37 lines
620 B
Bash
37 lines
620 B
Bash
#!/bin/bash
|
|
|
|
# First argument: Client identifier
|
|
|
|
KEY_DIR=/etc/openvpn/server/easy-rsa/2.0/keys
|
|
cat <<EOF
|
|
client
|
|
dev tap
|
|
proto tcp
|
|
remote xxxxxx 1194
|
|
resolv-retry infinite
|
|
keepalive 10 60
|
|
#explicit-exit-notify 2
|
|
nobind
|
|
persist-key
|
|
persist-tun
|
|
remote-cert-tls server
|
|
#ns-cert-type server
|
|
key-direction 1
|
|
cipher AES-256-CBC
|
|
comp-lzo
|
|
compress lz4-v2
|
|
verb 1
|
|
|
|
EOF
|
|
|
|
cat <(echo -e '<ca>') \
|
|
${KEY_DIR}/ca.crt \
|
|
<(echo -e '</ca>\n<cert>') \
|
|
${KEY_DIR}/${1}.crt \
|
|
<(echo -e '</cert>\n<key>') \
|
|
${KEY_DIR}/${1}.key \
|
|
<(echo -e '</key>\n<tls-auth>') \
|
|
${KEY_DIR}/ta.key \
|
|
<(echo -e '</tls-auth>')
|
|
|
|
|