File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -2715,17 +2715,20 @@ function installOpenVPN() {
27152715
27162716 # Install the latest version of easy-rsa from source, if not already installed.
27172717 if [[ ! -d /etc/openvpn/server/easy-rsa/ ]]; then
2718- run_cmd_fatal "Downloading Easy-RSA v${EASYRSA_VERSION} " curl - fL -- retry 5 - o ~/ easy- rsa.tgz "https:// github.com/ OpenVPN/ easy- rsa/ releases/ download/ v${EASYRSA_VERSION} / EasyRSA- ${EASYRSA_VERSION} .tgz"
2718+ local easy_rsa_archive
2719+ easy_rsa_archive=$(mktemp /tmp/easy-rsa.XXXXXX.tgz) || log_fatal "Failed to create temporary Easy-RSA archive"
2720+
2721+ run_cmd_fatal "Downloading Easy-RSA v${EASYRSA_VERSION} " curl - fL -- retry 5 - o "$easy_rsa_archive " "https:// github.com/ OpenVPN/ easy- rsa/ releases/ download/ v${EASYRSA_VERSION} / EasyRSA- ${EASYRSA_VERSION} .tgz"
27192722 log_info "Verifying Easy-RSA checksum..."
2720- CHECKSUM_OUTPUT=$(echo "${EASYRSA_SHA256} $HOME / easy - rsa.tgz " | sha256 sum - c 2 >& 1 ) || {
2723+ CHECKSUM_OUTPUT=$(echo "${EASYRSA_SHA256} $easy_rsa_archive " | sha256 sum - c 2 >& 1 ) || {
27212724 _log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT "
2722- run_cmd "Cleaning up failed download" rm -f ~/easy-rsa.tgz
2725+ run_cmd "Cleaning up failed download" rm -f " $easy_rsa_archive "
27232726 log_fatal "SHA256 checksum verification failed for easy-rsa download!"
27242727 }
27252728 _log_to_file "[CHECKSUM] $CHECKSUM_OUTPUT "
27262729 run_cmd_fatal "Creating Easy-RSA directory" mkdir -p /etc/openvpn/server/easy-rsa
2727- run_cmd_fatal "Extracting Easy-RSA" tar xzf ~/easy-rsa.tgz --strip-components=1 --no-same-owner --directory /etc/openvpn/server/easy-rsa
2728- run_cmd "Cleaning up archive" rm -f ~/easy-rsa.tgz
2730+ run_cmd_fatal "Extracting Easy-RSA" tar xzf " $easy_rsa_archive " --strip-components=1 --no-same-owner --directory /etc/openvpn/server/easy-rsa
2731+ run_cmd "Cleaning up archive" rm -f " $easy_rsa_archive "
27292732
27302733 cd /etc/openvpn/server/easy-rsa/ || return
27312734 case $CERT_TYPE in
Original file line number Diff line number Diff line change 128128
129129echo " Running OpenVPN install script..."
130130echo " Command: ${INSTALL_CMD[*]} "
131+ echo " Running install with HOME unset to match cloud-init user-data environments"
131132# Run in subshell because the script calls 'exit 0' after generating client config
132133# Capture output to validate logging format, while still displaying it
133134# Use || true to prevent set -e from exiting on failure, then check exit code
134135INSTALL_OUTPUT=" /tmp/install-output.log"
135- (" ${INSTALL_CMD[@]} " 2>&1 | tee " $INSTALL_OUTPUT "
136+ (env -u HOME " ${INSTALL_CMD[@]} " 2>&1 | tee " $INSTALL_OUTPUT "
136137INSTALL_EXIT_CODE=${PIPESTATUS[0]}
137138
138139echo " === Installation complete (exit code: $INSTALL_EXIT_CODE ) ==="
You can’t perform that action at this time.
0 commit comments