forked from nicolargo/openvpnscripts
-
Notifications
You must be signed in to change notification settings - Fork 2
/
ovcreateclient-debian.sh
124 lines (116 loc) · 3.17 KB
/
ovcreateclient-debian.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#!/bin/bash
#
# Script de creation d'un nouveau client sur un serveur OpenVPN
# http://blog.nicolargo.com/2010/10/installation-dun-serveur-openvpn-sous-debianubuntu.html
#
# Authors:
# - Nicolargo (aka Nicolas Hennion)
# - Fran�ois ANTON (add choice for certificate password)
# - Kimpe Andy (add conpatibility for windows vista and windows 7)
#
# GPLv3
#
# Syntaxe: # sudo ./ovcreateclient.sh <nomduclient>
#
VERSION="0.5"
port=$(cat /etc/openvpnport)
proto=$(cat /etc/openvpnproto)
echo -e "---------------------------------"
echo -e "openvpn auto createclient v $VERSION"
echo -e "---------------------------------"
echo "To continue in English, type e"
echo "Pour continuer en Français, tapez f"
echo "To Exit / Pour quitter : CTRL-C"
while true; do
read -e -p "? " lang
case $lang in
[e]* ) LANGUAGE=en.sh && break;;
[f]* ) LANGUAGE=fr.sh && break;;
esac
done
source /etc/openvpnlang/$LANGUAGE
# verifier si sudo et installer
if [ ! -e "/usr/bin/sudo" ]; then
# si sudo n'est pas installer ont l'install
apt-get -y install sudo
fi
# verifier si zip et installer
if [ ! -e "/usr/bin/zip" ]; then
# si zip n'est pas installer ont l'install
apt-get -y install zip
fi
# Test que le script est lance en root
if [ $EUID -ne 0 ]; then
echo -e "$root# sudo $0 <$nameclient>" 1>&2
exit 1
fi
# Test parametre
if [ $# -ne 1 ]; then
echo -e "$mustclient # sudo $0 <$nameclient>" 1>&2
exit 1
fi
cd /etc/openvpn/easy-rsa
echo -e "$createclient $1"
echo -e $certif1
echo -e "1) $certif2"
echo -e "2) $certif3"
read key
case $key in
1)
echo -e "$createclient2 $1"
source vars
./build-key $1
;;
2)
echo "$createclient3 $1"
source vars
./build-key-pass $1
;;
*)
echo -e $error
echo -e $stop
exit 0
;;
esac
sudo mkdir /etc/openvpn/clientconf/$1
sudo cp /etc/openvpn/ca.crt /etc/openvpn/ta.key keys/$1.crt keys/$1.key /etc/openvpn/clientconf/$1/
sudo chmod -R 777 /etc/openvpn/clientconf/$1
cd /etc/openvpn/clientconf/$1
cat >> /etc/openvpn/clientconf/$1/client.conf << EOF
# Client
client
dev tun
proto $proto
remote `wget -qO- ifconfig.me/ip` $port
resolv-retry infinite
cipher AES-256-CBC
# Cles
ca ca.crt
cert $1.crt
key $1.key
tls-auth ta.key 1
# Securite
nobind
persist-key
persist-tun
comp-lzo
verb 3
script-security 3 system
up /etc/openvpn/update-resolv-conf
EOF
# ajout de la compatibilité pour windows xp (la même config sauf que je change le pour pouvoir les diférencier)
sudo cp client.conf client-xp.ovpn
# ajout de la compatibilité pour windows vista et windows 7
sudo cp client.conf client-vista-7.ovpn
# ajout de ligne suivante a la fin du fichier de config
# route-method exe
# route-delay 2
# permet de corriger les problème de routage sur windows vista et windows 7
sudo sed -i 's/script-security 3 system/ /g' /etc/openvpn/clientconf/$1/client-xp.ovpn
sudo sed -i 's|up /etc/openvpn/update-resolv-conf| |' /etc/openvpn/clientconf/$1/client-xp.ovpn
sudo sed -i 's/script-security 3 system/route-method exe/g' /etc/openvpn/clientconf/$1/client-vista-7.ovpn
sudo sed -i 's|up /etc/openvpn/update-resolv-conf|route-delay 2|' /etc/openvpn/clientconf/$1/client-vista-7.ovpn
sudo zip $1.zip *.*
echo -e "$createclient $1 $finish"
echo "/etc/openvpn/clientconf/$1/$1.zip"
echo "---"