fornellas/OpenVPN with shared HTTPS port

## client.ovpn
client
dev tun
keepalive 3 30
<connection>
remote us.vpn.sigstop.co.uk 443 udp
</connection>
#<connection>
#remote us.vpn.sigstop.co.uk 443 tcp
#</connection>
resolv-retry infinite
persist-key
persist-tun
ca ca.crt
cert [client name].crt
key [client name].key
comp-lzo
proto tcp
port 443
script-security 2
up update-resolvconf.sh
down update-resolvconf.sh

## OpenVPN with shared HTTPS port
This is a simple OpenVPN setup, with shared HTTPS port. To set up your own Certificate Authority, the easiest way is to follow: https://openvpn.net/index.php/open-source/documentation/howto.html#pki.
Once everything is set up, distribute client.ovpn + client's crt + client's key to each client and everything should work.

## server.conf
dev tun
user nobody
group nogroup
ca ca.crt
cert [your domain].crt
key [your domain].key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist [your domain]-ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
comp-lzo
proto tcp
port 443
port-share 127.0.0.1 8443

## update-resolvconf.sh
#!/bin/bash
set -e
set -o pipefail

IFACE="$1"
PROG="openvpn"

IFACE_PROG="${IFACE}.${PROG}"

function nameserver() {
  NAMESERVERS=()
  SEARCHES=()
  for optionname in ${!foreign_option_*} ; do
    option="${!optionname}"
    part1=$(echo "$option" | cut -d " " -f 1)
    if [ "$part1" == "dhcp-option" ] ; then
      part2=$(echo "$option" | cut -d " " -f 2)
      part3=$(echo "$option" | cut -d " " -f 3)
      if [ "$part2" == "DNS" ] ; then
        NAMESERVERS+=("$part3")
      fi
      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
        SEARCHES+=("$part3")
      fi
    fi
  done
  for NAMESERVER in "${NAMESERVERS[@]}"
  do
    echo "nameserver $NAMESERVER"
  done
  for SEARCH in "${SEARCHES[@]}"
  do
    echo "search $SEARCH"
  done
}

function add_resolvconf() {
  nameserver | resolvconf -a "$IFACE_PROG"
}

function remove_resolvconf() {
  nameserver | resolvconf -d "$IFACE_PROG"
}

case "$script_type" in
  up)
    add_resolvconf
    ;;
  down)
    remove_resolvconf
    ;;
esac
	client
	dev tun
	keepalive 3 30
	<connection>
	remote us.vpn.sigstop.co.uk 443 udp
	</connection>
	#<connection>
	#remote us.vpn.sigstop.co.uk 443 tcp
	#</connection>
	resolv-retry infinite
	persist-key
	persist-tun
	ca ca.crt
	cert [client name].crt
	key [client name].key
	comp-lzo
	proto tcp
	port 443
	script-security 2
	up update-resolvconf.sh
	down update-resolvconf.sh
	This is a simple OpenVPN setup, with shared HTTPS port. To set up your own Certificate Authority, the easiest way is to follow: https://openvpn.net/index.php/open-source/documentation/howto.html#pki.
	Once everything is set up, distribute client.ovpn + client's crt + client's key to each client and everything should work.
	dev tun
	user nobody
	group nogroup
	ca ca.crt
	cert [your domain].crt
	key [your domain].key
	dh dh1024.pem
	server 10.8.0.0 255.255.255.0
	ifconfig-pool-persist [your domain]-ipp.txt
	push "redirect-gateway def1"
	push "dhcp-option DNS 8.8.8.8"
	comp-lzo
	proto tcp
	port 443
	port-share 127.0.0.1 8443
	#!/bin/bash
	set -e
	set -o pipefail

	IFACE="$1"
	PROG="openvpn"

	IFACE_PROG="${IFACE}.${PROG}"

	function nameserver() {
	NAMESERVERS=()
	SEARCHES=()
	for optionname in ${!foreign_option_*} ; do
	option="${!optionname}"
	part1=$(echo "$option" \| cut -d " " -f 1)
	if [ "$part1" == "dhcp-option" ] ; then
	part2=$(echo "$option" \| cut -d " " -f 2)
	part3=$(echo "$option" \| cut -d " " -f 3)
	if [ "$part2" == "DNS" ] ; then
	NAMESERVERS+=("$part3")
	fi
	if [[ "$part2" == "DOMAIN" \|\| "$part2" == "DOMAIN-SEARCH" ]] ; then
	SEARCHES+=("$part3")
	fi
	fi
	done
	for NAMESERVER in "${NAMESERVERS[@]}"
	do
	echo "nameserver $NAMESERVER"
	done
	for SEARCH in "${SEARCHES[@]}"
	do
	echo "search $SEARCH"
	done
	}

	function add_resolvconf() {
	nameserver \| resolvconf -a "$IFACE_PROG"
	}

	function remove_resolvconf() {
	nameserver \| resolvconf -d "$IFACE_PROG"
	}

	case "$script_type" in
	up)
	add_resolvconf
	;;
	down)
	remove_resolvconf
	;;
	esac