Php/OpenVPN-Admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #9 from SansPseudoFix/install

Browse Source 
Refactoring + possibility to change port
This commit is contained in:
Bigard Florian 2016-08-31 11:08:59 +02:00 committed by GitHub
commit a62e07f8f4
1 changed files with 35 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
install.sh
View File

@ -8,7 +8,7 @@ print_help () {
} }
# Ensure to be root # Ensure to be root
if [ "$EUID" -ne 0 ]; then if [ "$EUID" -ne 0 ]; then
echo "Please run as root" echo "Please run as root"
exit exit
fi fi
@ -44,19 +44,29 @@ base_path=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
printf "\n################## Server informations ##################\n" printf "\n################## Server informations ##################\n"
echo -n "Server ip: " read -p "Server ip: " ip_server
read ip_server
read -p "Port [default: 443]: " server_port
if [[ "$server_port" == "443" || "$server_port" == "" ]]; then
server_port="443"
else
server_port=$server_port
fi
# Get root pass (to create the database and the user) # Get root pass (to create the database and the user)
mysql_root_pass="" mysql_root_pass=""
status_code=1 status_code=1
while [ $status_code -ne 0 ]; do while [ $status_code -ne 0 ]; do
echo -n "Server MySQL root password: " read -p "Server MySQL root password: " -s mysql_root_pass; echo
read mysql_root_pass if [ "$mysql_root_pass" != "" ]; then
echo "SHOW DATABASES" | mysql -u root --password="$mysql_root_pass" &> /dev/null echo "SHOW DATABASES" | mysql -u root --password="$mysql_root_pass" &> /dev/null
status_code=$? status_code=$?
else
echo "MySQL root password is empty!"
exit
fi
done done
sql_result=$(echo "SHOW DATABASES" | mysql -u root --password="$mysql_root_pass" | grep -e "^openvpn-admin$") sql_result=$(echo "SHOW DATABASES" | mysql -u root --password="$mysql_root_pass" | grep -e "^openvpn-admin$")
@ -66,9 +76,9 @@ if [ "$sql_result" != "" ]; then
exit exit
fi fi
# Check if the user doesn't already exist # Check if the user doesn't already exist
echo -n "Server MySQL openvpn-admin user (will be created): " read -p "Server MySQL openvpn-admin user (will be created): " mysql_user
read mysql_user
echo "SHOW GRANTS FOR $mysql_user@localhost" | mysql -u root --password="$mysql_root_pass" &> /dev/null echo "SHOW GRANTS FOR $mysql_user@localhost" | mysql -u root --password="$mysql_root_pass" &> /dev/null
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
@ -76,8 +86,7 @@ if [ $? -eq 0 ]; then
exit exit
fi fi
echo -n "Server MySQL openvpn-admin user password: " read -p "Server MySQL openvpn-admin user password: " -s mysql_pass; echo
read mysql_pass
# TODO MySQL port & host ? # TODO MySQL port & host ?
@ -86,40 +95,29 @@ read mysql_pass
printf "\n################## Certificates informations ##################\n" printf "\n################## Certificates informations ##################\n"
key_size="0" key_size="0"
while [ "$key_size" != "1024" -a "$key_size" != "2048" -a "$key_size" != "4096" ]; do while [ "$key_size" != "1024" -a "$key_size" != "2048" -a "$key_size" != "4096" ]; do
echo -n "Key size (1024, 2048 or 4096): " read -p "Key size (1024, 2048 or 4096): " key_size
read key_size
done done
echo -n "Root certificate expiration (in days): " read -p "Root certificate expiration (in days): " ca_expire
read ca_expire
echo -n "Certificate expiration (in days): " read -p "Certificate expiration (in days): " key_expire
read key_expire
echo -n "Country Name (2 letter code): " read -p "Country Name (2 letter code): " key_country
read key_country
echo -n "State or Province Name (full name): " read -p "State or Province Name (full name): " key_province
read key_province
echo -n "Locality Name (eg, city): " read -p "Locality Name (eg, city): " key_city
read key_city
echo -n "Organization Name (eg, company): " read -p "Organization Name (eg, company): " key_org
read key_org
echo -n "Email Address: " read -p "Email Address: " key_email
read key_email
echo -n "Common Name (eg, your name or your server's hostname): " read -p "Common Name (eg, your name or your server's hostname): " key_cn
read key_cn
echo -n "Name (eg, your name or your server's hostname): " read -p "Name (eg, your name or your server's hostname): " key_name
read key_name
echo -n "Organizational Unit Name (eg, section): " read -p "Organizational Unit Name (eg, section): " key_ou
read key_ou
printf "\n################## Creating the certificates ##################\n" printf "\n################## Creating the certificates ##################\n"
@ -160,6 +158,7 @@ cp /etc/openvpn/easy-rsa/keys/{ca.crt,ta.key,server.crt,server.key,dh${KEY_SIZE}
cp "$base_path/installation/server.conf" "/etc/openvpn/" cp "$base_path/installation/server.conf" "/etc/openvpn/"
mkdir "/etc/openvpn/ccd" mkdir "/etc/openvpn/ccd"
sed -i "s/dh dh1024\.pem/dh dh${KEY_SIZE}.pem/" "/etc/openvpn/server.conf" sed -i "s/dh dh1024\.pem/dh dh${KEY_SIZE}.pem/" "/etc/openvpn/server.conf"
sed -i "s/port 443/port $server_port/" "/etc/openvpn/server.conf"
printf "\n################## Setup firewall ##################\n" printf "\n################## Setup firewall ##################\n"
@ -208,8 +207,8 @@ sed -i "s/\$user = '';/\$user = '$mysql_user';/" "./include/config.php"
sed -i "s/\$pass = '';/\$pass = '$mysql_pass';/" "./include/config.php" sed -i "s/\$pass = '';/\$pass = '$mysql_pass';/" "./include/config.php"
# Replace in the client configurations with the ip of the server # Replace in the client configurations with the ip of the server
sed -i "s/remote xxx\.xxx\.xxx\.xxx 443/remote $ip_server 443/" "./client-conf/gnu-linux/client.conf" sed -i "s/remote xxx\.xxx\.xxx\.xxx 443/remote $ip_server $server_port/" "./client-conf/gnu-linux/client.conf"
sed -i "s/remote xxx\.xxx\.xxx\.xxx 443/remote $ip_server 443/" "./client-conf/windows/client.ovpn" sed -i "s/remote xxx\.xxx\.xxx\.xxx 443/remote $ip_server $server_port/" "./client-conf/windows/client.ovpn"
# Copy ta.key inside the client-conf directory # Copy ta.key inside the client-conf directory
cp "/etc/openvpn/"{ca.crt,ta.key} "./client-conf/gnu-linux/" cp "/etc/openvpn/"{ca.crt,ta.key} "./client-conf/gnu-linux/"