MySpace/Docs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Place OpenVPN Server config in the server folder

Browse Source
This commit is contained in:
Johan 2025-06-10 12:57:25 +02:00
parent f35d41bc3a
commit a1a329738f
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
BashScripts/install-openvpn-server.sh
View File

@ -61,7 +61,7 @@ if ufw status | grep -q "Status: active"; then
systemctl restart ufw systemctl restart ufw
fi fi
if [ ! -f /etc/openvpn/myserver.conf ] || [[ " $@ " == *" --force "* ]]; then if [ ! -f /etc/openvpn/server/myserver.conf ] || [[ " $@ " == *" --force "* ]]; then
read -n 1 -p "Do you want to use username and password for login (y/N)? " answer read -n 1 -p "Do you want to use username and password for login (y/N)? " answer
if [[ ! -z "$answer" && "${answer^^}"=="Y" ]]; then if [[ ! -z "$answer" && "${answer^^}"=="Y" ]]; then
EXTRA_CONFIG=$(cat <<-END EXTRA_CONFIG=$(cat <<-END
@ -74,16 +74,16 @@ END
) )
fi fi
tee /etc/openvpn/myserver.conf > /dev/null <<EOL tee /etc/openvpn/server/myserver.conf > /dev/null <<EOL
#public-host $VPN_PUBLIC_HOST #public-host $VPN_PUBLIC_HOST
port $VPN_PUBLIC_PORT port $VPN_PUBLIC_PORT
proto udp proto udp
dev tun dev tun
ca ca.crt ca ../ca.crt
cert myservername.crt cert ../myservername.crt
key myservername.key key ../myservername.key
dh dh.pem dh ../dh.pem
server $VPN_SUBNET.0 255.255.255.0 nopool server $VPN_SUBNET.0 255.255.255.0 nopool
ifconfig-pool-persist /var/log/openvpn/ipp.txt ifconfig-pool-persist /var/log/openvpn/ipp.txt
@ -95,7 +95,7 @@ push "route $LAN_SUBNET.0 255.255.255.0"
$EXTRA_CONFIG $EXTRA_CONFIG
keepalive 10 120 keepalive 10 120
tls-auth ta.key 0 tls-auth ../ta.key 0
cipher AES-256-CBC cipher AES-256-CBC
persist-key persist-key
persist-tun persist-tun
@ -134,16 +134,16 @@ for i in {1..255}; do
break break
fi fi
done done
VPN_SUBNET=$(grep -E '^server ' "/etc/openvpn/myserver.conf" | awk '{print $2}') VPN_SUBNET=$(grep -E '^server ' "/etc/openvpn/server/myserver.conf" | awk '{print $2}')
VPN_PUBLIC_HOST=$(grep -E '^#public-host ' "/etc/openvpn/myserver.conf" | awk '{print $2}') VPN_PUBLIC_HOST=$(grep -E '^#public-host ' "/etc/openvpn/server/myserver.conf" | awk '{print $2}')
VPN_PUBLIC_PORT=$(grep -E '^port ' "/etc/openvpn/myserver.conf" | awk '{print $2}') VPN_PUBLIC_PORT=$(grep -E '^port ' "/etc/openvpn/server/myserver.conf" | awk '{print $2}')
echo "Adding VPN client to $VPN_PUBLIC_HOST:$VPN_PUBLIC_PORT" echo "Adding VPN client to $VPN_PUBLIC_HOST:$VPN_PUBLIC_PORT"
read -e -p "Enter client name: " -i "$CLIENT_NAME" CLIENT_NAME read -e -p "Enter client name: " -i "$CLIENT_NAME" CLIENT_NAME
if [ -f "/etc/openvpn/easy-rsa/pki/issued/$CLIENT_NAME.crt" ]; then if [ -f "/etc/openvpn/easy-rsa/pki/issued/$CLIENT_NAME.crt" ]; then
echo Client $CLIENT_NAME already exists... echo Client $CLIENT_NAME already exists...
exit 1 exit 1
fi fi
if grep -q "^auth-user-pass-verify" "/etc/openvpn/myserver.conf"; then if grep -q "^auth-user-pass-verify" "/etc/openvpn/server/myserver.conf"; then
read -e -p "Enter username: " -i "$CLIENT_NAME" CLIENT_USERNAME read -e -p "Enter username: " -i "$CLIENT_NAME" CLIENT_USERNAME
if grep -i -q "^$CLIENT_USERNAME" "/etc/openvpn/credentials"; then if grep -i -q "^$CLIENT_USERNAME" "/etc/openvpn/credentials"; then
echo "Username $CLIENT_USERNAME already exists" echo "Username $CLIENT_USERNAME already exists"