Script for OpenVPN generate client config file.

generate_openvpn_config.sh

#!/bin/bash
# Easy script to create OpenVPN client configuration with the user, pre-generating user's
# RSA key and certificate.
#
# Configuration template must exist in the same directory, with only missing part: certificates.
#
# (c) Dmytro Kovalov, 2015
# Modified by Juan Carrano, 2018

cd $(dirname ${BASH_SOURCE[0]})


USER=$1

[ -z ${USER} ] && { echo "Usage: $0 <user>"; exit 1; }

mkdir -p client_cfg
OUTPUT_OVPN=client_cfg/${USER}.ovpn

[ -f keys/${USER}.crt ] && { echo "Certificate keys/${USER}.crt already exists"; exit 2; }

source ./vars

KEY_EMAIL=$(echo "$KEY_EMAIL" | sed -Ee "s/^[^@]+/$USER/")]

./build-key ${USER}

(
# This should be existing config template, with only missing certificates, and keys sections.
cat ../client.conf

echo '<key>'
cat keys/${USER}.key
echo '</key>'

echo '<cert>'
cat keys/${USER}.crt
echo '</cert>'

echo '<ca>'
cat keys/ca.crt
echo '</ca>'
) > $OUTPUT_OVPN

# remove the client files:
rm keys/${USER}.key keys/${USER}.crt

echo ""
echo "Config file is at $OUTPUT_OVPN"
echo "Copy it via a secure method and delete it from this server"

give_key.sh

#!/bin/sh

#give a key to a user

SRC=$1
DST=$2

if [ x"$1" = x -o x"$2" = x ] ; then
	echo "Usage:" >&2
	echo "$0 <ovpn name> <user name>" >&2
	exit 1
fi

OVPNBASE="${SRC}.ovpn"
OVPNFILE="client_cfg/${OVPNBASE}"
DSTDIR="/home/${DST}"

if [ ! -e $OVPNFILE ] ; then
	echo "invalid ovpn name" >&2
	exit 2
fi

if [ ! -d $DSTDIR ] ; then
        echo "invalid user name" >&2
        exit 3
fi

die() {
	echo "Unexpected error" >&2
	exit 42
}

mv "$OVPNFILE" "$DSTDIR"  || die
chown "${DST}:${DST}" "${DSTDIR}/${OVPNBASE}"  || die

echo "Done." >&2
echo "Remember to tell the user to copy and to" >&2
echo "DELETE HIS FILE FROM THE SERVER!" >&2