env: Re-work environment code
* Instead of storing just a server_url which was necessary to
regenerate the OpenVPN configs, instead store an env file.
* Move all the env parsing to `ovpn_genconfig` so that it can be re-run
from genconfig instead of from `ovpn_init`.
* Remove all the parsing and env defaults except for genconfig.
NOTE: This breaks the older config method, uesrs will need to re-run
genconfig with an arg[1] as the previous server_url, this will create
the necessary env file the rest of the tools expect.
Example recovery for legacy users:
host$ docker run --rm -it kylemanna/openvpn bash -l
container# ovpn_genconfig $(cat /etc/openvpn/server_url)
This commit is contained in:
Kyle Manna
@ -6,21 +6,10 @@
|
||||
|
||||
set -ex
|
||||
|
||||
server_url=$1
|
||||
# Generate the ovpn env file
|
||||
ovpn_genconfig "$1"
|
||||
|
||||
# Server name is in the form "udp://vpn.example.com:1194"
|
||||
if [[ "$server_url" =~ ^((udp|tcp)://)?([0-9a-zA-Z\.]+)(:([0-9]+))?$ ]]; then
|
||||
proto=${BASH_REMATCH[2]};
|
||||
cn=${BASH_REMATCH[3]};
|
||||
port=${BASH_REMATCH[5]};
|
||||
else
|
||||
echo "Common name not specified"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Apply defaults
|
||||
[ -z "$proto" ] && proto=1194
|
||||
[ -z "$port" ] && port=udp
|
||||
source "$OPENVPN/ovpn_env.sh"
|
||||
|
||||
# Specify "nopass" as arg[2] to make the CA insecure
|
||||
nopass=$2
|
||||
@ -46,9 +35,5 @@ openvpn --genkey --secret $OPENVPN/pki/ta.key
|
||||
# [ -n "$ptr" ] && cn=$ptr || cn=$ip4
|
||||
#fi
|
||||
|
||||
echo "$server_url" > $OPENVPN/server_url
|
||||
|
||||
# For a server key with a password, manually init; this is autopilot
|
||||
easyrsa build-server-full $cn nopass
|
||||
|
||||
ovpn_genconfig "$cn"
|
||||
easyrsa build-server-full "$OVPN_CN" nopass
|
||||
|
||||
Reference in New Issue
Block a user