SHOW:
|
|
- or go back to the newest paste.
| 1 | #!/bin/bash | |
| 2 | ####################################################################### | |
| 3 | - | # Define names of certs and keys and client ovpn script |
| 3 | + | # Latest versions of Openvpn supports inline certs and keys |
| 4 | # so you have one client script, instead of script plus 4 keys and certs | |
| 5 | # | |
| 6 | # This tool assumes | |
| 7 | # 1) Openvpn script and certs plus keys are in same directory | |
| 8 | # 2) Certs are usually specified in Openvpn script like | |
| 9 | # ca capi.crt | |
| 10 | # or | |
| 11 | # ca /etc/local/openvpn/capi.crt | |
| 12 | # | |
| 13 | # How to use this script: | |
| 14 | - | -e '/ca '$ca'/d' \ |
| 14 | + | # Save as combine.sh in directory where cert,keys and Openvpn script is. |
| 15 | - | -e '/cert '$cert'/d' \ |
| 15 | + | # e.g. sudo wget http://pastebin.com/raw.php?i=5u0b8EWF -O $HOME/openvpn-client-files/combine.sh |
| 16 | - | -e '/key '$key'/d' \ |
| 16 | + | # make executable |
| 17 | - | -e '/tls-auth '$tlsauth'/d' $ovpndest |
| 17 | + | # e.g. sudo chmod +x $HOME/openvpn-client-files/combine.sh |
| 18 | # Run | |
| 19 | # e.g. sudo $HOME/openvpn-client-files/combine.sh | |
| 20 | ######################################################################## | |
| 21 | # Name of certs and keys and client ovpn script | |
| 22 | # | |
| 23 | ||
| 24 | ca="capi.crt" | |
| 25 | cert="clientpi.crt" | |
| 26 | key="clientpi.key" | |
| 27 | tlsauth="tapi.key" | |
| 28 | ovpndest="raspberry.ovpn" | |
| 29 | ||
| 30 | ######################################################################## | |
| 31 | # Backup to new subdirectory, just incase | |
| 32 | # | |
| 33 | mkdir -p backup | |
| 34 | cp $ca $cert $key $tlsauth $ovpndest ./backup | |
| 35 | ||
| 36 | ######################################################################## | |
| 37 | - | echo "</tls-auth>" >> $ovpndest |
| 37 | + | |
| 38 | # | |
| 39 | sed -i \ | |
| 40 | -e '/ca .*'$ca'/d' \ | |
| 41 | -e '/cert .*'$cert'/d' \ | |
| 42 | -e '/key .*'$key'/d' \ | |
| 43 | -e '/tls-auth .*'$tlsauth'/d' $ovpndest | |
| 44 | ||
| 45 | ######################################################################## | |
| 46 | # Add keys and certs inline | |
| 47 | # | |
| 48 | echo "key-direction 1" >> $ovpndest | |
| 49 | ||
| 50 | echo "<ca>" >> $ovpndest | |
| 51 | awk /BEGIN/,/END/ < ./$ca >> $ovpndest | |
| 52 | echo "</ca>" >> $ovpndest | |
| 53 | ||
| 54 | echo "<cert>" >> $ovpndest | |
| 55 | awk /BEGIN/,/END/ < ./$cert >> $ovpndest | |
| 56 | echo "</cert>" >> $ovpndest | |
| 57 | ||
| 58 | echo "<key>" >> $ovpndest | |
| 59 | awk /BEGIN/,/END/ < ./$key >> $ovpndest | |
| 60 | echo "</key>" >> $ovpndest | |
| 61 | ||
| 62 | echo "<tls-auth>" >> $ovpndest | |
| 63 | awk /BEGIN/,/END/ < ./$tlsauth >> $ovpndest | |
| 64 | echo "</tls-auth>" >> $ovpndest | |
| 65 | ||
| 66 | ######################################################################## | |
| 67 | # Delete key and cert files, backup already made hopefully | |
| 68 | # | |
| 69 | rm $ca $cert $key $tlsauth |
