updated linux build

deploy/data/linux/client/AmneziaVPN.desktop

@@ -0,0 +1,8 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN client
+Comment=AmneziaVPN client
+Exec=bash -c 'export LD_LIBRARY_PATH=/opt/AmneziaVPN/client/lib/ ; AmneziaVPN'
+Icon=AmneziaVPN_Logo.png
+Categories=VPN

deploy/data/linux/client/bin/openvpn/openssl-easyrsa.cnf

@@ -0,0 +1,138 @@
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= $ENV::EASYRSA_PKI	# Where everything is kept
+certs		= $dir			# Where the issued certs are kept
+crl_dir		= $dir			# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+new_certs_dir	= $dir/certs_by_serial	# default place for new certs.
+
+certificate	= $dir/ca.crt	 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/ca.key	# The private key
+RANDFILE	= $dir/.rand		# private random number file
+
+x509_extensions	= basic_exts		# The extensions to add to the cert
+
+# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
+# is designed for will. In return, we get the Issuer attached to CRLs.
+crl_extensions	= crl_ext
+
+default_days	= $ENV::EASYRSA_CERT_EXPIRE	# how long to certify for
+default_crl_days= $ENV::EASYRSA_CRL_DAYS	# how long before next CRL
+default_md	= $ENV::EASYRSA_DIGEST		# use public key default MD
+preserve	= no			# keep passed DN ordering
+
+# This allows to renew certificates which have not been revoked
+unique_subject	= no
+
+# A few different ways of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_anything
+
+# For the 'anything' policy, which defines allowed DN fields
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+name			= optional
+emailAddress		= optional
+
+####################################################################
+# Easy-RSA request handling
+# We key off $DN_MODE to determine how to format the DN
+[ req ]
+default_bits		= $ENV::EASYRSA_KEY_SIZE
+default_keyfile 	= privkey.pem
+default_md		= $ENV::EASYRSA_DIGEST
+distinguished_name	= $ENV::EASYRSA_DN
+x509_extensions		= easyrsa_ca	# The extensions to add to the self signed cert
+
+# A placeholder to handle the $EXTRA_EXTS feature:
+#%EXTRA_EXTS%	# Do NOT remove or change this line as $EXTRA_EXTS support requires it
+
+####################################################################
+# Easy-RSA DN (Subject) handling
+
+# Easy-RSA DN for cn_only support:
+[ cn_only ]
+commonName		= Common Name (eg: your user, host, or server name)
+commonName_max		= 64
+commonName_default	= $ENV::EASYRSA_REQ_CN
+
+# Easy-RSA DN for org support:
+[ org ]
+countryName			= Country Name (2 letter code)
+countryName_default		= $ENV::EASYRSA_REQ_COUNTRY
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= $ENV::EASYRSA_REQ_PROVINCE
+
+localityName			= Locality Name (eg, city)
+localityName_default		= $ENV::EASYRSA_REQ_CITY
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= $ENV::EASYRSA_REQ_ORG
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+organizationalUnitName_default	= $ENV::EASYRSA_REQ_OU
+
+commonName			= Common Name (eg: your user, host, or server name)
+commonName_max			= 64
+commonName_default		= $ENV::EASYRSA_REQ_CN
+
+emailAddress			= Email Address
+emailAddress_default		= $ENV::EASYRSA_REQ_EMAIL
+emailAddress_max		= 64
+
+####################################################################
+# Easy-RSA cert extension handling
+
+# This section is effectively unused as the main script sets extensions
+# dynamically. This core section is left to support the odd usecase where
+# a user calls openssl directly.
+[ basic_exts ]
+basicConstraints	= CA:FALSE
+subjectKeyIdentifier	= hash
+authorityKeyIdentifier	= keyid,issuer:always
+
+# The Easy-RSA CA extensions
+[ easyrsa_ca ]
+
+# PKIX recommendations:
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This could be marked critical, but it's nice to support reading by any
+# broken clients who attempt to do so.
+basicConstraints = CA:true
+
+# Limit key usage to CA tasks. If you really want to use the generated pair as
+# a self-signed cert, comment this out.
+keyUsage = cRLSign, keyCertSign
+
+# nsCertType omitted by default. Let's try to let the deprecated stuff die.
+# nsCertType = sslCA
+
+# CRL extensions.
+[ crl_ext ]
+
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+

deploy/data/linux/client/bin/qt.conf

@@ -0,0 +1,7 @@
+# Generated by linuxdeployqt
+# https://github.com/probonopd/linuxdeployqt/
+[Paths]
+Prefix = ../
+Plugins = plugins
+Imports = qml
+Qml2Imports = qml

