ref: 6349105a7de92413fab50cb12322742a25a29efd
iron-vpn/vpn-client
#! /bin/bash # Usage: $iron vpn-client# Summary: create OpenVPN client config # Help: OpenVPN client config generator APPNAME="iron" if [ "$#" != "2" ]; then echo "Usage: vpn-client " exit 1 fi servername=$1 vpn_client=$2 CFG_FILE=$HOME/.${APPNAME}/vpn/${servername}.cfg CURRDIR=$(pwd) EASY_RSA_HOME=/usr/share/easy-rsa/ test -f $CFG_FILE || echo "No such config: [${CFG_FILE}]" test -f $CFG_FILE || exit 1 source ${CFG_FILE} function ovpn_generate_client() { client_dn=$1 #cd $EASY_RSA_HOME export KEY_CN=${client_dn} ${EASY_RSA_HOME}/easyrsa build-client-full ${client_dn} } function ovpn_generate_client_assembly() { cd $CURRDIR mkdir -p "$CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client}" cp $CURRDIR/pki/ca.crt $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cp $CURRDIR/pki/issued/${vpn_client}.crt $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cp $CURRDIR/pki/private/${vpn_client}.key $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cat<<__EOT__>$CURRDIR/server/${code_organization}-client/${vpn_client}/${code_organization}.conf client dev tun proto tcp #remote ${code_organization} remote 62.171.171.30 1194 resolv-retry infinite nobind comp-lzo persist-key persist-tun askpass /etc/openvpn/passwordfile ca /etc/openvpn/${vpn_client}/ca.crt cert /etc/openvpn/${vpn_client}/${vpn_client}.crt key /etc/openvpn/${vpn_client}/${vpn_client}.key verb 3 log-append /var/log/openvpn.${code_organization}-client.log __EOT__ cd ./server/${code_organization}-client/${vpn_client} tar cvfz $CURRDIR/${code_organization}-${vpn_client}.tar.gz . } function ovpn_generate_client_android() { ovpnfile=$CURRDIR/server/${code_organization}-client/${vpn_client}/${code_organization}-${vpn_client}.ovpn cd $CURRDIR mkdir -p "$CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client}" cp $CURRDIR/pki/ca.crt $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cp $CURRDIR/pki/issued/${vpn_client}.crt $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cp $CURRDIR/pki/private/${vpn_client}.key $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client} cat<<__EOT__>$ovpnfile client dev tun proto tcp #remote ${code_organization} remote 62.171.171.30 1194 resolv-retry infinite nobind comp-lzo persist-key persist-tun askpass /etc/openvpn/passwordfile verb 3 log-append /var/log/openvpn.${code_organization}-client.log #ca /etc/openvpn/${vpn_client}/ca.crt #cert /etc/openvpn/${vpn_client}/${vpn_client}.crt #key /etc/openvpn/${vpn_client}/${vpn_client}.key __EOT__ echo " " >> $ovpnfile cat $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client}/ca.crt >> $ovpnfile echo " " >> $ovpnfile echo "" >> $ovpnfile cat $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client}/${vpn_client}.crt \ | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' \ >> $ovpnfile echo " " >> $ovpnfile echo "" >> $ovpnfile cat $CURRDIR/server/${code_organization}-client/${vpn_client}/${vpn_client}/${vpn_client}.key \ >> $ovpnfile echo " " >> $ovpnfile } # MAIN ovpn_generate_client ${vpn_client} ovpn_generate_client_android ovpn_generate_client_assembly