Created
April 13, 2018 11:59
-
-
Save annmuor/bcd0ebe00336dd42f1fd00d55ef9eadc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
MYIP="$(ip r get 8.8.8.8|grep -oP 'src \S+'|awk '{print $2}')" | |
export EASYRSA_PKI=/etc/openvpn/pki | |
cd /usr/share/easy-rsa/3 | |
if [ -z "$1" ]; then echo "Usage: $0 <client-name>"; exit 1; fi | |
./easyrsa build-client-full "$1" nopass | |
CLIENT_KEY="/etc/openvpn/pki/private/${1}.key" | |
CLIENT_CRT="/etc/openvpn/pki/issued/${1}.crt" | |
CLIENT_CA="/etc/openvpn/pki/ca.crt" | |
CLIENT_TLS="/etc/openvpn/pki/tg.key" | |
if [ ! -f "$CLIENT_KEY" ]; then echo "Key not found"; exit 1; fi | |
if [ ! -f "$CLIENT_CRT" ]; then echo "CRT not found"; exit 1; fi | |
if [ ! -f "$CLIENT_TLS" ]; then echo "TLS not found"; exit 1; fi | |
if [ ! -f "$CLIENT_CA" ]; then echo "CA not found"; exit 1; fi | |
cat > "/tmp/$1.ovpn" <<EOF | |
client | |
dev tun | |
proto udp | |
remote $MYIP 1194 | |
resolv-retry infinite | |
nobind | |
persist-key | |
persist-tun | |
verb 1 | |
comp-lzo | |
auth-nocache | |
key-direction 1 | |
<ca> | |
$(cat "$CLIENT_CA") | |
</ca> | |
<cert> | |
$(cat "$CLIENT_CRT") | |
</cert> | |
<key> | |
$(cat "$CLIENT_KEY") | |
</key> | |
<tls-auth> | |
$(cat "$CLIENT_TLS") | |
</tls-auth> | |
EOF | |
echo "Look into /tmp/$1.ovpn" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment