allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

Add mention of SSL for configuration download.

Browse Source
This commit is contained in:
Jérôme Petazzoni
2013-09-04 14:22:24 -07:00
parent be9e6b65c9
commit c6b94b5726
3 changed files with 33 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
bin/run
View File

@ -53,6 +53,13 @@ dev tun1194
status openvpn-status-1194
EOF
MY_IP_ADDR=$(curl -s http://myip.enix.org/REMOTE_ADDR)
[ "$MY_IP_ADDR" ] || {
echo "Sorry, I could not figure out my public IP address."
echo "(I use http://myip.enix.org/REMOTE_ADDR/ for that purpose.)"
exit 1
}
[ -f client.ovpn ] || cat >client.ovpn <<EOF
client
nobind
@ -73,17 +80,18 @@ redirect-gateway def1
</dh>
<connection>
remote `curl -s http://myip.enix.org/REMOTE_ADDR` 1194 udp
remote $MY_IP_ADDR 1194 udp
</connection>
<connection>
remote `curl -s http://myip.enix.org/REMOTE_ADDR` 443 tcp-client
remote $MY_IP_ADDR 443 tcp-client
</connection>
EOF
[ -f client.http ] || cat >client.http <<EOF
HTTP/1.0 200 OK
Content-Type: application/x-openvpn-profile
Content-Length: `wc -c client.ovpn`
`cat client.ovpn`
EOF

6
bin/serveconfig
View File

@ -7,4 +7,8 @@ cd /etc/openvpn
exit 1
}
socat TCP-LISTEN:8080,reuseaddr - < client.http >> http8080.log
echo "https://$(curl -s http://myip.enix.org/REMOTE_ADDR):8080/"
socat -d -d \
OPENSSL-LISTEN:8080,fork,reuseaddr,key=key.pem,certificate=cert.pem,verify=0 \
EXEC:'cat client.http' \
2>> http8080.log