robin.thoni
/
vpngen
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
2 Branches
Tree: 6e5d59e62f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6e5d59e62f'
${ noResults }
vpngen/mkclient

mkclient 1.8KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. #!/bin/bash

  2. if [ $# -ne 3 ]

  3. then

  4.     echo "Usage: mkclient clientname password vpn" 1>&2

  5.     echo "password can be -p to show prompt" 1>&2

  6.     exit 1

  7. fi

  8. 

  9. pass="$2"

  10. vpn="$3"

  11. clientname="$1-${vpn}"

  12. vpn="vpn_${vpn}"

  13. if [ ! -d "/etc/openvpn/${vpn}" ]

  14. then

  15.     echo "VPN does not exists" 1>&2

  16.     exit 2

  17. fi

  18. if [ $(echo "${clientname}" | grep -c -E "^[a-zA-Z0-9\._\-]+$") != 1 ]

  19. then

  20.     echo "Invalid client name"

  21.     exit 3

  22. fi

  23. cd "/etc/openvpn/${vpn}/easy-rsa/keys"

  24. clientsdir="/etc/openvpn/${vpn}/clients/"

  25. clientdir="$clientsdir${clientname}/"

  26. clientslinkdir="/var/vpn/${vpn}/"

  27. if [ -a "${clientname}.crt" ] || [ -a "${clientname}.csr" ] || [ -a "${clientname}.key" ] || [ -d $clientdir ]

  28. then

  29.     echo "Client ${clientname} already exists or is revoked"

  30.     exit 4

  31. fi

  32. 

  33. if [ "${pass}" == "-p" ]

  34. then

  35.     echo -n "Password: "

  36.     read -s pass

  37. fi

  38. 

  39. cd ..

  40. source ./vars

  41. KEY_CN="${clientname}" KEY_NAME="${clientname}" ./pkitool ${clientname}

  42. ret=$?

  43. if [ $ret != 0 ]

  44. then

  45.     echo "pkitool exited with code $ret"

  46.     exit 5

  47. fi

  48. cd keys

  49. echo "Copying generated files"

  50. mkdir -p $clientdir

  51. cp "${clientname}.crt" "$clientdir/${clientname}-${vpn}.crt"

  52. cp "${clientname}.key" "$clientdir/${clientname}-${vpn}.key"

  53. echo "Copying ca and ta"

  54. cd "/etc/openvpn/${vpn}"

  55. cp ca.crt "$clientdir/ca-${vpn}.crt"

  56. cp ta.key "$clientdir/ta-${vpn}.key"

  57. echo "Creating client-${vpn}.conf"

  58. cd $clientsdir

  59. sed "s/%%client%%/${clientname}/g" client.conf > "$clientdir/${clientname}.conf"

  60. echo "Creating ${clientname}.tar.bz2"

  61. cd $clientdir

  62. tar cfj "${clientname}.tar.bz2" *

  63. echo "Creating symlink"

  64. ln -s "$clientdir${clientname}.tar.bz2" "$clientslinkdir${clientname}.tar.bz2"

  65. echo "Adding apache user"

  66. echo -e "<Files ${clientname}.tar.bz2>\n\tRequire user ${clientname} ovpn-root\n</Files>" >> $clientslinkdir'.htaccess'

  67. htpasswd -b "/var/vpn/${vpn}/.htpasswd" ${clientname} ${pass}

  68. echo "mkclient completed"

  69. exit 0