Fabio/openvpn-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge 1182e98aed into e1f19e0f24

Browse source
This commit is contained in:
Rémi Alvergnat 2024-11-29 03:19:50 +00:00 committed by GitHub
commit e85c94aa71
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 30 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
openvpn-install.sh
View file

@ -1129,21 +1129,27 @@ function newClient() {
echo "Client $CLIENT added." echo "Client $CLIENT added."
fi fi
# Home directory of the user, where the client configuration will be written if [[ -z "$CLIENT_FILEPATH" ]]; then
if [ -e "/home/${CLIENT}" ]; then # Home directory of the user, where the client configuration will be written
# if $1 is a user name if [ -e "/home/${CLIENT}" ]; then
homeDir="/home/${CLIENT}" # if $1 is a user name
elif [ "${SUDO_USER}" ]; then homeDir="/home/${CLIENT}"
# if not, use SUDO_USER CLIENT_OWNER="$CLIENT"
if [ "${SUDO_USER}" == "root" ]; then elif [ "${SUDO_USER}" ]; then
# If running sudo as root # if not, use SUDO_USER
homeDir="/root" if [ "${SUDO_USER}" == "root" ]; then
# If running sudo as root
homeDir="/root"
else
homeDir="/home/${SUDO_USER}"
fi
CLIENT_OWNER="$SUDO_USER"
else else
homeDir="/home/${SUDO_USER}" # if not SUDO_USER, use /root
homeDir="/root"
fi fi
else
# if not SUDO_USER, use /root CLIENT_FILEPATH="$homeDir/$CLIENT.ovpn"
homeDir="/root"
fi fi
# Determine if we use tls-auth or tls-crypt # Determine if we use tls-auth or tls-crypt
@ -1154,7 +1160,7 @@ function newClient() {
fi fi
# Generates the custom client.ovpn # Generates the custom client.ovpn
cp /etc/openvpn/client-template.txt "$homeDir/$CLIENT.ovpn" cp /etc/openvpn/client-template.txt "$CLIENT_FILEPATH"
{ {
echo "<ca>" echo "<ca>"
cat "/etc/openvpn/easy-rsa/pki/ca.crt" cat "/etc/openvpn/easy-rsa/pki/ca.crt"
@ -1181,10 +1187,18 @@ function newClient() {
echo "</tls-auth>" echo "</tls-auth>"
;; ;;
esac esac
} >>"$homeDir/$CLIENT.ovpn" } >>"$CLIENT_FILEPATH"
if [[ -n "$CLIENT_OWNER" ]]; then
echo "Setting owner permission for $CLIENT_FILEPATH"
CLIENT_OWNER_GROUP=$(id -gn "$CLIENT_OWNER")
chmod go-rw "$CLIENT_FILEPATH"
chown "$CLIENT_OWNER:$CLIENT_OWNER_GROUP" "$CLIENT_FILEPATH"
fi
echo "" echo ""
echo "The configuration file has been written to $homeDir/$CLIENT.ovpn." echo "The configuration file has been written to $CLIENT_FILEPATH."
echo "Download the .ovpn file and import it in your OpenVPN client." echo "Download the .ovpn file and import it in your OpenVPN client."
exit 0 exit 0