deploy/data/linux/client/bin/update-resolv-conf.sh

@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+#
+# Parses DHCP options from openvpn to update resolv.conf
+# To use set as 'up' and 'down' script in your openvpn *.conf:
+# up /etc/openvpn/update-resolv-conf
+# down /etc/openvpn/update-resolv-conf
+#
+# Used snippets of resolvconf script by Thomas Hood <jdthood@yahoo.co.uk>
+# and Chris Hanson
+# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
+# 07/2013 colin@daedrum.net Fixed intet name
+# 05/2006 chlauber@bnc.ch
+#
+# Example envs set from openvpn:
+# foreign_option_1='dhcp-option DNS 193.43.27.132'
+# foreign_option_2='dhcp-option DNS 193.43.27.133'
+# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
+# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'
+
+## The 'type' builtins will look for file in $PATH variable, so we set the
+## PATH below. You might need to directly set the path to 'resolvconf'
+## manually if it still doesn't work, i.e.
+## RESOLVCONF=/usr/sbin/resolvconf
+export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin
+RESOLVCONF=$(type -p resolvconf)
+
+case $script_type in
+
+up)
+  for optionname in ${!foreign_option_*} ; do
+    option="${!optionname}"
+    echo $option
+    part1=$(echo "$option" | cut -d " " -f 1)
+    if [ "$part1" == "dhcp-option" ] ; then
+      part2=$(echo "$option" | cut -d " " -f 2)
+      part3=$(echo "$option" | cut -d " " -f 3)
+      if [ "$part2" == "DNS" ] ; then
+        IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
+      fi
+      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
+        IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
+      fi
+    fi
+  done
+  R=""
+  if [ "$IF_DNS_SEARCH" ]; then
+    R="search "
+    for DS in $IF_DNS_SEARCH ; do
+      R="${R} $DS"
+    done
+  R="${R}
+"
+  fi
+
+  for NS in $IF_DNS_NAMESERVERS ; do
+    R="${R}nameserver $NS
+"
+  done
+  #echo -n "$R" | $RESOLVCONF -x -p -a "${dev}"
+  echo -n "$R" | $RESOLVCONF -x -a "${dev}.inet"
+  ;;
+down)
+  $RESOLVCONF -d "${dev}.inet"
+  ;;
+esac
+
+# Workaround / jm@epiclabs.io 
+# force exit with no errors. Due to an apparent conflict with the Network Manager
+# $RESOLVCONF sometimes exits with error code 6 even though it has performed the
+# action correctly and OpenVPN shuts down.
+exit 0

deploy/data/linux/client/share/applications/AmneziaVPN_build.desktop

@@ -0,0 +1,8 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN client
+Comment=AmneziaVPN client
+Exec=AmneziaVPN
+Icon=AmneziaVPN_Logo.png
+Categories=VPN

deploy/data/linux/post_install.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+APP_NAME=AmneziaVPN
+LOG_FOLDER=/var/log/$APP_NAME
+LOG_FILE="$LOG_FOLDER/post-install.log"
+APP_PATH=/opt/$APP_NAME
+
+if ! test -f $LOG_FOLDER; then
+        sudo mkdir $LOG_FOLDER
+        echo "AmneziaVPN log dir created at /var/log/"
+fi
+
+if ! test -f $LOG_FILE; then
+        touch $LOG_FILE
+        echo "AmneziaVPN log file created at /var/log/AmneziaVPN/post-install.log"
+fi
+
+date > $LOG_FILE
+echo "Script started" >> $LOG_FILE
+sudo killall -9 $APP_NAME 2>> $LOG_FILE
+
+if sudo systemctl is-active --quiet $APP_NAME; then
+	sudo systemctl stop $APP_NAME >> $LOG_FILE
+	sudo systemctl disable $APP_NAME >> $LOG_FILE
+	sudo rm -rf /etc/systemd/system/$APP_NAME.service >> $LOG_FILE
+fi
+
+sudo cp $APP_PATH/service/$APP_NAME.service /etc/systemd/system/ >> $LOG_FILE
+
+sudo ln -s $APP_PATH/client/lib/* /usr/lib/ >> $LOG_FILE
+
+sudo systemctl start $APP_NAME >> $LOG_FILE
+sudo systemctl enable $APP_NAME >> $LOG_FILE
+sudo ln -s $APP_PATH/client/bin/$APP_NAME /usr/sbin/ >> $LOG_FILE
+
+
+echo "user desktop creation loop started" >> $LOG_FILE
+getent passwd {1000..6000} | while IFS=: read -r name password uid gid gecos home shell; do
+        echo "name: $name"
+        if ! test -f /home/$name/.icons; then
+                mkdir /home/$name/.icons/ >> $LOG_FILE
+        fi
+
+        cp -f $APP_PATH/client/share/icons/AmneziaVPN_Logo.png /home/$name/.icons/ >> $LOG_FILE
+        cp $APP_PATH/client/$APP_NAME.desktop /home/$name/Desktop/ >> $LOG_FILE
+
+        sudo chown $name:$name /home/$name/.local/share/gvfs-metadata/home* >> $LOG_FILE
+        sudo -u $name dbus-launch gio set /home/$name/Desktop/AmneziaVPN.desktop "metadata::trusted" yes >> $LOG_FILE
+        sudo chown $name:$name /home/$name/Desktop/AmneziaVPN.desktop >> $LOG_FILE
+done
+echo "user desktop creation loop ended" >> $LOG_FILE
+
+date >> $LOG_FILE
+echo "Service status:" >> $LOG_FILE
+sudo systemctl status $APP_NAME >> $LOG_FILE
+date >> $LOG_FILE
+echo "Script finished" >> $LOG_FILE
+exit 0

