1
0
mirror of synced 2024-11-25 14:26:09 +03:00

Update docs

This commit is contained in:
hwdsl2 2022-03-13 15:42:04 -05:00
parent d182d9651a
commit 09d4018e2c
2 changed files with 94 additions and 36 deletions

View File

@ -42,57 +42,86 @@ service xl2tpd restart
## 使用辅助脚本管理 VPN 用户 ## 使用辅助脚本管理 VPN 用户
你可以使用这些脚本来更方便地管理 VPN 用户:[add_vpn_user.sh](../extras/add_vpn_user.sh), [del_vpn_user.sh](../extras/del_vpn_user.sh) 和 [update_vpn_users.sh](../extras/update_vpn_users.sh)。它们将同时更新 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式的用户。将下面的命令的参数换成你自己的值。对于 IKEv2参见 [管理客户端证书](ikev2-howto-zh.md#管理客户端证书)。 你可以使用辅助脚本 [添加](../extras/add_vpn_user.sh), [删除](../extras/del_vpn_user.sh) 或者 [更新所有的](../extras/update_vpn_users.sh) VPN 用户。它们将同时更新 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式的用户。对于 IKEv2 模式请另外参见 [管理客户端证书](ikev2-howto-zh.md#管理客户端证书)。
**注:** VPN 用户信息保存在文件 `/etc/ppp/chap-secrets``/etc/ipsec.d/passwd`。脚本在修改这些文件之前会先做备份,使用 `.old-日期-时间` 为后缀。 **注:** 将下面的命令的参数换成你自己的值。VPN 用户信息保存在文件 `/etc/ppp/chap-secrets``/etc/ipsec.d/passwd`。脚本在修改这些文件之前会先做备份,使用 `.old-日期-时间` 为后缀。
### 添加或更改一个 VPN 用户 ### 添加或更改一个 VPN 用户
添加一个新 VPN 用户,或者为一个已有的 VPN 用户更改密码。 添加一个新 VPN 用户,或者为一个已有的 VPN 用户更改密码。
运行脚本并按提示操作:
```bash ```bash
# 下载脚本 sudo addvpnuser.sh
wget -nv -O add_vpn_user.sh https://bit.ly/addvpnuser
# 运行脚本并按提示操作
sudo bash add_vpn_user.sh
``` ```
<details>
<summary>
错误:"sudo: addvpnuser.sh: command not found".
</summary>
如果你使用了较早版本的 VPN 安装脚本,这是正常的。首先下载辅助脚本:
```bash
wget -nv -O /opt/src/addvpnuser.sh https://bit.ly/addvpnuser
chmod +x /opt/src/addvpnuser.sh && ln -s /opt/src/addvpnuser.sh /usr/bin
```
然后按照说明运行脚本。
</details>
另外,你也可以在添加参数的情况下运行脚本: 另外,你也可以在添加参数的情况下运行脚本:
```bash ```bash
# 所有变量值必须用 '单引号' 括起来 # 所有变量值必须用 '单引号' 括起来
# *不要* 在值中使用这些字符: \ " ' # *不要* 在值中使用这些字符: \ " '
sudo bash add_vpn_user.sh '要添加的用户名' '密码' sudo addvpnuser.sh '要添加的用户名' '密码'
# 或者 # 或者
sudo bash add_vpn_user.sh '要更新的用户名' '新密码' sudo addvpnuser.sh '要更新的用户名' '新密码'
``` ```
### 删除一个 VPN 用户 ### 删除一个 VPN 用户
删除指定的 VPN 用户。 删除指定的 VPN 用户。
运行脚本并按提示操作:
```bash ```bash
# 下载脚本 sudo delvpnuser.sh
wget -nv -O del_vpn_user.sh https://bit.ly/delvpnuser
# 运行脚本并按提示操作
sudo bash del_vpn_user.sh
``` ```
<details>
<summary>
错误:"sudo: delvpnuser.sh: command not found".
</summary>
如果你使用了较早版本的 VPN 安装脚本,这是正常的。首先下载辅助脚本:
```bash
wget -nv -O /opt/src/delvpnuser.sh https://bit.ly/delvpnuser
chmod +x /opt/src/delvpnuser.sh && ln -s /opt/src/delvpnuser.sh /usr/bin
```
然后按照说明运行脚本。
</details>
另外,你也可以在添加参数的情况下运行脚本: 另外,你也可以在添加参数的情况下运行脚本:
```bash ```bash
# 所有变量值必须用 '单引号' 括起来 # 所有变量值必须用 '单引号' 括起来
# *不要* 在值中使用这些字符: \ " ' # *不要* 在值中使用这些字符: \ " '
sudo bash del_vpn_user.sh '要删除的用户名' sudo delvpnuser.sh '要删除的用户名'
``` ```
### 更新所有的 VPN 用户 ### 更新所有的 VPN 用户
移除所有的 VPN 用户并替换为你指定的列表中的用户。 移除所有的 VPN 用户并替换为你指定的列表中的用户。
首先下载脚本:
```bash ```bash
# 下载脚本 wget -nv -O updatevpnusers.sh https://bit.ly/updatevpnusers
wget -nv -O update_vpn_users.sh https://bit.ly/updatevpnusers
``` ```
要使用这个脚本,从以下选项中选择一个: 要使用这个脚本,从以下选项中选择一个:
@ -102,9 +131,9 @@ wget -nv -O update_vpn_users.sh https://bit.ly/updatevpnusers
**选项 1:** 编辑脚本并输入 VPN 用户信息: **选项 1:** 编辑脚本并输入 VPN 用户信息:
```bash ```bash
nano -w update_vpn_users.sh nano -w updatevpnusers.sh
[替换为你自己的值: YOUR_USERNAMES 和 YOUR_PASSWORDS] [替换为你自己的值: YOUR_USERNAMES 和 YOUR_PASSWORDS]
sudo bash update_vpn_users.sh sudo bash updatevpnusers.sh
``` ```
**选项 2:** 将 VPN 用户信息定义为环境变量: **选项 2:** 将 VPN 用户信息定义为环境变量:
@ -116,7 +145,7 @@ sudo bash update_vpn_users.sh
sudo \ sudo \
VPN_USERS='用户名1 用户名2 ...' \ VPN_USERS='用户名1 用户名2 ...' \
VPN_PASSWORDS='密码1 密码2 ...' \ VPN_PASSWORDS='密码1 密码2 ...' \
bash update_vpn_users.sh bash updatevpnusers.sh
``` ```
## 手动管理 VPN 用户 ## 手动管理 VPN 用户

View File

@ -42,57 +42,86 @@ For IPsec/XAuth ("Cisco IPsec"), VPN users are specified in `/etc/ipsec.d/passwd
## Manage VPN users using helper scripts ## Manage VPN users using helper scripts
You may use these scripts to more easily manage VPN users: [add_vpn_user.sh](../extras/add_vpn_user.sh), [del_vpn_user.sh](../extras/del_vpn_user.sh) and [update_vpn_users.sh](../extras/update_vpn_users.sh). They will update users for both IPsec/L2TP and IPsec/XAuth ("Cisco IPsec"). Replace command parameters below with your own values. For IKEv2, see [Manage client certificates](ikev2-howto.md#manage-client-certificates). You may use helper scripts to [add](../extras/add_vpn_user.sh), [delete](../extras/del_vpn_user.sh) or [update all](../extras/update_vpn_users.sh) VPN users for both IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes. For IKEv2 mode, please instead see [Manage client certificates](ikev2-howto.md#manage-client-certificates).
**Note:** VPN users are stored in `/etc/ppp/chap-secrets` and `/etc/ipsec.d/passwd`. The scripts will backup these files before making changes, with `.old-date-time` suffix. **Note:** Replace command arguments below with your own values. VPN users are stored in `/etc/ppp/chap-secrets` and `/etc/ipsec.d/passwd`. The scripts will backup these files before making changes, with `.old-date-time` suffix.
### Add or edit a VPN user ### Add or edit a VPN user
Add a new VPN user, or update an existing VPN user with a new password. Add a new VPN user, or update an existing VPN user with a new password.
Run the script and follow the prompts:
```bash ```bash
# Download the script sudo addvpnuser.sh
wget -nv -O add_vpn_user.sh https://bit.ly/addvpnuser
# Run the script and follow the prompts
sudo bash add_vpn_user.sh
``` ```
<details>
<summary>
Error: "sudo: addvpnuser.sh: command not found".
</summary>
This is normal if you used an older version of the VPN setup script. First, download the helper script:
```bash
wget -nv -O /opt/src/addvpnuser.sh https://bit.ly/addvpnuser
chmod +x /opt/src/addvpnuser.sh && ln -s /opt/src/addvpnuser.sh /usr/bin
```
Then run the script using the instructions.
</details>
Alternatively, you can run the script with arguments: Alternatively, you can run the script with arguments:
```bash ```bash
# All values MUST be placed inside 'single quotes' # All values MUST be placed inside 'single quotes'
# DO NOT use these special characters within values: \ " ' # DO NOT use these special characters within values: \ " '
sudo bash add_vpn_user.sh 'username_to_add' 'password' sudo addvpnuser.sh 'username_to_add' 'password'
# OR # OR
sudo bash add_vpn_user.sh 'username_to_update' 'new_password' sudo addvpnuser.sh 'username_to_update' 'new_password'
``` ```
### Delete a VPN user ### Delete a VPN user
Delete the specified VPN user. Delete the specified VPN user.
Run the script and follow the prompts:
```bash ```bash
# Download the script sudo delvpnuser.sh
wget -nv -O del_vpn_user.sh https://bit.ly/delvpnuser
# Run the script and follow the prompts
sudo bash del_vpn_user.sh
``` ```
<details>
<summary>
Error: "sudo: delvpnuser.sh: command not found".
</summary>
This is normal if you used an older version of the VPN setup script. First, download the helper script:
```bash
wget -nv -O /opt/src/delvpnuser.sh https://bit.ly/delvpnuser
chmod +x /opt/src/delvpnuser.sh && ln -s /opt/src/delvpnuser.sh /usr/bin
```
Then run the script using the instructions.
</details>
Alternatively, you can run the script with arguments: Alternatively, you can run the script with arguments:
```bash ```bash
# All values MUST be placed inside 'single quotes' # All values MUST be placed inside 'single quotes'
# DO NOT use these special characters within values: \ " ' # DO NOT use these special characters within values: \ " '
sudo bash del_vpn_user.sh 'username_to_delete' sudo delvpnuser.sh 'username_to_delete'
``` ```
### Update all VPN users ### Update all VPN users
Remove all existing VPN users and replace with the list of users you specify. Remove all existing VPN users and replace with the list of users you specify.
First, download the script:
```bash ```bash
# Download the script wget -nv -O updatevpnusers.sh https://bit.ly/updatevpnusers
wget -nv -O update_vpn_users.sh https://bit.ly/updatevpnusers
``` ```
To use this script, choose one of the following options: To use this script, choose one of the following options:
@ -102,9 +131,9 @@ To use this script, choose one of the following options:
**Option 1:** Edit the script and enter VPN user details: **Option 1:** Edit the script and enter VPN user details:
```bash ```bash
nano -w update_vpn_users.sh nano -w updatevpnusers.sh
[Replace with your own values: YOUR_USERNAMES and YOUR_PASSWORDS] [Replace with your own values: YOUR_USERNAMES and YOUR_PASSWORDS]
sudo bash update_vpn_users.sh sudo bash updatevpnusers.sh
``` ```
**Option 2:** Define VPN user details as environment variables: **Option 2:** Define VPN user details as environment variables:
@ -116,7 +145,7 @@ sudo bash update_vpn_users.sh
sudo \ sudo \
VPN_USERS='username1 username2 ...' \ VPN_USERS='username1 username2 ...' \
VPN_PASSWORDS='password1 password2 ...' \ VPN_PASSWORDS='password1 password2 ...' \
bash update_vpn_users.sh bash updatevpnusers.sh
``` ```
## Manually manage VPN users ## Manually manage VPN users