Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-20 03:40:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix issue pivpn#281

Browse source
This commit is contained in:
Hìr0 2020-06-01 00:39:18 +02:00
parent ad363b717b
commit 46c463d1d5
2 changed files with 59 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
scripts/openvpn/makeOVPN.sh
View file

@ -20,7 +20,7 @@ source "${setupVars}"
helpFunc() { helpFunc() {
echo "::: Create a client ovpn profile, optional nopass" echo "::: Create a client ovpn profile, optional nopass"
echo ":::" echo ":::"
echo "::: Usage: pivpn <-a|add> [-n|--name <arg>] [-p|--password <arg>]|[nopass] [-d|--days <number>] [-b|--bitwarden] [-i|--iOS] [-h|--help]" echo "::: Usage: pivpn <-a|add> [-n|--name <arg>] [-p|--password <arg>]|[nopass] [-d|--days <number>] [-b|--bitwarden] [-i|--iOS] [-c|--config-file] [-h|--help]"
echo ":::" echo ":::"
echo "::: Commands:" echo "::: Commands:"
echo "::: [none] Interactive mode" echo "::: [none] Interactive mode"
@ -30,6 +30,7 @@ helpFunc() {
echo "::: -d,--days Expire the certificate after specified number of days (default: 1080)" echo "::: -d,--days Expire the certificate after specified number of days (default: 1080)"
echo "::: -b,--bitwarden Create and save a client through Bitwarden" echo "::: -b,--bitwarden Create and save a client through Bitwarden"
echo "::: -i,--iOS Generate a certificate that leverages iOS keychain" echo "::: -i,--iOS Generate a certificate that leverages iOS keychain"
echo "::: -c,--config-file Generate .ovpn configuration file for an existing client"
echo "::: -h,--help Show this help dialog" echo "::: -h,--help Show this help dialog"
} }
@ -97,6 +98,10 @@ do
echo "Bitwarden not found, please install bitwarden" echo "Bitwarden not found, please install bitwarden"
exit 1 exit 1
fi fi
;;
-c|--config-file)
GENOVPNONLY=1
;; ;;
*) *)
echo "Error: Got an unexpected argument '$1'" echo "Error: Got an unexpected argument '$1'"
@ -248,8 +253,12 @@ if [[ -z "${NAME}" ]]; then
exit 1 exit 1
fi fi
# Check if name is already in use if [ "${GENOVPNONLY}" == "1" ]; then
while read -r line || [ -n "${line}" ]; do # Generate .ovpn configuration file
cd /etc/openvpn/easy-rsa/pki || exit
else
# Check if name is already in use
while read -r line || [ -n "${line}" ]; do
STATUS=$(echo "$line" | awk '{print $1}') STATUS=$(echo "$line" | awk '{print $1}')
if [ "${STATUS}" == "V" ]; then if [ "${STATUS}" == "V" ]; then
@ -259,43 +268,43 @@ while read -r line || [ -n "${line}" ]; do
break break
fi fi
fi fi
done <${INDEX} done <${INDEX}
if [ "${INUSE}" == "1" ]; then if [ "${INUSE}" == "1" ]; then
printf "\n!! This name is already in use by a Valid Certificate." printf "\n!! This name is already in use by a Valid Certificate."
printf "\nPlease choose another name or revoke this certificate first.\n" printf "\nPlease choose another name or revoke this certificate first.\n"
exit 1 exit 1
fi fi
# Check if name is reserved # Check if name is reserved
if [ "${NAME}" == "ta" ] || [ "${NAME}" == "server" ] || [ "${NAME}" == "ca" ]; then if [ "${NAME}" == "ta" ] || [ "${NAME}" == "server" ] || [ "${NAME}" == "ca" ]; then
echo "Sorry, this is in use by the server and cannot be used by clients." echo "Sorry, this is in use by the server and cannot be used by clients."
exit 1 exit 1
fi fi
#As of EasyRSA 3.0.6, by default certificates last 1080 days, see https://github.com/OpenVPN/easy-rsa/blob/6b7b6bf1f0d3c9362b5618ad18c66677351cacd1/easyrsa3/vars.example #As of EasyRSA 3.0.6, by default certificates last 1080 days, see https://github.com/OpenVPN/easy-rsa/blob/6b7b6bf1f0d3c9362b5618ad18c66677351cacd1/easyrsa3/vars.example
if [ -z "${DAYS}" ]; then if [ -z "${DAYS}" ]; then
read -r -e -p "How many days should the certificate last? " -i 1080 DAYS read -r -e -p "How many days should the certificate last? " -i 1080 DAYS
fi fi
if [[ ! "$DAYS" =~ ^[0-9]+$ ]] || [ "$DAYS" -lt 1 ] || [ "$DAYS" -gt 3650 ]; then if [[ ! "$DAYS" =~ ^[0-9]+$ ]] || [ "$DAYS" -lt 1 ] || [ "$DAYS" -gt 3650 ]; then
#The CRL lasts 3650 days so it doesn't make much sense that certificates would last longer #The CRL lasts 3650 days so it doesn't make much sense that certificates would last longer
echo "Please input a valid number of days, between 1 and 3650 inclusive." echo "Please input a valid number of days, between 1 and 3650 inclusive."
exit 1 exit 1
fi
fi cd /etc/openvpn/easy-rsa || exit
cd /etc/openvpn/easy-rsa || exit if [[ "${NO_PASS}" =~ "1" ]]; then
if [[ "${NO_PASS}" =~ "1" ]]; then
if [[ -n "${PASSWD}" ]]; then if [[ -n "${PASSWD}" ]]; then
echo "Both nopass and password arguments passed to the script. Please use either one." echo "Both nopass and password arguments passed to the script. Please use either one."
exit 1 exit 1
else else
keynoPASS keynoPASS
fi fi
else else
keyPASS keyPASS
fi
fi fi
#1st Verify that clients Public Key Exists #1st Verify that clients Public Key Exists

2
scripts/openvpn/pivpn.sh
View file

@ -73,6 +73,7 @@ function helpFunc {
echo "::: -c, clients List any connected clients to the server" echo "::: -c, clients List any connected clients to the server"
echo "::: -d, debug Start a debugging session if having trouble" echo "::: -d, debug Start a debugging session if having trouble"
echo "::: -l, list List all valid and revoked certificates" echo "::: -l, list List all valid and revoked certificates"
echo "::: -o, ovpn Generate a .ovpn config file for an existing client"
echo "::: -r, revoke Revoke a client ovpn profile" echo "::: -r, revoke Revoke a client ovpn profile"
echo "::: -h, help Show this help dialog" echo "::: -h, help Show this help dialog"
echo "::: -u, uninstall Uninstall PiVPN from your system!" echo "::: -u, uninstall Uninstall PiVPN from your system!"
@ -91,6 +92,7 @@ case "$1" in
"-c" | "clients" ) listClientsFunc "$@";; "-c" | "clients" ) listClientsFunc "$@";;
"-d" | "debug" ) debugFunc;; "-d" | "debug" ) debugFunc;;
"-l" | "list" ) listOVPNFunc;; "-l" | "list" ) listOVPNFunc;;
"-o" | "ovpn" ) makeOVPNFunc "$@" -c;;
"-r" | "revoke" ) removeOVPNFunc "$@";; "-r" | "revoke" ) removeOVPNFunc "$@";;
"-h" | "help" ) helpFunc;; "-h" | "help" ) helpFunc;;
"-u" | "uninstall" ) uninstallFunc;; "-u" | "uninstall" ) uninstallFunc;;