Skip to content

Instantly share code, notes, and snippets.

@askobara

askobara/new_ovpn_user.sh

Created July 4, 2018 09:03
Show Gist options
  • Save askobara/74b276f5c1cfc1dac42cd1598af0656a to your computer and use it in GitHub Desktop.
Save askobara/74b276f5c1cfc1dac42cd1598af0656a to your computer and use it in GitHub Desktop.
Download ZIP
generates .ovpn config for the new user
Raw
new_ovpn_user.sh
#!/bin/bash
set -e
NAME=$1
if [ -z "$NAME" ]; then
echo "$0 NAME"
exit
fi
IP=$(ip route get 8.8.8.8 | awk 'NR==1 {print $7}')
DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
PROTOCOL="udp"
PORT=1194
newclient() {
local name=$1
local ca=$(cat "/etc/openvpn/easy-rsa/keys/ca.crt")
local cert=$(cat "/etc/openvpn/easy-rsa/keys/${name}.crt")
local key=$(cat "/etc/openvpn/easy-rsa/keys/${name}.key")
local tls_auth=$(sudo cat "/etc/openvpn/ta.key")
mkdir -p "$DIR/$name"
tee "$DIR/$name/softliger.ovpn" > /dev/null <<EOF
client
tls-client
dev tun
proto $PROTOCOL
sndbuf 0
rcvbuf 0
remote $IP $PORT
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
#auth SHA512
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
<ca>
$ca
</ca>
<cert>
$cert
</cert>
<key>
$key
</key>
<tls-auth>
$tls_auth
</tls-auth>
EOF
}
cd /etc/openvpn/easy-rsa
source ./vars
export KEY_NAME=$NAME
./pkitool $NAME
newclient $NAME
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment