"',
-
-#Restart Services
-for i in nginx php5-fpm fail2ban freeswitch
-do /etc/init.d/"${i}" start > /dev/null 2>&1
-done
-break ;;
-
-*) echo "Answer must be a y/Y or n/N" ;;
-esac
-done
-}
-
-# Factory Reset Postgresql Database
-drop_db(){
-echo "This will drop the current postgresql database table for the pbx."
-while : ;do
-read -p "Are you sure you wish drop the current postgresql db table? (y/Y/n/N)"
-case "$REPLY" in
- n|N) break ;;
- y|Y)
-
-read -r -p "Please enter the postgresql database name you used at install time : " DBNAME
-/bin/su -l postgres -c "/bin/echo \"DROP DATABASE $DBNAME;\" | /usr/bin/psql"
-break ;;
-
-*) echo "Answer must be a y/Y or n/N" ;;
-esac
-done
-}
-
-# PBX Backup configs/voicemail/personal recordings
-backup_pbx(){
-echo "This will halt the running services and then "
-echo "backup your system to $BACKUPDIR/pbx-backup-$(date +%Y%m%d).tar.bz2"
-echo "and then start the services again"
-while : ;do
-read -p "Are you sure you wish to backup your pbx? (y/Y/n/N)"
-case "$REPLY" in
- n|N) break ;;
- y|Y)
-
-# stop system services
-for i in monit nginx php5-fpm fail2ban freeswitch
-do /etc/init.d/"${i}" stop > /dev/null 2>&1
-done
-
-# Backup system (Fusion config.php and database / freeswitch cdr, voicemail, recordings, configs)
-tar -cjf "$BACKUPDIR"/"pbx-backup-$(date +%Y%m%d).tar.bz2" "$WWW_PATH"/resources/config.php "$FS_DB"/fusionpbx.db \
-	"$FS_LOG"/xml_cdr "$FS_ACT_CONF" "$FS_STOR"
-
-# Restart system services
-for i in monit nginx php5-fpm fail2ban freeswitch
-do /etc/init.d/"${i}" start > /dev/null 2>&1
-done
-break ;;
-
-*) echo "Answer must be a y/Y or n/N" ;;
-esac
-done
-}
-
-# Rotate/Clean logs
-rotate_logs(){
-echo "This will halt the running services and sync the system rotate the logs"
-echo "and then restart the services for the pbx system"
-while : ;do
-read -p "Are you sure you wish to rotate you sysem and freeswitch logs? (y/Y/n/N)"
-case "$REPLY" in
- n|N) break ;;
- y|Y)
-
-# stop system services
-for i in monit nginx php5-fpm fail2ban freeswitch
-do /etc/init.d/"${i}" stop > /dev/null 2>&1
-done
-
-rm -f "$FS_LOG"/*.fsxml "$FS_LOG"/*.log
-
-for i in fail2ban inetutils-syslogd
-do /etc/init.d/"${i}" start > /dev/null 2>&1
-done
-
-/usr/sbin/logrotate -f /etc/logrotate.conf
-rm -f /var/log/*.[0-10] /var/log/*.gz
-
-for i in fail2ban inetutils-syslogd
-do /etc/init.d/"${i}" stop > /dev/null 2>&1
-done
-
-#restart services
-for i in nginx php5-fpm fail2ban freeswitch monit
-do /etc/init.d/"${i}" start  >/dev/null 2>&1
-done
-break ;;
-
-*) echo "Answer must be a y/Y or n/N" ;;
-esac
-done
-}
-
-# System Pkg Upgrade
-upgrade(){
-read -p "Are you sure you wish to update your install (y/Y/n/N) "
-if [[ $REPLY =~ ^[Nn]$ ]]
-then
-return
-else
-if [[ $REPLY =~ ^[Yy]$ ]]
-then
-/usr/bin/apt-get update > /dev/null 2>&1 
-/usr/bin/apt-get upgrade -y --force-yes
-/usr/bin/apt-get autoremove > /dev/null 2>&1
-/usr/bin/apt-get clean > /dev/null 2>&1
-fi
-fi
-}
-
-# Restart Freeswitch
-fs_restart(){
-read -p "Are you sure you wish to restart freeswitch (y/Y/n/N) "
-if [[ $REPLY =~ ^[Nn]$ ]]
-then
-return
-else
-if [[ $REPLY =~ ^[Yy]$ ]]
-then
-/etc/init.d/freeswitch restart  >/dev/null 2>&1
-fi
-fi
-}
-
-#Disable Nat Freeswitch
-config_nat(){
-read -p "Are you sure you wish to enable/disable nat for freeswitch e/E=enable d/D=disable (e/E/d/D) "
-if [[ $REPLY =~ ^[Dd]$ ]]
-then
-/bin/sed -i /etc/default/freeswitch -e s,'^DAEMON_OPTS=.*','DAEMON_OPTS="-scripts /var/lib/fusionpbx/scripts -rp"',
-/bin/echo "init script set to start 'freeswitch -nc -scripts /var/lib/fusionpbx/scripts -rp'"
-/etc/init.d/ssh restart  >/dev/null 2>&1
-else
-if [[ $REPLY =~ ^[Ee]$ ]]
-then
-/bin/sed -i /etc/default/freeswitch -e s,'^DAEMON_OPTS=.*','DAEMON_OPTS="-scripts /var/lib/fusionpbx/scripts -rp -nonat"',
-/bin/echo "init script set to start 'freeswitch -nc -scripts /var/lib/fusionpbx/scripts -rp -nonat'"
-/etc/init.d/ssh restart  >/dev/null 2>&1
-fi
-fi
-}
-
-root_ssh() {
-read -p "Are you sure you wish to enable/disable ssh root login e/E=enable d/D=disable (e/E/d/D) "
-if [[ $REPLY =~ ^[Dd]$ ]]
-then
-/bin/sed -i /etc/ssh/sshd_config -e s,'^#PermitRootLogin no','PermitRootLogin no',
-/bin/echo "init script set to start 'freeswitch -nc -scripts /var/lib/fusionpbx/scripts -rp'"
-/etc/init.d/freeswitch restart  >/dev/null 2>&1
-else
-if [[ $REPLY =~ ^[Ee]$ ]]
-then
-/bin/sed -i /etc/ssh/sshd_config -e s,'^PermitRootLogin no','#PermitRootLogin no',
-/bin/echo "init script set to start 'freeswitch -nc -scripts /var/lib/fusionpbx/scripts -rp -nonat'"
-/etc/init.d/freeswitch restart  >/dev/null 2>&1
-fi
-fi
-}
-
-# Aminastrator Option Menu
-while : ;do
-#Clears Screen & Displays System Info
-/usr/bin/clear
-echo ""
-printf 'System Uptime: '; /usr/bin/uptime
-printf 'HostName/DomainName: '; /bin/hostname
-ip link show "eth0" &> /dev/null 
-printf 'WAN IP: '; ip -f inet addr show dev eth0 | sed -n 's/^ *inet *\([.0-9]*\).*/\1/p'
-ip link show "eth1" &> /dev/null 2>&1
-if [[ $? -eq 0 ]]; then
-	printf 'Lan IP: '; ip -f inet addr show dev eth1 | sed -n 's/^ *inet *\([.0-9]*\).*/\1/p'
-fi
-ip link show "wlan0" &> /dev/null 2>&1
-if [[ $? -eq 0 ]]; then
-	printf 'WLan IP: '; ip -f inet addr show dev wlan0 | sed -n 's/^ *inet *\([.0-9]*\).*/\1/p'
-fi
-echo ""
-#Displays Option Menu
-echo '	PBX Administration Menu:'
-echo ''
-echo '----- Network Configuration -------'
-echo ''
-echo ' w) Configure Wide Area Network (WAN)'
-ip link show "eth1" &> /dev/null 2>&1
-if [[ $? -eq 0 ]]; then
-	echo ' l ) Configure Local Area Network (LAN)'
-fi 
- ip link show "wlan0" &> /dev/null 2>&1
-if [[ $? -eq 0 ]]; then
-	echo ' wl ) Configure Wireless Local Area Network (WLAN)'
-fi 
-echo ''
-echo '-------- VPN Configuration -------'
-echo ""
-echo ' vpn) Configure OpenVPN Connections'
-echo ''
-echo '--------- Maintance ---------------'
-echo ''
-echo ' 1) Set Root Password     2) Configure System Timezone & Time'
-echo ' 3) Web Service Options   4) Freeswitch CLI           5) Restart Freeswitch'
-echo ' 6) Clear & Rotate logs   7) Backup PBX System        8) Factory Reset System'
-echo ' 9) Reboot System         10) Power Off System        11) Disable/Enable nat'
-echo ' 12) Drop to Shell        13) Enable/Disable SSH Root'
-echo ' x) Logout'
-echo ''
-echo '---------Upgrade Options ----------'
-echo ' u) Upgrade'
-echo ''
-if [ -f "$USRBASE"/bin/pg_config ]
-then
-echo '---------Postgresql--Database------'
-echo ''
-echo ' db) Drop Database Table'
-fi
-echo ''
-echo 'Choice:'
-
-# Aminastrator Option Menu Functions
- read -r ans
- case "$ans" in
-  w) set_wan ;;
-  l) set_lan ;;
-  wl) set_wlan ;;
-  vpn) set_vpnvpn ;;
-  1) set_root ;;
-  2) set_tz ;;
-  3) web_options ;;
-  4) /usr/bin/fs_cli ;;
-  5) fs_restart ;;
-  6) rotate_logs ;;
-  7) backup_pbx ;;
-  8) factory_reset ;;
-  9) reboot; kill -HUP "$(pgrep -s 0 -o)" ;;
-  10) poweroff; kill -HUP "$(pgrep -s 0 -o)" ;;
-  11) config_nat ;;
-  12) /bin/bash ;;
-  13) root_ssh ;;
-  x|X) clear; kill -HUP "$(pgrep -s 0 -o)" ;;
-  u|U) upgrade ;;
-  db) drop_db ;;
-  *) echo ' you must select a valid option (one of: w,l,wl,1,2,3,4,5,6,7,8,9,10,11,12,13,x|X,u|U,db) ' && continue ;;
- esac
-done
-DELIM
-
-chmod +x /usr/bin/menu.sh
-
-/bin/cat >> "/etc/profile" <<DELIM
-/usr/bin/debian.menu
-DELIM
 fi
 
 #apt-get cleanup