mirror of
https://github.com/Nyr/openvpn-install.git
synced 2024-11-24 05:56:08 +03:00
run openvpn unprivileged
This commit is contained in:
parent
01003c88f8
commit
d844154a45
@ -275,6 +275,8 @@ set_var EASYRSA_DIGEST "sha384"" > vars
|
|||||||
./easyrsa gen-crl
|
./easyrsa gen-crl
|
||||||
# Move the stuff we need
|
# Move the stuff we need
|
||||||
cp pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn
|
cp pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn
|
||||||
|
# Make cert revocation list readable for non-root
|
||||||
|
chmod 644 /etc/openvpn/crl.pem
|
||||||
# Generate server.conf
|
# Generate server.conf
|
||||||
echo "port $PORT
|
echo "port $PORT
|
||||||
proto udp
|
proto udp
|
||||||
@ -283,6 +285,8 @@ ca ca.crt
|
|||||||
cert server.crt
|
cert server.crt
|
||||||
key server.key
|
key server.key
|
||||||
dh dh.pem
|
dh dh.pem
|
||||||
|
user nobody
|
||||||
|
group nogroup
|
||||||
topology subnet
|
topology subnet
|
||||||
server 10.8.0.0 255.255.255.0
|
server 10.8.0.0 255.255.255.0
|
||||||
ifconfig-pool-persist ipp.txt
|
ifconfig-pool-persist ipp.txt
|
||||||
|
Loading…
Reference in New Issue
Block a user