SHOW:
|
|
- or go back to the newest paste.
1 | #!/bin/bash | |
2 | ####################################################################### | |
3 | - | # Define names of certs and keys and client ovpn script |
3 | + | # Latest versions of Openvpn supports inline certs and keys |
4 | # so you have one client script, instead of script plus 4 keys and certs | |
5 | # | |
6 | # This tool assumes | |
7 | # 1) Openvpn script and certs plus keys are in same directory | |
8 | # 2) Certs are usually specified in Openvpn script like | |
9 | # ca capi.crt | |
10 | # or | |
11 | # ca /etc/local/openvpn/capi.crt | |
12 | # | |
13 | # How to use this script: | |
14 | - | -e '/ca '$ca'/d' \ |
14 | + | # Save as combine.sh in directory where cert,keys and Openvpn script is. |
15 | - | -e '/cert '$cert'/d' \ |
15 | + | # e.g. sudo wget http://pastebin.com/raw.php?i=5u0b8EWF -O $HOME/openvpn-client-files/combine.sh |
16 | - | -e '/key '$key'/d' \ |
16 | + | # make executable |
17 | - | -e '/tls-auth '$tlsauth'/d' $ovpndest |
17 | + | # e.g. sudo chmod +x $HOME/openvpn-client-files/combine.sh |
18 | # Run | |
19 | # e.g. sudo $HOME/openvpn-client-files/combine.sh | |
20 | ######################################################################## | |
21 | # Name of certs and keys and client ovpn script | |
22 | # | |
23 | ||
24 | ca="capi.crt" | |
25 | cert="clientpi.crt" | |
26 | key="clientpi.key" | |
27 | tlsauth="tapi.key" | |
28 | ovpndest="raspberry.ovpn" | |
29 | ||
30 | ######################################################################## | |
31 | # Backup to new subdirectory, just incase | |
32 | # | |
33 | mkdir -p backup | |
34 | cp $ca $cert $key $tlsauth $ovpndest ./backup | |
35 | ||
36 | ######################################################################## | |
37 | - | echo "</tls-auth>" >> $ovpndest |
37 | + | |
38 | # | |
39 | sed -i \ | |
40 | -e '/ca .*'$ca'/d' \ | |
41 | -e '/cert .*'$cert'/d' \ | |
42 | -e '/key .*'$key'/d' \ | |
43 | -e '/tls-auth .*'$tlsauth'/d' $ovpndest | |
44 | ||
45 | ######################################################################## | |
46 | # Add keys and certs inline | |
47 | # | |
48 | echo "key-direction 1" >> $ovpndest | |
49 | ||
50 | echo "<ca>" >> $ovpndest | |
51 | awk /BEGIN/,/END/ < ./$ca >> $ovpndest | |
52 | echo "</ca>" >> $ovpndest | |
53 | ||
54 | echo "<cert>" >> $ovpndest | |
55 | awk /BEGIN/,/END/ < ./$cert >> $ovpndest | |
56 | echo "</cert>" >> $ovpndest | |
57 | ||
58 | echo "<key>" >> $ovpndest | |
59 | awk /BEGIN/,/END/ < ./$key >> $ovpndest | |
60 | echo "</key>" >> $ovpndest | |
61 | ||
62 | echo "<tls-auth>" >> $ovpndest | |
63 | awk /BEGIN/,/END/ < ./$tlsauth >> $ovpndest | |
64 | echo "</tls-auth>" >> $ovpndest | |
65 | ||
66 | ######################################################################## | |
67 | # Delete key and cert files, backup already made hopefully | |
68 | # | |
69 | rm $ca $cert $key $tlsauth |