Created
September 23, 2019 16:39
-
-
Save polynomialspace/092f7fb199d307901b142c30b1424347 to your computer and use it in GitHub Desktop.
script to generate .ovpn files, assumes several things, see https://polynomial.space/posts/openvpn/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
CLIENT="${1}" | |
IP="${2}" | |
if [ -z "${CLIENT}" ]; then | |
exit 1 | |
fi | |
cd /etc/openvpn | |
/usr/local/share/easy-rsa/easyrsa build-client-full "${CLIENT}" nopass | |
cat <<\EOF > clients/"${CLIENT}".ovpn | |
client | |
dev tun | |
;proto tcp | |
proto udp | |
remote 104.207.150.221 61194 #CHANGEME | |
route 172.16.32.0 255.255.255.0 | |
nobind | |
persist-tun | |
user openvpn | |
group openvpn | |
cipher AES-256-GCM | |
auth SHA256 | |
persist-key | |
key-direction 1 | |
verb 2 | |
mute 20 | |
EOF | |
echo '<ca>' >> clients/"${CLIENT}".ovpn | |
cat pki/ca.crt >> clients/"${CLIENT}".ovpn | |
echo '</ca>' >> clients/"${CLIENT}".ovpn | |
echo '<cert>' >> clients/"${CLIENT}".ovpn | |
cat pki/issued/"${CLIENT}".crt >> clients/"${CLIENT}".ovpn | |
echo '</cert>' >> clients/"${CLIENT}".ovpn | |
echo '<key>' >> clients/"${CLIENT}".ovpn | |
cat pki/private/"${CLIENT}".key >> clients/"${CLIENT}".ovpn | |
echo '</key>' >> clients/"${CLIENT}".ovpn | |
echo '<tls-auth>' >> clients/"${CLIENT}".ovpn | |
cat ta.key >> clients/"${CLIENT}".ovpn | |
echo '</tls-auth>' >> clients/"${CLIENT}".ovpn | |
rm pki/private/"${CLIENT}".key pki/issued/"${CLIENT}".crt | |
if [ -n "${IP}" ]; then | |
echo "ifconfig-push ${IP} 255.255.255.0" > ccd/"${CLIENT}" | |
fi | |
echo "written to: $(pwd)/clients/${CLIENT}.ovpn" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment