mirror of
https://github.com/Nyr/openvpn-install.git
synced 2024-11-28 07:56:07 +03:00
Some slight modifications, client still does not work.
This commit is contained in:
Birkhoff
parent
86a155b4bb
commit
b233ddbfc9
@ -146,9 +146,9 @@ if [[ -e /etc/openvpn/server.conf ]]; then
|
|||||||
semanage port -d -t openvpn_port_t -p $PROTOCOL $PORT
|
semanage port -d -t openvpn_port_t -p $PROTOCOL $PORT
|
||||||
fi
|
fi
|
||||||
if [[ "$OS" = 'debian' ]]; then
|
if [[ "$OS" = 'debian' ]]; then
|
||||||
apt remove --purge -y openvpn
|
apt remove --purge openvpn stunnel4 -y
|
||||||
else
|
else
|
||||||
yum remove openvpn -y
|
yum remove openvpn stunnel4 -y
|
||||||
fi
|
fi
|
||||||
rm -rf /etc/openvpn
|
rm -rf /etc/openvpn
|
||||||
rm -f /etc/sysctl.d/30-openvpn-forward.conf
|
rm -f /etc/sysctl.d/30-openvpn-forward.conf
|
||||||
@ -269,9 +269,10 @@ else
|
|||||||
if [[ $SSL==1 ]]; then
|
if [[ $SSL==1 ]]; then
|
||||||
echo "local 127.0.0.1" > /etc/openvpn/server.conf
|
echo "local 127.0.0.1" > /etc/openvpn/server.conf
|
||||||
echo "port 1194" >> /etc/openvpn/server.conf
|
echo "port 1194" >> /etc/openvpn/server.conf
|
||||||
csplit -f /etc/stunnel/cert. /etc/openvpn/server.crt '/-----BEGIN CERTIFICATE-----/' '{*}'
|
csplit -f /etc/openvpn/cert. /etc/openvpn/server.crt '/-----BEGIN CERTIFICATE-----/' '{*}'
|
||||||
rm /etc/stunnel/cert.00
|
rm /etc/openvpn/cert.00 /etc/openvpn/server.crt
|
||||||
mv /etc/stunnel/cert.01 /etc/stunnel/server.crt
|
mv /etc/openvpn/cert.01 /etc/openvpn/server.crt
|
||||||
|
cp /etc/openvpn/server.crt /etc/stunnel/
|
||||||
cp /etc/openvpn/server.key /etc/stunnel/
|
cp /etc/openvpn/server.key /etc/stunnel/
|
||||||
echo "sslVersion = all
|
echo "sslVersion = all
|
||||||
;chroot = /var/lib/stunnel4/
|
;chroot = /var/lib/stunnel4/
|
||||||
@ -282,7 +283,7 @@ output = /var/log/stunnel4/stunnel.log
|
|||||||
accept = 0.0.0.0:443
|
accept = 0.0.0.0:443
|
||||||
connect = 127.0.0.1:1194
|
connect = 127.0.0.1:1194
|
||||||
cert=/etc/stunnel/server.crt
|
cert=/etc/stunnel/server.crt
|
||||||
key=/etc/openvpn/server.key" > /etc/stunnel/stunnel.conf
|
key=/etc/stunnel/server.key" > /etc/stunnel/stunnel.conf
|
||||||
else
|
else
|
||||||
echo "port $PORT" > /etc/openvpn/server.conf
|
echo "port $PORT" > /etc/openvpn/server.conf
|
||||||
fi
|
fi
|
||||||
@ -434,15 +435,14 @@ reneg-sec $RENEGKEY
|
|||||||
verb 3" >> /etc/openvpn/client-common.txt
|
verb 3" >> /etc/openvpn/client-common.txt
|
||||||
echo "client = yes
|
echo "client = yes
|
||||||
debug = 6
|
debug = 6
|
||||||
|
|
||||||
[openvpn]
|
[openvpn]
|
||||||
accept = 127.0.0.1:1194
|
accept = 127.0.0.1:1194
|
||||||
connect = $IP:$PORT
|
connect = $IP:$PORT
|
||||||
TIMEOUTclose = 0
|
TIMEOUTclose = 0
|
||||||
verify = 3
|
verify = 3
|
||||||
CAfile = ssl.crt" > /etc/openvpn/client.ssl
|
CAfile = ssl.crt" > /etc/stunnel/stunnel-client.conf
|
||||||
cp /etc/openvpn/client.ssl $HOME/
|
cp /etc/stunnel/stunnel-client.conf $HOME/stunnel.conf
|
||||||
cp /etc/openvpn/server.crt $HOME/ssl.crt
|
cp /etc/openvpn/server.crt $HOME/stunnel.crt
|
||||||
# Generates the custom client.ovpn
|
# Generates the custom client.ovpn
|
||||||
newclient "$CLIENT"
|
newclient "$CLIENT"
|
||||||
echo
|
echo
|
||||||
@ -450,7 +450,7 @@ CAfile = ssl.crt" > /etc/openvpn/client.ssl
|
|||||||
echo
|
echo
|
||||||
echo "Your client configuration is available at: ~/$CLIENT.ovpn"
|
echo "Your client configuration is available at: ~/$CLIENT.ovpn"
|
||||||
if [[ $SSL=1 ]]; then
|
if [[ $SSL=1 ]]; then
|
||||||
echo "~/ssl.crt and ~/client.ssl. Install stunnel4 on client before you continue."
|
echo "~/stunnel.crt and ~/stunnel.conf. Install stunnel4 on client before you continue."
|
||||||
fi
|
fi
|
||||||
echo "If you want to add more clients, you simply need to run this script again!"
|
echo "If you want to add more clients, you simply need to run this script again!"
|
||||||
fi
|
fi
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user