deploy/data/linux/post_uninstall.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+APP_NAME=AmneziaVPN
+LOG_FOLDER=/var/log/$APP_NAME
+LOG_FILE="$LOG_FOLDER/post-uninstall.log"
+APP_PATH=/opt/$APP_NAME
+
+if ! test -f $LOG_FILE; then
+	touch $LOG_FILE
+fi
+
+date >> $LOG_FILE
+echo "Uninstall Script started" >> $LOG_FILE
+sudo killall -9 $APP_NAME 2>> $LOG_FILE
+
+ls /opt/AmneziaVPN/client/lib/* | while IFS=: read -r dir; do
+	sudo unlink $dir  >> $LOG_FILE
+done
+
+if sudo systemctl is-active --quiet $APP_NAME; then
+	sudo systemctl stop $APP_NAME >> $LOG_FILE
+fi
+
+if sudo systemctl is-enabled --quiet $APP_NAME; then
+	sudo systemctl disable $APP_NAME >> $LOG_FILE
+fi
+
+if test -f /etc/systemd/system/$APP_NAME.service; then
+	sudo rm -rf /etc/systemd/system/$APP_NAME.service >> $LOG_FILE
+fi
+
+if test -f /usr/bin/$APP_NAME; then
+        sudo rm -rf /usr/sbin/$APP_NAME >> $LOG_FILE
+fi
+
+if test -f $APP_PATH; then
+        sudo rm -rf $APP_PATH >> $LOG_FILE
+fi
+
+if test -f /usr/sbin/$APP_NAME; then
+        sudo rm -rf /usr/sbin/$APP_NAME >> $LOG_FILE
+fi
+
+getent passwd {1000..6000} | while IFS=: read -r name password uid gid gecos home shell; do
+	if test -f /home/$name/Desktop/$APP_NAME\ client.desktop; then
+		sudo rm -rf /home/$name/Desktop/$APP_NAME\ client.desktop >> $LOG_FILE
+	fi
+
+        if test -f /home/$name/Desktop/$APP_NAME.desktop; then
+                sudo rm -rf /home/$name/Desktop/$APP_NAME.desktop >> $LOG_FILE
+        fi
+
+	if test -f /home/$name/.config/$APP_NAME.ORG; then
+		sudo rm -rf /home/$name/.config/$APP_NAME.ORG >> $LOG_FILE
+	fi
+
+	if test -f /home/$name/.local/share/$APP_NAME.ORG; then
+		sudo rm -rf /home/$name/.local/share/$APP_NAME.ORG >> $LOG_FILE
+	fi
+
+	if test -f /home/$name/.local/share/$APP_NAME; then
+                sudo rm -rf /home/$name/.local/share/$APP_NAME >> $LOG_FILE
+        fi
+
+	if test -f /home/$name/.icons/AmneziaVPN_Logo.png; then
+		sudo rm -rf /home/$name/.icons/AmneziaVPN_Logo.png >> $LOG_FILE
+	fi
+done
+
+date >> $LOG_FILE
+echo "Service after uninstall status:" >> $LOG_FILE
+sudo systemctl status $APP_NAME >> $LOG_FILE
+date >> $LOG_FILE
+echo "Script finished" >> $LOG_FILE

deploy/data/linux/service/AmneziaVPN.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=AmneziaVPN Service
+After=network.target
+StartLimitIntervalSec=0
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=1
+ExecStart=/opt/AmneziaVPN/service/bin/AmneziaVPN-service
+
+[Install]
+WantedBy=multi-user.target

deploy/data/linux/service/share/applications/AmneziaVPN_build.desktop

@@ -0,0 +1,7 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN service
+Comment=AmneziaVPN service
+Exec=AmneziaVPN-service
+Categories=VPN