Patch/openvpn-install
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 4fc5994600 into e58addc2c5

Browse Source
This commit is contained in:
PM 2015-11-30 21:36:55 +00:00
commit 9248da571b
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
openvpn-install.sh
View File

@ -50,6 +50,9 @@ newclient () {
echo "<key>" >> ~/$1.ovpn echo "<key>" >> ~/$1.ovpn
cat /etc/openvpn/easy-rsa/pki/private/$1.key >> ~/$1.ovpn cat /etc/openvpn/easy-rsa/pki/private/$1.key >> ~/$1.ovpn
echo "</key>" >> ~/$1.ovpn echo "</key>" >> ~/$1.ovpn
echo "<tls-auth>" >> ~/$1.ovpn
cat /etc/openvpn/easy-rsa/ta.key >> ~/$1.ovpn
echo "</tls-auth>" >> ~/$1.ovpn
} }
@ -75,7 +78,7 @@ if [[ -e /etc/openvpn/server.conf ]]; then
echo " 4) Exit" echo " 4) Exit"
read -p "Select an option [1-4]: " option read -p "Select an option [1-4]: " option
case $option in case $option in
1) 1)
echo "" echo ""
echo "Tell me a name for the client cert" echo "Tell me a name for the client cert"
echo "Please, use one word only, no special characters" echo "Please, use one word only, no special characters"
@ -123,7 +126,7 @@ if [[ -e /etc/openvpn/server.conf ]]; then
echo "Certificate for client $CLIENT revoked" echo "Certificate for client $CLIENT revoked"
exit exit
;; ;;
3) 3)
echo "" echo ""
read -p "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE read -p "Do you really want to remove OpenVPN? [y/n]: " -e -i n REMOVE
if [[ "$REMOVE" = 'y' ]]; then if [[ "$REMOVE" = 'y' ]]; then
@ -216,8 +219,9 @@ else
./easyrsa build-server-full server nopass ./easyrsa build-server-full server nopass
./easyrsa build-client-full $CLIENT nopass ./easyrsa build-client-full $CLIENT nopass
./easyrsa gen-crl ./easyrsa gen-crl
openvpn --genkey --secret ta.key
# Move the stuff we need # Move the stuff we need
cp pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn cp ta.key pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn
# Generate server.conf # Generate server.conf
echo "port $PORT echo "port $PORT
proto udp proto udp
@ -230,11 +234,12 @@ key server.key
dh dh.pem dh dh.pem
topology subnet topology subnet
server 10.8.0.0 255.255.255.0 server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf ifconfig-pool-persist ipp.txt
tls-auth ta.key 0" > /etc/openvpn/server.conf
echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf
# DNS # DNS
case $DNS in case $DNS in
1) 1)
# Obtain the resolvers from resolv.conf and use them for OpenVPN # Obtain the resolvers from resolv.conf and use them for OpenVPN
grep -v '#' /etc/resolv.conf | grep 'nameserver' | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | while read line; do grep -v '#' /etc/resolv.conf | grep 'nameserver' | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | while read line; do
echo "push \"dhcp-option DNS $line\"" >> /etc/openvpn/server.conf echo "push \"dhcp-option DNS $line\"" >> /etc/openvpn/server.conf
@ -244,18 +249,18 @@ ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf
echo 'push "dhcp-option DNS 208.67.222.222"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 208.67.222.222"' >> /etc/openvpn/server.conf
echo 'push "dhcp-option DNS 208.67.220.220"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 208.67.220.220"' >> /etc/openvpn/server.conf
;; ;;
3) 3)
echo 'push "dhcp-option DNS 4.2.2.2"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 4.2.2.2"' >> /etc/openvpn/server.conf
echo 'push "dhcp-option DNS 4.2.2.4"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 4.2.2.4"' >> /etc/openvpn/server.conf
;; ;;
4) 4)
echo 'push "dhcp-option DNS 129.250.35.250"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 129.250.35.250"' >> /etc/openvpn/server.conf
echo 'push "dhcp-option DNS 129.250.35.251"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 129.250.35.251"' >> /etc/openvpn/server.conf
;; ;;
5) 5)
echo 'push "dhcp-option DNS 74.82.42.42"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 74.82.42.42"' >> /etc/openvpn/server.conf
;; ;;
6) 6)
echo 'push "dhcp-option DNS 8.8.8.8"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 8.8.8.8"' >> /etc/openvpn/server.conf
echo 'push "dhcp-option DNS 8.8.4.4"' >> /etc/openvpn/server.conf echo 'push "dhcp-option DNS 8.8.4.4"' >> /etc/openvpn/server.conf
;; ;;
@ -346,7 +351,8 @@ persist-key
persist-tun persist-tun
remote-cert-tls server remote-cert-tls server
comp-lzo comp-lzo
verb 3" > /etc/openvpn/client-common.txt verb 3
key-direction 1" > /etc/openvpn/client-common.txt
# Generates the custom client.ovpn # Generates the custom client.ovpn
newclient "$CLIENT" newclient "$CLIENT"
echo "" echo ""