Skip to content

Instantly share code, notes, and snippets.

@mrunkel
Created March 11, 2020 00:08
Show Gist options
  • Save mrunkel/f31cd82d0072f78ebe92bbe4e4421844 to your computer and use it in GitHub Desktop.
Save mrunkel/f31cd82d0072f78ebe92bbe4e4421844 to your computer and use it in GitHub Desktop.
OpenVPN Client Config Builder (for easyrsa v3)
#!/bin/bash
set -e
# First argument: Client identifier
if [ "$#" -ne 1 ] ; then
echo "Must pass exactly 1 parameter, not ${#}"
exit 2
fi
cd ~/easy-rsa >/dev/null
echo "Follow the prompts"
echo
./easyrsa gen-req ${1} nopass
./easyrsa sign-req client ${1}
cd - >/dev/null
KEY_DIR=~/easy-rsa/pki
OUTPUT_DIR=~/client-configs/files
BASE_CONFIG=~/client-configs/base.conf
cat ${BASE_CONFIG} \
<(echo -e '<ca>') \
${KEY_DIR}/ca.crt \
<(echo -e '</ca>\n<cert>') \
${KEY_DIR}/issued/${1}.crt \
<(echo -e '</cert>\n<key>') \
${KEY_DIR}/private/${1}.key \
<(echo -e '</key>\n<tls-auth>') \
${KEY_DIR}/private/ta.key \
<(echo -e '</tls-auth>') \
> ${OUTPUT_DIR}/${1}.ovpn
echo
echo
echo "OpenVPN config created at: ${OUTPUT_DIR}/${1}.ovpn"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment