tdack/create-ovpn.sh

## create-ovpn.sh
#!/bin/bash

NAME=$1
FERAL_SERVER=$2
KEYSTORE=./keys
CA=$(< ${KEYSTORE}/ca.crt)
CERT=$(< ${KEYSTORE}/${NAME}.crt)
KEY=$(< ${KEYSTORE}/${NAME}.key)
TLS_AUTH=$(< ${KEYSTORE}/tls-auth.key)
OUTPUT=./${NAME}.ovpn

cat > ${OUTPUT} << __EOF__
# Feral Hosting OpenVPN client configuration file
#
# Specific to ${NAME} on ${FERAL_SERVER}

client
dev tun
remote ${FERAL_SERVER}.feralhosting.com 1194
proto udp
resolv-retry infinite
nobind

# On non-Windows systems, please uncomment the following for added security:
;user nobody
;group nogroup

persist-key
persist-tun

# Proxy configuration, if needed
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets.  Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# The 'passwords' identifying you and the server
# keys/${NAME}.key must be kept secret at all times and is unique to you.
# It should never be transferred over a non-secure connection (e.g. FTP), use SFTP
# If it is compromised (e.g. left on a USB key somewhere in the library) another one can easily be generated, don't hesitate to ask!
<ca>
${CA}
</ca>
<cert>
${CERT}
</cert>
<key>
${KEY}
</key>
key-direction 1
<tls-auth>
${TLS_AUTH}
</tls-auth>

ns-cert-type server
comp-lzo

# Log file verbosity
verb 3
# Silence repeating messages
mute 20
__EOF__
	#!/bin/bash

	NAME=$1
	FERAL_SERVER=$2
	KEYSTORE=./keys
	CA=$(< ${KEYSTORE}/ca.crt)
	CERT=$(< ${KEYSTORE}/${NAME}.crt)
	KEY=$(< ${KEYSTORE}/${NAME}.key)
	TLS_AUTH=$(< ${KEYSTORE}/tls-auth.key)
	OUTPUT=./${NAME}.ovpn

	cat > ${OUTPUT} << __EOF__
	# Feral Hosting OpenVPN client configuration file
	#
	# Specific to ${NAME} on ${FERAL_SERVER}

	client
	dev tun
	remote ${FERAL_SERVER}.feralhosting.com 1194
	proto udp
	resolv-retry infinite
	nobind

	# On non-Windows systems, please uncomment the following for added security:
	;user nobody
	;group nogroup

	persist-key
	persist-tun

	# Proxy configuration, if needed
	;http-proxy-retry # retry on connection failures
	;http-proxy [proxy server] [proxy port #]

	# Wireless networks often produce a lot
	# of duplicate packets. Set this flag
	# to silence duplicate packet warnings.
	;mute-replay-warnings

	# The 'passwords' identifying you and the server
	# keys/${NAME}.key must be kept secret at all times and is unique to you.
	# It should never be transferred over a non-secure connection (e.g. FTP), use SFTP
	# If it is compromised (e.g. left on a USB key somewhere in the library) another one can easily be generated, don't hesitate to ask!
	<ca>
	${CA}
	</ca>
	<cert>
	${CERT}
	</cert>
	<key>
	${KEY}
	</key>
	key-direction 1
	<tls-auth>
	${TLS_AUTH}
	</tls-auth>

	ns-cert-type server
	comp-lzo

	# Log file verbosity
	verb 3
	# Silence repeating messages
	mute 20
	__EOF__