octoleo
/
openvpn-install
mirror of https://github.com/namibia/openvpn-install.git
1
1
Fork 0
Code Issues Releases Activity

Now using in-line certificates

This commit is contained in:
Nyr 2014-10-23 03:16:09 +02:00
parent 091e487472
commit 2174037768
1 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
openvpn-install.sh
View File

@ -24,16 +24,20 @@ if [[ ! -e /etc/debian_version ]]; then
fi fi
newclient () { newclient () {
# Generates the client config bundle # Generates the client.ovpn
mkdir ~/ovpn-$1 cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/$1.ovpn
cd ~/ovpn-$1 sed -i "/ca ca.crt/d" ~/$1.ovpn
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ./$1.conf sed -i "/cert client.crt/d" ~/$1.ovpn
cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn/easy-rsa/2.0/keys/$1.crt /etc/openvpn/easy-rsa/2.0/keys/$1.key ./ sed -i "/key client.key/d" ~/$1.ovpn
sed -i "s|cert client.crt|cert $1.crt|" $1.conf echo "<ca>" >> ~/$1.ovpn
sed -i "s|key client.key|key $1.key|" $1.conf cat /etc/openvpn/easy-rsa/2.0/keys/ca.crt >> ~/$1.ovpn
tar -czf ../ovpn-$1.tar.gz $1.conf ca.crt $1.crt $1.key echo "</ca>" >> ~/$1.ovpn
cd ~/ echo "<cert>" >> ~/$1.ovpn
rm -rf ovpn-$1 cat /etc/openvpn/easy-rsa/2.0/keys/$1.crt >> ~/$1.ovpn
echo "</cert>" >> ~/$1.ovpn
echo "<key>" >> ~/$1.ovpn
cat /etc/openvpn/easy-rsa/2.0/keys/$1.key >> ~/$1.ovpn
echo "</key>" >> ~/$1.ovpn
} }
@ -71,10 +75,10 @@ if [[ -e /etc/openvpn/server.conf ]]; then
export KEY_CN="$CLIENT" export KEY_CN="$CLIENT"
export EASY_RSA="${EASY_RSA:-.}" export EASY_RSA="${EASY_RSA:-.}"
"$EASY_RSA/pkitool" $CLIENT "$EASY_RSA/pkitool" $CLIENT
# Generate the client config bundle # Generate the client.ovpn
newclient "$CLIENT" newclient "$CLIENT"
echo "" echo ""
echo "Client $CLIENT added, certs available at ~/ovpn-$CLIENT.tar.gz" echo "Client $CLIENT added, certs available at ~/$CLIENT.ovpn"
exit exit
;; ;;
2) 2)
@ -213,11 +217,11 @@ else
# IP/port set on the default client.conf so we can add further users # IP/port set on the default client.conf so we can add further users
# without asking for them # without asking for them
sed -i "s|remote my-server-1 1194|remote $IP $PORT|" /usr/share/doc/openvpn/examples/sample-config-files/client.conf sed -i "s|remote my-server-1 1194|remote $IP $PORT|" /usr/share/doc/openvpn/examples/sample-config-files/client.conf
# Generate the client config bundle # Generate the client.ovpn
newclient "$CLIENT" newclient "$CLIENT"
echo "" echo ""
echo "Finished!" echo "Finished!"
echo "" echo ""
echo "Your client config is available at ~/ovpn-$CLIENT.tar.gz" echo "Your client config is available at ~/$CLIENT.ovpn"
echo "If you want to add more clients, you simply need to run this script another time!" echo "If you want to add more clients, you simply need to run this script another time!"
fi fi