mirror/setup-ipsec-vpn
1
0
Fork 0
mirror of synced 2025-02-19 21:43:17 +03:00
Code Issues Projects Releases Wiki Activity

Improve VPN user scripts

Browse Source 
- Improve helper scripts for managing VPN users.
- Support running add_vpn_user.sh and del_vpn_user.sh interactively
  without arguments.
This commit is contained in:
hwdsl2 2021-12-30 15:47:49 -06:00
parent b9f662de7b
commit 8f55500f0f
3 changed files with 76 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
extras/add_vpn_user.sh
View File

@ -16,6 +16,17 @@ SYS_DT=$(date +%F-%T | tr ':' '_')
exiterr() { echo "Error: $1" >&2; exit 1; } exiterr() { echo "Error: $1" >&2; exit 1; }
conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; } conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
show_intro() {
cat <<'EOF'
Welcome! Use this script to add or update a VPN user account for both
IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
If the username you specify already exists, it will be updated
with the new password. Otherwise, a new VPN user will be added.
EOF
}
add_vpn_user() { add_vpn_user() {
if [ "$(id -u)" != 0 ]; then if [ "$(id -u)" != 0 ]; then
@ -33,15 +44,35 @@ fi
command -v openssl >/dev/null 2>&1 || exiterr "'openssl' not found. Abort." command -v openssl >/dev/null 2>&1 || exiterr "'openssl' not found. Abort."
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
cat 1>&2 <<EOF
Usage: sudo bash $0 'username_to_add' 'password'
sudo bash $0 'username_to_update' 'new_password'
You may also run this script interactively without arguments.
EOF
exit 1
fi
VPN_USER=$1 VPN_USER=$1
VPN_PASSWORD=$2 VPN_PASSWORD=$2
if [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then if [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
cat 1>&2 <<EOF show_intro
Usage: sudo bash $0 'username_to_add' 'password' echo
sudo bash $0 'username_to_update' 'new_password' echo "List of existing VPN usernames:"
EOF cut -f1 -d : /etc/ipsec.d/passwd
exit 1 echo
echo "Enter the VPN username you want to add or update."
read -rp "Username: " VPN_USER
if [ -z "$VPN_USER" ]; then
echo "Abort. No changes were made." >&2
exit 1
fi
read -rp "Password: " VPN_PASSWORD
if [ -z "$VPN_PASSWORD" ]; then
echo "Abort. No changes were made." >&2
exit 1
fi
fi fi
if printf '%s' "$VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then if printf '%s' "$VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
@ -54,16 +85,12 @@ case "$VPN_USER $VPN_PASSWORD" in
;; ;;
esac esac
if [ -n "$1" ] && [ -n "$2" ]; then
show_intro
fi
cat <<EOF cat <<EOF
Welcome! Use this script to add or update a VPN user account for both
IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
If the username you specified already exists, it will be updated
with the new password. Otherwise, a new VPN user will be added.
Please double check before continuing!
================================================ ================================================
VPN user to add or update: VPN user to add or update:

38
extras/del_vpn_user.sh
View File

@ -16,6 +16,14 @@ SYS_DT=$(date +%F-%T | tr ':' '_')
exiterr() { echo "Error: $1" >&2; exit 1; } exiterr() { echo "Error: $1" >&2; exit 1; }
conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; } conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
show_intro() {
cat <<'EOF'
Welcome! Use this script to delete a VPN user account for both
IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
EOF
}
del_vpn_user() { del_vpn_user() {
if [ "$(id -u)" != 0 ]; then if [ "$(id -u)" != 0 ]; then
@ -31,13 +39,28 @@ EOF
exit 1 exit 1
fi fi
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
cat 1>&2 <<EOF
Usage: sudo bash $0 'username_to_delete'
You may also run this script interactively without arguments.
EOF
exit 1
fi
VPN_USER=$1 VPN_USER=$1
if [ -z "$VPN_USER" ]; then if [ -z "$VPN_USER" ]; then
cat 1>&2 <<EOF show_intro
Usage: sudo bash $0 'username_to_delete' echo
EOF echo "List of existing VPN usernames:"
exit 1 cut -f1 -d : /etc/ipsec.d/passwd
echo
echo "Enter the VPN username you want to delete."
read -rp "Username: " VPN_USER
if [ -z "$VPN_USER" ]; then
echo "Abort. No changes were made." >&2
exit 1
fi
fi fi
if printf '%s' "$VPN_USER" | LC_ALL=C grep -q '[^ -~]\+'; then if printf '%s' "$VPN_USER" | LC_ALL=C grep -q '[^ -~]\+'; then
@ -68,13 +91,10 @@ EOF
exit 1 exit 1
fi fi
[ -n "$1" ] && show_intro
cat <<EOF cat <<EOF
Welcome! Use this script to delete a VPN user account for both
IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
Please double check before continuing!
================================================ ================================================
VPN user to delete: VPN user to delete:

7
extras/update_vpn_users.sh
View File

@ -55,6 +55,13 @@ fi
command -v openssl >/dev/null 2>&1 || exiterr "'openssl' not found. Abort." command -v openssl >/dev/null 2>&1 || exiterr "'openssl' not found. Abort."
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
cat 1>&2 <<'EOF'
For usage information, visit https://git.io/vpnnotes, then click on Manage VPN Users.
EOF
exit 1
fi
[ -n "$YOUR_USERNAMES" ] && VPN_USERS="$YOUR_USERNAMES" [ -n "$YOUR_USERNAMES" ] && VPN_USERS="$YOUR_USERNAMES"
[ -n "$YOUR_PASSWORDS" ] && VPN_PASSWORDS="$YOUR_PASSWORDS" [ -n "$YOUR_PASSWORDS" ] && VPN_PASSWORDS="$YOUR_PASSWORDS"