mirror of
https://github.com/namibia/openvpn-install.git
synced 2024-06-07 05:50:46 +00:00
Merge pull request #84 from Patlol/master
Fixes #8 : Client files not being created in the right folder when using sudo
This commit is contained in:
Angristan
GitHub
commit
8103bd1947
46
openvpn-install.sh
Executable file → Normal file
46
openvpn-install.sh
Executable file → Normal file
|
|
@ -56,21 +56,29 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
newclient () {
|
newclient () {
|
||||||
|
# Where to write the custom client.ovpn?
|
||||||
|
if [ -e /home/$1 ]; then # if $1 is a user name
|
||||||
|
homeDir="/home/$1"
|
||||||
|
elif [ ${SUDO_USER} ]; then # if not, use SUDO_USER
|
||||||
|
homeDir="/home/${SUDO_USER}"
|
||||||
|
else # if not SUDO_USER, use /root
|
||||||
|
homeDir="/root"
|
||||||
|
fi
|
||||||
# Generates the custom client.ovpn
|
# Generates the custom client.ovpn
|
||||||
cp /etc/openvpn/client-template.txt ~/$1.ovpn
|
cp /etc/openvpn/client-template.txt $homeDir/$1.ovpn
|
||||||
echo "<ca>" >> ~/$1.ovpn
|
echo "<ca>" >> $homeDir/$1.ovpn
|
||||||
cat /etc/openvpn/easy-rsa/pki/ca.crt >> ~/$1.ovpn
|
cat /etc/openvpn/easy-rsa/pki/ca.crt >> $homeDir/$1.ovpn
|
||||||
echo "</ca>" >> ~/$1.ovpn
|
echo "</ca>" >> $homeDir/$1.ovpn
|
||||||
echo "<cert>" >> ~/$1.ovpn
|
echo "<cert>" >> $homeDir/$1.ovpn
|
||||||
cat /etc/openvpn/easy-rsa/pki/issued/$1.crt >> ~/$1.ovpn
|
cat /etc/openvpn/easy-rsa/pki/issued/$1.crt >> $homeDir/$1.ovpn
|
||||||
echo "</cert>" >> ~/$1.ovpn
|
echo "</cert>" >> $homeDir/$1.ovpn
|
||||||
echo "<key>" >> ~/$1.ovpn
|
echo "<key>" >> $homeDir/$1.ovpn
|
||||||
cat /etc/openvpn/easy-rsa/pki/private/$1.key >> ~/$1.ovpn
|
cat /etc/openvpn/easy-rsa/pki/private/$1.key >> $homeDir/$1.ovpn
|
||||||
echo "</key>" >> ~/$1.ovpn
|
echo "</key>" >> $homeDir/$1.ovpn
|
||||||
echo "key-direction 1" >> ~/$1.ovpn
|
echo "key-direction 1" >> $homeDir/$1.ovpn
|
||||||
echo "<tls-auth>" >> ~/$1.ovpn
|
echo "<tls-auth>" >> $homeDir/$1.ovpn
|
||||||
cat /etc/openvpn/tls-auth.key >> ~/$1.ovpn
|
cat /etc/openvpn/tls-auth.key >> $homeDir/$1.ovpn
|
||||||
echo "</tls-auth>" >> ~/$1.ovpn
|
echo "</tls-auth>" >> $homeDir/$1.ovpn
|
||||||
}
|
}
|
||||||
|
|
||||||
# Try to get our IP from the system and fallback to the Internet.
|
# Try to get our IP from the system and fallback to the Internet.
|
||||||
|
|
@ -108,7 +116,7 @@ if [[ -e /etc/openvpn/server.conf ]]; then
|
||||||
# Generates the custom client.ovpn
|
# Generates the custom client.ovpn
|
||||||
newclient "$CLIENT"
|
newclient "$CLIENT"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Client $CLIENT added, certs available at ~/$CLIENT.ovpn"
|
echo "Client $CLIENT added, certs available at $homeDir/$CLIENT.ovpn"
|
||||||
exit
|
exit
|
||||||
;;
|
;;
|
||||||
2)
|
2)
|
||||||
|
|
@ -356,7 +364,7 @@ else
|
||||||
echo "Ok, bye !"
|
echo "Ok, bye !"
|
||||||
exit 4
|
exit 4
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$OS" = 'arch' ]]; then
|
if [[ "$OS" = 'arch' ]]; then
|
||||||
# Install rc.local
|
# Install rc.local
|
||||||
echo "[Unit]
|
echo "[Unit]
|
||||||
|
|
@ -375,7 +383,7 @@ WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
|
||||||
echo "#!/bin/bash" > $RCLOCAL
|
echo "#!/bin/bash" > $RCLOCAL
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Install dependencies
|
# Install dependencies
|
||||||
pacman -Syu openvpn iptables openssl wget ca-certificates curl --needed --noconfirm
|
pacman -Syu openvpn iptables openssl wget ca-certificates curl --needed --noconfirm
|
||||||
if [[ "$OS" = 'arch' ]]; then
|
if [[ "$OS" = 'arch' ]]; then
|
||||||
|
|
@ -417,7 +425,7 @@ WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
|
||||||
cp pki/ca.crt pki/private/ca.key dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn
|
cp pki/ca.crt pki/private/ca.key dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn
|
||||||
# Make cert revocation list readable for non-root
|
# Make cert revocation list readable for non-root
|
||||||
chmod 644 /etc/openvpn/crl.pem
|
chmod 644 /etc/openvpn/crl.pem
|
||||||
|
|
||||||
# Generate server.conf
|
# Generate server.conf
|
||||||
echo "port $PORT" > /etc/openvpn/server.conf
|
echo "port $PORT" > /etc/openvpn/server.conf
|
||||||
if [[ "$PROTOCOL" = 'UDP' ]]; then
|
if [[ "$PROTOCOL" = 'UDP' ]]; then
|
||||||
|
|
@ -625,7 +633,7 @@ verb 3" >> /etc/openvpn/client-template.txt
|
||||||
echo ""
|
echo ""
|
||||||
echo "Finished!"
|
echo "Finished!"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Your client config is available at ~/$CLIENT.ovpn"
|
echo "Your client config is available at $homeDir/$CLIENT.ovpn"
|
||||||
echo "If you want to add more clients, you simply need to run this script another time!"
|
echo "If you want to add more clients, you simply need to run this script another time!"
|
||||||
fi
|
fi
|
||||||
exit 0;
|
exit 0;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user