| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 |
- #!/bin/bash
- if [ $# -ne 3 ]
- then
- echo "Usage: mkclient clientname vpn" 1>&2
- exit 1
- fi
-
- vpn="${2}"
- clientname="${1}-${vpn}"
- vpn="vpn_${vpn}"
- if [ ! -d "/etc/openvpn/${vpn}" ]
- then
- echo "VPN does not exists" 1>&2
- exit 2
- fi
- if [ $(echo "${clientname}" | grep -c -E "^[a-zA-Z0-9\._\-]+$") != 1 ]
- then
- echo "Invalid client name"
- exit 3
- fi
- cd "/etc/openvpn/${vpn}/easy-rsa/keys"
- clientsdir="/etc/openvpn/${vpn}/clients/"
- clientdir="$clientsdir${clientname}/"
- clientslinkdir="/var/vpn/${vpn}/"
- if [ -a "${clientname}.crt" ] || [ -a "${clientname}.csr" ] || [ -a "${clientname}.key" ] || [ -d $clientdir ]
- then
- echo "Client ${clientname} already exists or is revoked"
- exit 4
- fi
-
- cd ..
- source ./vars
- KEY_CN="${clientname}" KEY_NAME="${clientname}" ./pkitool ${clientname}
- ret=$?
- if [ $ret != 0 ]
- then
- echo "pkitool exited with code $ret"
- exit 5
- fi
- cd keys
- echo "Copying generated files"
- mkdir -p $clientdir
- cp "${clientname}.crt" "$clientdir/${clientname}-${vpn}.crt"
- cp "${clientname}.key" "$clientdir/${clientname}-${vpn}.key"
- echo "Copying ca and ta"
- cd "/etc/openvpn/${vpn}"
- cp ca.crt "$clientdir/ca-${vpn}.crt"
- cp ta.key "$clientdir/ta-${vpn}.key"
- echo "Creating client-${vpn}.conf"
- cd $clientsdir
-
- sed "s/%%client%%/${clientname}/g" client.conf > "$clientdir/${clientname}.conf"
- echo "Creating ${clientname}.tar.bz2"
- tar cfj "${clientname}.tar.bz2" "${clientname}/"*
- echo "mkclient completed"
- exit 0
|
