Allow to export separated client config and wrote ovpn_getclient_all.
This commit is contained in:
Robin Schneider
@ -5,25 +5,35 @@
|
||||
#
|
||||
|
||||
if [ "$DEBUG" == "1" ]; then
|
||||
set -x
|
||||
set -x
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
if [ -z "$OPENVPN" ]; then
|
||||
OPENVPN="$PWD"
|
||||
fi
|
||||
source "$OPENVPN/ovpn_env.sh"
|
||||
cn=$1
|
||||
cn="$1"
|
||||
parm="$2"
|
||||
|
||||
if [ ! -f "$EASYRSA_PKI/private/${cn}.key" ]; then
|
||||
echo "Unable to find ${cn}, please try again or generate the key first"
|
||||
>&2 "Unable to find \"${cn}\", please try again or generate the key first" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cat <<EOF
|
||||
get_client_config() {
|
||||
mode="$1"
|
||||
echo "
|
||||
client
|
||||
nobind
|
||||
dev tun
|
||||
remote-cert-tls server
|
||||
|
||||
remote $OVPN_CN $OVPN_PORT $OVPN_PROTO
|
||||
"
|
||||
if [ "$mode" == "combined" ]; then
|
||||
echo "
|
||||
<key>
|
||||
$(cat $EASYRSA_PKI/private/${cn}.key)
|
||||
</key>
|
||||
@ -40,9 +50,16 @@ $(cat $EASYRSA_PKI/dh.pem)
|
||||
$(cat $EASYRSA_PKI/ta.key)
|
||||
</tls-auth>
|
||||
key-direction 1
|
||||
|
||||
remote $OVPN_CN $OVPN_PORT $OVPN_PROTO
|
||||
EOF
|
||||
"
|
||||
else
|
||||
echo "
|
||||
key ${cn}.key
|
||||
ca ca.crt
|
||||
cert ${cn}.crt
|
||||
dh dh.pem
|
||||
tls-auth ta.key 1
|
||||
"
|
||||
fi
|
||||
|
||||
if [ "$OVPN_DEFROUTE" != "0" ];then
|
||||
echo "redirect-gateway def1"
|
||||
@ -51,3 +68,29 @@ fi
|
||||
if [ -n "$OVPN_MTU" ]; then
|
||||
echo "tun-mtu $OVPN_MTU"
|
||||
fi
|
||||
}
|
||||
|
||||
dir="$OPENVPN/clients/$cn"
|
||||
case "$parm" in
|
||||
"separated")
|
||||
mkdir -p "$dir"
|
||||
get_client_config "$parm" > "$dir/${cn}.ovpn"
|
||||
cp "$EASYRSA_PKI/private/${cn}.key" "$dir/${cn}.key"
|
||||
cp "$EASYRSA_PKI/ca.crt" "$dir/ca.crt"
|
||||
cp "$EASYRSA_PKI/issued/${cn}.crt" "$dir/${cn}.crt"
|
||||
cp "$EASYRSA_PKI/dh.pem" "$dir/dh.pem"
|
||||
cp "$EASYRSA_PKI/ta.key" "$dir/ta.key"
|
||||
;;
|
||||
"combined")
|
||||
get_client_config "combined"
|
||||
;;
|
||||
"combined-save")
|
||||
get_client_config "combined" > "$dir/${cn}-combined.ovpn"
|
||||
;;
|
||||
*)
|
||||
>&2 echo "This script can produce the client configuration in to formats."
|
||||
>&2 echo " 1. combined: All needed configuration and cryptographic material is in one file (Use \"combined-save\" to write the configuration file in the same path as the separated parameter does)."
|
||||
>&2 echo " 2. separated: Separated files."
|
||||
>&2 echo "Please specific one of those options as second parameter."
|
||||
;;
|
||||
esac
|
||||
|
||||
Reference in New Issue
Block a user