Externalize role

2018-10-08 19:35:16 +02:00 · 2018-10-08 19:35:16 +02:00 · dbd8ed5949
commit dbd8ed5949
9 changed files with 272 additions and 0 deletions
--- a/templates/usr/local/bin/openvpn-gen_conf_client.sh
+++ b/templates/usr/local/bin/openvpn-gen_conf_client.sh
@ -0,0 +1,37 @@
+#!/bin/bash
+
+# First argument: Client identifier
+
+KEY_DIR=/etc/openvpn/server/easy-rsa/2.0/keys
+cat <<EOF
+client
+dev tap
+proto tcp
+remote xxxxxx 1194
+resolv-retry infinite
+keepalive 10 60
+#explicit-exit-notify 2
+nobind
+persist-key
+persist-tun
+remote-cert-tls server
+#ns-cert-type server
+key-direction 1
+cipher AES-256-CBC
+comp-lzo
+compress lz4-v2
+verb 1
+
+EOF
+
+cat <(echo -e '<ca>') \
+    ${KEY_DIR}/ca.crt \
+    <(echo -e '</ca>\n<cert>') \
+    ${KEY_DIR}/${1}.crt \
+    <(echo -e '</cert>\n<key>') \
+    ${KEY_DIR}/${1}.key \
+    <(echo -e '</key>\n<tls-auth>') \
+    ${KEY_DIR}/ta.key \
+    <(echo -e '</tls-auth>')
+
+