| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 |
- #! /usr/bin/env sh
- if [ $# -ne 1 ]
- then
- echo "Usage: $0 vpnname" 1>&2
- exit 1
- fi
-
- vpn="vpn_$1"
- ovpndir="/etc/openvpn"
- ovpndirconf="${ovpndir}/${vpn}"
- webdir="/var/vpn/${vpn}"
- if [ -d "${ovpndirconf}" ] || [ -d "${webdir}" ]
- then
- echo "VPN already exists" 1>&2
- exit 2
- fi
- echo "Creating OpenVPN configuration"
- cd "${ovpndir}"
- echo -n "VPN port: "
- read vpnport
- echo -n "VPN IP range: "
- read vpniprange
- sed "s/%%VPNNAME%%/${vpn}/g" sampleconf > "${vpn}.conf"
- sed "s/%%VPNPORT%%/${vpnport}/g" -i "${vpn}.conf"
- sed "s/%%VPNIPRANGE%%/${vpniprange}/g" -i "${vpn}.conf"
- cp -r sampleconfdir "${ovpndirconf}"
- cd "${ovpndirconf}"
- sed "s/%%VPNNAME%%/${vpn}/g" -i clients/client.conf
- sed "s/%%VPNPORT%%/${vpnport}/g" -i clients/client.conf
- cd "easy-rsa"
- editor vars
- . ./vars
- export KEY_OU="${KEY_ORG}"
- export KEY_CN="${KEY_ORG}"
- export KEY_NAME="${KEY_ORG}"
- ./clean-all
- ./build-ca
- ./build-key-server server
- ./build-dh
- openssl ca -gencrl -keyfile keys/ca.key -cert keys/ca.crt -out keys/crl.pem -config openssl.cnf
- unset KEY_OU
- unset KEY_CN
- unset KEY_NAME
- chmod 710 keys
- cd keys
- openvpn --genkey --secret ta.key
- cp dh*.pem ../../
- cp ca.crt ../../
- cp ta.key ../../
- cp server.crt ../../
- cp server.key ../../
- cd "${ovpndir}"
- chown -R root:ovpn-manager "${vpn}" "${vpn}.conf"
-
- echo "Creating web configuration"
- mkdir "${webdir}"
- cd "${webdir}"
- echo "AuthUserFile ${webdir}/.htpasswd" >> .htaccess
- echo "AuthType Basic" >> .htaccess
- echo "AuthName \"${vpn}\"" >> .htaccess
- echo "Require user ovpn-root" >> .htaccess
- cp ../.htpasswd .
|
