From a5bffa091dec585b8f060e820ee87234e51e63a2 Mon Sep 17 00:00:00 2001 From: Christoph Date: Fri, 13 Mar 2020 21:58:27 +0100 Subject: [PATCH] Better install support for configuration files . --- conf/install_openvpn.conf.sample | 28 +- install_openvpn.sh | 1017 ++++++++++++++++++++++++++---- 2 files changed, 898 insertions(+), 147 deletions(-) diff --git a/conf/install_openvpn.conf.sample b/conf/install_openvpn.conf.sample index cae07d7..6fbd060 100644 --- a/conf/install_openvpn.conf.sample +++ b/conf/install_openvpn.conf.sample @@ -24,19 +24,24 @@ ORG_SHORTCUT="" # - Name of the OpenVPN Service # - -# - Example: 'so36' or 'home' or 'gw-ckubu' or 'opp' or 'opferperspektive' or.. +# - Multiple names are posssible - List of blank separated names. +# - +# - Example: 'so36' +# - 'home' +# - 'gw-ckubu' +# - 'opp' +# - 'opferperspektive' +# - 'home gw-ckubu' +# - 'spr gw-ckubu' # - OPENVPN_NAME="" # - OpenVPN Base Directory for Service +# - +# - Defaults to: OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}" +# - OPENVPN_BASE_DIR="" -# - OpenVPN Key Directory for Service -OPENVPN_KEY_DIR="" - -# - OpenVPN Client Cofiguration Directory for Service -OPENVPN_CCD_DIR="" - # --- # - Parameters OpenVPN Configuration / KEY Creation # --- @@ -92,9 +97,10 @@ LZO_COMPRESSION="no" # - SERVER_CIPHER="AES-256-CBC" -# - OpenVPN Network used for the connection. +# - OpenVPN Network(s) used for this server. # - -# - Eample: 10.0.217.0 +# - Eample: "10.0.217.0" +# - "10.0.82.0 10.0.82.1" # - OPENVPN_NETWORK="" @@ -106,13 +112,13 @@ OPENVPN_NETWORK="" # - # - Example: '192.168.82.0/24 192.168.83.0' # - -REMOTE_NETWORKS="none" +REMOTE_NETWORKS="None" # - IP-Address of DNS server to push from OpenVPN server to the client. # - # - "None" if no DNS Server should be pushed. # - -DNS_SERVER="none" +DNS_SERVER="None" # - Search Domain(s) to push from OpenVPN server to the client. # - diff --git a/install_openvpn.sh b/install_openvpn.sh index 5306691..feb5626 100755 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -45,6 +45,21 @@ blank_line() { fi } +is_number() { + + return $(test ! -z "${1##*[!0-9]*}" > /dev/null 2>&1); + + # - also possible + # - + #[[ ! -z "${1##*[!0-9]*}" ]] && return 0 || return 1 + #return $([[ ! -z "${1##*[!0-9]*}" ]]) +} + +is_int() { + return $(test "$@" -eq "$@" > /dev/null 2>&1); +} + + # - Test of valid IPv4 Address # - @@ -213,7 +228,8 @@ echo -e "\n\t\033[32mStart script for installation of OpenVPN on this Server..\0 #----------------------------- #--------------------------------------- -DEFAULT_SERVER_PORT=1194 +DEFAULT_SERVER_PORT="1194 1195" +DEFAULT_OPENVPN_NAME="home gw-ckubu" DEFAULT_CA_EXPIRE=11688 DEFAULT_CERT_EXPIRE=7305 @@ -227,7 +243,6 @@ DEFAULT_KEY_EMAIL='argus@oopen.de' DEFAULT_KEY_ORG='o.open' DEFAULT_KEY_OU="Network Services" -#DEFAULT_SERVER_CIPHER="BF-CBC" DEFAULT_SERVER_CIPHER="AES-256-CBC" @@ -256,6 +271,60 @@ else fi [[ -z "$DEFAULT_SERVER_CIPHER" ]] && DEFAULT_SERVER_CIPHER='None' +[[ -n "$OPENVPN_SERVER" ]] && DEFAULT_SERVER="$(trim "$OPENVPN_SERVER")" + +#[[ -n "$SERVER_PORT" ]] && DEFAULT_SERVER_PORT="$( trim "$SERVER_PORT")" + +declare -a DEFAULT_SERVER_PORT_ARR=() +if [[ -n "$SERVER_PORT" ]] ; then + for _port in $SERVER_PORT ; do + DEFAULT_SERVER_PORT_ARR+=("$_port") + done +else + for _port in $DEFAULT_SERVER_PORT ; do + DEFAULT_SERVER_PORT_ARR+=("$_port") + done +fi + +[[ -n "$ORG_SHORTCUT" ]] && DEFAULT_ORG_SHORTCUT="$(trim "$ORG_SHORTCUT")" + +declare -a DEFAULT_OPENVPN_NAME_ARR=() +if [[ -n "$OPENVPN_NAME" ]] ; then + for _name in $OPENVPN_NAME ; do + DEFAULT_OPENVPN_NAME_ARR+=("$_name") + done +else + for _name in $DEFAULT_OPENVPN_NAME ; do + DEFAULT_OPENVPN_NAME_ARR+=("$_name") + done +fi + +[[ -n "$OPENVPN_BASE_DIR" ]] && DEFAULT_OPENVPN_BASE_DIR="$OPENVPN_BASE_DIR" + +[[ -n "$CA_EXPIRE" ]] && DEFAULT_CERT_EXPIRE="$(trim "$CA_EXPIRE")" +[[ -n "$KEY_PROVINCE" ]] && DEFAULT_KEY_PROVINCE="$(trim "$KEY_PROVINCE")" +[[ -n "$KEY_CITY" ]] && DEFAULT_KEY_CITY="$(trim "$KEY_CITY")" +[[ -n "$KEY_ORG" ]] && DEFAULT_KEY_ORG="$(trim "$KEY_ORG")" +[[ -n "$KEY_EMAIL" ]] && DEFAULT_KEY_EMAIL="$(trim "$KEY_EMAIL")" +[[ -n "$KEY_OU" ]] && DEFAULT_KEY_OU="$(trim "$KEY_OU")" + +[[ -n "$LZO_COMPRESSION" ]] && DEFAULT_LZO_COMPRESSION="$(trim "$LZO_COMPRESSION")" +[[ -n "$SERVER_CIPHER" ]] && DEFAULT_SERVER_CIPHER="$(trim "$SERVER_CIPHER")" +#[[ -n "$" ]] && DEFAULT_="$(trim "$")" + +declare -a DEFAULT_OPENVPN_NETWORK=() +if [[ -n "$OPENVPN_NETWORK" ]] ; then + for _net in $OPENVPN_NETWORK ; do + DEFAULT_OPENVPN_NETWORK_ARR+=("$_net") + done +fi + +[[ -n "$REMOTE_NETWORKS" ]] && DEFAULT_REMOTE_NETWORKS="$(trim "$REMOTE_NETWORKS")" +[[ -n "$DNS_SERVER" ]] && DEFAULT_DNS_SERVER="$(trim "$DNS_SERVER")" +[[ -n "$SEARCH_DOMAINS" ]] && DEFAULT_SEARCH_DOMAINS="$(trim "$SEARCH_DOMAINS")" +[[ -n "$LOCAL_NETWORKS" ]] && DEFAULT_LOCAL_NETWORKS="$(trim "$LOCAL_NETWORKS")" + + echo "" echo "" @@ -300,14 +369,51 @@ fi echo "" SERVER_PORT="" -echononl "Server Port [${DEFAULT_SERVER_PORT}]: " -while [[ "X${SERVER_PORT}" = "X" ]]; do - read SERVER_PORT - if [[ "X$SERVER_PORT" = "X" ]]; then - SERVER_PORT="$DEFAULT_SERVER_PORT" +#echononl "Server Port [${DEFAULT_SERVER_PORT}]: " +#while [[ "X${SERVER_PORT}" = "X" ]]; do +# read SERVER_PORT +# if [[ "X$SERVER_PORT" = "X" ]]; then +# SERVER_PORT="$DEFAULT_SERVER_PORT" +# fi +#done + +declare -i i=0 +echo "" +echo "Which Server Port should be used:" +echo "" +for _port in "${DEFAULT_SERVER_PORT_ARR[@]}" ; do + echo " [${i}] ${DEFAULT_SERVER_PORT_ARR[${i}]}" + (( i++ )) +done +echo "" +echo " [${i}] other" +_OK=false +echo "" +echononl "Eingabe: " +while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ -n ${DEFAULT_SERVER_PORT_ARR[$_IN]} ]]; then + SERVER_PORT="${DEFAULT_SERVER_PORT_ARR[$_IN]}" + _OK=true + elif is_number "$_IN" && [[ $_IN -eq $i ]]; then + echo "" + echononl "Server Port: " + read SERVER_PORT + while [[ "X${SERVER_PORT}" = "X" ]]; do + echo -e "\n\t\033[33m\033[1mSetting 'Server Port' is required!\033[m\n" + echononl "Server Port: " + read SERVER_PORT + done + _OK=true + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " fi done + if $(grep -q -E "SERVER_PORT=$SERVER_PORT" ${script_dir}/conf/server-*.conf 2> /dev/null) ; then warn "Port '$SERVER_PORT' is already in use by an other OpenVPN Service on this Server" fi @@ -317,35 +423,89 @@ echo "Insert shortcut (acronym) for the company or organisation" echo "" echo " Example: 'AKB' or 'FLR' or 'OPP' or.." echo "" + ORG_SHORTCUT="" echononl "Organisations shortcut: " -read ORG_SHORTCUT -while [ "X$ORG_SHORTCUT" = "X" ] ; do - echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n" +if [[ -n "$DEFAULT_ORG_SHORTCUT" ]] ; then + echononl "Organisations shortcut [${DEFAULT_ORG_SHORTCUT}]: " + read ORG_SHORTCUT + if [[ "X$ORG_SHORTCUT" = "X" ]]; then + ORG_SHORTCUT="$DEFAULT_ORG_SHORTCUT" + fi +else echononl "Organisations shortcut: " read ORG_SHORTCUT -done + while [ "X$ORG_SHORTCUT" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n" + echononl "Organisations shortcut: " + read ORG_SHORTCUT + done +fi DEFAULT_KEY_NAME="VPN $ORG_SHORTCUT" DEFAULT_KEY_CN="VPN-$ORG_SHORTCUT" DEFAULT_KEY_ALTNAMES="VPN $ORG_SHORTCUT" -echo "" -echo "Insert Name of OpenVPN Service (i.e. so36, gw-ckubu, opferperspektive)" -echo "" -echo " Example: 'so36' or 'gw-ckubu' or 'opferperspektive' or.." -echo "" +#echo "" +#echo "Insert Name of OpenVPN Service (i.e. so36, gw-ckubu, opferperspektive)" +#echo "" +#echo " Example: 'so36' or 'gw-ckubu' or 'opferperspektive' or.." +#echo "" +#OPENVPN_NAME="" +#echononl "OpenVPN Name: " +#read OPENVPN_NAME +#while [ "X$OPENVPN_NAME" = "X" ] ; do +# echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n" +# echononl "OpenVPN Name: " +# read OPENVPN_NAME +#done + + + OPENVPN_NAME="" -echononl "OpenVPN Name: " -read OPENVPN_NAME -while [ "X$OPENVPN_NAME" = "X" ] ; do - echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n" - echononl "OpenVPN Name: " - read OPENVPN_NAME +declare -i i=0 +echo "" +echo "Select Name of OpenVPN Service" +echo "" +for _port in "${DEFAULT_OPENVPN_NAME_ARR[@]}" ; do + echo " [${i}] ${DEFAULT_OPENVPN_NAME_ARR[${i}]}" + (( i++ )) +done +echo "" +echo " [${i}] other" +_OK=false +echo "" +echononl "Eingabe: " +while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ -n ${DEFAULT_OPENVPN_NAME_ARR[$_IN]} ]]; then + OPENVPN_NAME="${DEFAULT_OPENVPN_NAME_ARR[$_IN]}" + _OK=true + elif is_number "$_IN" && [[ $_IN -eq $i ]]; then + echo "" + echo "Give Name of OpenVPN Service (i.e. home, so36, gw-ckubu, opferperspektive, opp)" + echo "" + echononl "Name of OpenVPN Service: " + read OPENVPN_NAME + while [[ "X${OPENVPN_NAME}" = "X" ]]; do + echo -e "\n\t\033[33m\033[1mSetting 'Name of OpenVPN Service' is required!\033[m\n" + echononl "Name of OpenVPN Service: " + read OPENVPN_NAME + done + _OK=true + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi done -DEFAULT_OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}" + + + +[[ -z "$DEFAULT_OPENVPN_BASE_DIR" ]] && DEFAULT_OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}" echo "" @@ -556,8 +716,6 @@ fi echo "" echo "" -echo "Enable LZO compression" -echo "" echononl "Enable LZO compression (yes/no) [no]: " read OK echo "" @@ -567,22 +725,71 @@ else LZO_COMPRESSION=false fi -echo "" -echo "Set OpenVPN Network used for the connection." -echo "" +#echo "" +#echo "Set OpenVPN Network used for the connection." +#echo "" +#OPENVPN_NETWORK="" +#echononl "OpenVPN Network: " +#read OPENVPN_NETWORK +#while [ "X$OPENVPN_NETWORK" = "X" ] ; do +# echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n" +# echononl "OpenVPN Network: " +# read OPENVPN_NETWORK +#done +#OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1" + + OPENVPN_NETWORK="" -echononl "OpenVPN Network: " -read OPENVPN_NETWORK -while [ "X$OPENVPN_NETWORK" = "X" ] ; do - echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n" +declare -i i=0 +echo "" +echo "Select OpenVPN Network used for the connection." +echo "" +for _port in "${DEFAULT_OPENVPN_NETWORK_ARR[@]}" ; do + echo " [${i}] ${DEFAULT_OPENVPN_NETWORK_ARR[${i}]}" + (( i++ )) +done + +if [[ $i -eq 0 ]] ; then echononl "OpenVPN Network: " read OPENVPN_NETWORK -done + while [ "X$OPENVPN_NETWORK" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n" + echononl "OpenVPN Network: " + read OPENVPN_NETWORK + done +else + echo "" + echo " [${i}] other" + _OK=false + echo "" + echononl "Eingabe: " + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ -n ${DEFAULT_OPENVPN_NETWORK_ARR[$_IN]} ]]; then + OPENVPN_NETWORK="${DEFAULT_OPENVPN_NETWORK_ARR[$_IN]}" + _OK=true + elif is_number "$_IN" && [[ $_IN -eq $i ]]; then + echo "" + echo "Give Name of OpenVPN Service (i.e. home, so36, gw-ckubu, opferperspektive, opp)" + echo "" + echononl "Name of OpenVPN Service: " + read OPENVPN_NETWORK + while [[ "X${OPENVPN_NETWORK}" = "X" ]]; do + echo -e "\n\t\033[33m\033[1mSetting 'Name of OpenVPN Service' is required!\033[m\n" + echononl "Name of OpenVPN Service: " + read OPENVPN_NETWORK + done + _OK=true + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi + done +fi OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1" -echo "" -echo -e "\033[32m--\033[m" -echo "" echo "" echo -e "\033[32m--\033[m" @@ -591,138 +798,676 @@ echo "" echo "" echo "Networks to push from OpenVPN server to the client" echo "" -echo " - use CIDR notation" -echo " - multiple networks are possible: use blank separated list of CIDR-networks" -echo "" -echo -e "Type \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server." -echo "" + + +declare -i i=0 REMOTE_NETWORKS="" declare -a REMOTE_NETWORK_ARR=() -echononl "Networks to push from server: " -while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do - read REMOTE_NETWORKS - _to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})" - if [[ "$_to_lower_remote_networks" = "none" ]]; then - REMOTE_NETWORKS="" - break - fi - if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then - echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" - echononl "Networks to push from server: " - continue - fi - - for _net in ${REMOTE_NETWORKS} ; do - IFS='/' read -a _net_arr <<< "${_net}" - if ! is_valid_ipv4 ${_net_arr[0]} ; then - REMOTE_NETWORKS="" - REMOTE_NETWORK_ARR=() - echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" - echononl "Networks to push from server: " - break + +if [[ -z "$DEFAULT_REMOTE_NETWORKS" ]] || [[ "$(trim ${DEFAULT_REMOTE_NETWORKS,,})" = none ]]; then + echo -e "[${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e "[${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + if [[ $_IN -eq 0 ]] ; then + REMOTE_NETWORKS="" + _OK=true + else + + echo "" + echo "Networks to push from OpenVPN server to the client" + echo "" + echo " - use CIDR notation" + echo " - multiple networks are possible: use blank separated list of CIDR-networks" + echo -e " - \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server." + echo "" + + echononl "Networks to push from server: " + while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do + read REMOTE_NETWORKS + _to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})" + if [[ "$_to_lower_remote_networks" = "none" ]]; then + REMOTE_NETWORKS="" + break + fi + if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Networks to push from server: " + continue + fi + + for _net in ${REMOTE_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + REMOTE_NETWORKS="" + REMOTE_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Networks to push from server: " + break + fi + REMOTE_NETWORK_ARR+=("$_net") + done + done + _OK=true + + fi + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " fi - REMOTE_NETWORK_ARR+=("$_net") done -done + +else + echo -e "[${i}] $DEFAULT_REMOTE_NETWORKS" + (( i++ )) + echo -e "[${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e "[${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 3 ]]; then + if [[ $_IN -eq 0 ]] ; then + + REMOTE_NETWORKS="$DEFAULT_REMOTE_NETWORKS" + for _net in ${REMOTE_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + REMOTE_NETWORKS="" + REMOTE_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Networks to push from server: " + break + fi + REMOTE_NETWORK_ARR+=("$_net") + done + _OK=true + + elif [[ $_IN -eq 1 ]] ; then + + REMOTE_NETWORKS="" + _OK=true + + else + + echo "" + echo "Networks to push from OpenVPN server to the client" + echo "" + echo " - use CIDR notation" + echo " - multiple networks are possible: use blank separated list of CIDR-networks" + echo -e " - \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server." + echo "" + + echononl "Networks to push from server: " + while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do + read REMOTE_NETWORKS + _to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})" + if [[ "$_to_lower_remote_networks" = "none" ]]; then + REMOTE_NETWORKS="" + break + fi + if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Networks to push from server: " + continue + fi + + for _net in ${REMOTE_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + REMOTE_NETWORKS="" + REMOTE_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Networks to push from server: " + break + fi + REMOTE_NETWORK_ARR+=("$_net") + done + done + _OK=true + + fi # if [[ $_IN -eq 0 ]] ; then + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done + +fi + +#REMOTE_NETWORKS="" +#declare -a REMOTE_NETWORK_ARR=() +#echononl "Networks to push from server: " +#while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do +# read REMOTE_NETWORKS +# _to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})" +# if [[ "$_to_lower_remote_networks" = "none" ]]; then +# REMOTE_NETWORKS="" +# break +# fi +# if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then +# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" +# echononl "Networks to push from server: " +# continue +# fi +# +# for _net in ${REMOTE_NETWORKS} ; do +# IFS='/' read -a _net_arr <<< "${_net}" +# if ! is_valid_ipv4 ${_net_arr[0]} ; then +# REMOTE_NETWORKS="" +# REMOTE_NETWORK_ARR=() +# echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" +# echononl "Networks to push from server: " +# break +# fi +# REMOTE_NETWORK_ARR+=("$_net") +# done +#done echo "" echo -e "\033[32m--\033[m" echo "" +declare -i i=0 echo "" echo "IP-Address of DNS server to push from OpenVPN server to the client." echo "" -echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed." -echo "" -DNS_SERVER="" -echononl "DNS server to push to clients: " -while [[ "X$DNS_SERVER" = "X" ]]; do - read DNS_SERVER - if [[ "X$DNS_SERVER" = "X" ]]; then - echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" - echononl "DNS server to pusch to clients" - continue - else - _to_lower_dns_server="$(trim ${DNS_SERVER,,})" - if [[ "$_to_lower_dns_server" = "none" ]]; then - DNS_SERVER="" - break; - fi - fi -done +if [[ -z "$DEFAULT_DNS_SERVER" ]] || [[ "$(trim ${DEFAULT_DNS_SERVER,,})" = "none" ]]; then + + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + if [[ $_IN -eq 0 ]] ; then + DNS_SERVER="" + _OK=true + else + + echo "IP-Address of DNS server to push from OpenVPN server to the client." + echo "" + echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed." + echo "" + DNS_SERVER="" + echononl "DNS server to push to clients: " + while [[ "X$DNS_SERVER" = "X" ]]; do + read DNS_SERVER + if [[ "X$DNS_SERVER" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "DNS server to pusch to clients" + continue + else + _to_lower_dns_server="$(trim ${DNS_SERVER,,})" + if [[ "$_to_lower_dns_server" = "none" ]]; then + DNS_SERVER="" + break; + fi + fi + done + _OK=true + + fi # if [[ $_IN -eq 0 ]] ; then + + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done # while ! $_OK ; do + + +else + + echo -e " [${i}] $DEFAULT_DNS_SERVER" + (( i++ )) + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 3 ]]; then + if [[ $_IN -eq 0 ]] ; then + DNS_SERVER="$DEFAULT_DNS_SERVER" + _OK=true + elif [[ $_IN -eq 1 ]] ; then + DNS_SERVER="" + _OK=true + else + + echo "IP-Address of DNS server to push from OpenVPN server to the client." + echo "" + echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed." + echo "" + DNS_SERVER="" + echononl "DNS server to push to clients: " + while [[ "X$DNS_SERVER" = "X" ]]; do + read DNS_SERVER + if [[ "X$DNS_SERVER" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "DNS server to pusch to clients" + continue + else + _to_lower_dns_server="$(trim ${DNS_SERVER,,})" + if [[ "$_to_lower_dns_server" = "none" ]]; then + DNS_SERVER="" + break; + fi + fi + done + _OK=true + + fi # if [[ $_IN -eq 0 ]] ; then + + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done # while ! $_OK ; do + +fi # if [[ -z "$DEFAULT_DNS_SERVER" ]] || [[ "$(trim ${DNS_SERVER,,})" = "none" ]]; then + + + +#echo "IP-Address of DNS server to push from OpenVPN server to the client." +#echo "" +#echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed." +#echo "" +#DNS_SERVER="" +#echononl "DNS server to push to clients: " +#while [[ "X$DNS_SERVER" = "X" ]]; do +# read DNS_SERVER +# if [[ "X$DNS_SERVER" = "X" ]]; then +# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" +# echononl "DNS server to pusch to clients" +# continue +# else +# _to_lower_dns_server="$(trim ${DNS_SERVER,,})" +# if [[ "$_to_lower_dns_server" = "none" ]]; then +# DNS_SERVER="" +# break; +# fi +# fi +#done echo "" echo -e "\033[32m--\033[m" echo "" -echo "" -echo "Search Domain(s) to push from OpenVPN server to the client." -echo "" -echo " - multiple domains are possible: use blank separated list of search domains" -echo "" -echo -e "Type \"\033[33mNone\033[m\" if no default domain should be pushed." -echo "" + +declare -i i=0 SEARCH_DOMAINS="" -echononl "Default Domain to push to clients: " -while [[ "X$SEARCH_DOMAINS" = "X" ]]; do - read SEARCH_DOMAINS - if [[ "X$SEARCH_DOMAINS" = "X" ]]; then - echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" - echononl "Search Domain(s) to pusch to clients" - continue - else - _to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})" - if [[ "$_to_lower_search_domains" = "none" ]]; then - SEARCH_DOMAINS="" - break; - fi - fi -done -declare -a SEARCH_DOMAINS_ARR=() +echo "" +echo "Select Search Domain(s) to push from OpenVPN server to the client." +echo "" + +if [[ -z "$DEFAULT_SEARCH_DOMAINS" ]] || [[ "$(trim ${DEFAULT_SEARCH_DOMAINS,,})" = "none" ]]; then + + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + if [[ $_IN -eq 0 ]] ; then + SEARCH_DOMAINS="" + _OK=true + else + + SEARCH_DOMAINS="" + echononl "Default Domain to push to clients: " + while [[ "X$SEARCH_DOMAINS" = "X" ]]; do + read SEARCH_DOMAINS + if [[ "X$SEARCH_DOMAINS" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Search Domain(s) to pusch to clients" + continue + else + _to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})" + if [[ "$_to_lower_search_domains" = "none" ]]; then + SEARCH_DOMAINS="" + break; + fi + fi + done + _OK=true + +echo "" +echo "SEARCH_DOMAINS: $SEARCH_DOMAINS" +echo "" + + fi # if [[ $_IN -eq 0 ]] ; then + + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done #while ! $_OK ; do + +else + echo -e " [${i}] $DEFAULT_SEARCH_DOMAINS" + (( i++ )) + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 3 ]]; then + if [[ $_IN -eq 0 ]] ; then + SEARCH_DOMAINS="$DEFAULT_SEARCH_DOMAINS" + _OK=true + elif [[ $_IN -eq 1 ]] ; then + SEARCH_DOMAINS="" + _OK=true + else + + echo "" + echo "Search Domain(s) to push from OpenVPN server to the client." + echo "" + echo " - multiple domains are possible: use blank separated list of search domains" + echo -e " - Type \"\033[33mNone\033[m\" if no default domain should be pushed." + echo "" + + SEARCH_DOMAINS="" + echononl "Default Domain to push to clients: " + while [[ "X$SEARCH_DOMAINS" = "X" ]]; do + read SEARCH_DOMAINS + if [[ "X$SEARCH_DOMAINS" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Search Domain(s) to pusch to clients" + continue + else + _to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})" + if [[ "$_to_lower_search_domains" = "none" ]]; then + SEARCH_DOMAINS="" + break; + fi + fi + done + _OK=true + + fi # if [[ $_IN -eq 0 ]] ; then + + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done #while ! $_OK ; do + +fi # if [[ -z "$DEFAULT_SEARCH_DOMAINS" ]] || [[ "$(trim ${SEARCH_DOMAINS,,})" = none ]] + for _domain in ${SEARCH_DOMAINS} ; do SEARCH_DOMAINS_ARR+=("$_domain") done + +#SEARCH_DOMAINS="" +#echononl "Default Domain to push to clients: " +#while [[ "X$SEARCH_DOMAINS" = "X" ]]; do +# read SEARCH_DOMAINS +# if [[ "X$SEARCH_DOMAINS" = "X" ]]; then +# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" +# echononl "Search Domain(s) to pusch to clients" +# continue +# else +# _to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})" +# if [[ "$_to_lower_search_domains" = "none" ]]; then +# SEARCH_DOMAINS="" +# break; +# fi +# fi +#done +#declare -a SEARCH_DOMAINS_ARR=() +#for _domain in ${SEARCH_DOMAINS} ; do +# SEARCH_DOMAINS_ARR+=("$_domain") +#done + echo "" echo -e "\033[32m--\033[m" echo "" echo "" -echo "Local networks to route through OpenVPN line" -echo "" -echo " - use CIDR notation" -echo " - multiple networks are possible: use blank separated list of CIDR-networks" -echo "" -echo -e "Type \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server." +echo "Local client networks to route through OpenVPN line." echo "" + + +declare -i i=0 LOCAL_NETWORKS="" declare -a LOCAL_NETWORK_ARR=() -echononl "Local networks to route through OpenVPN line: " -while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do - read LOCAL_NETWORKS - _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})" - if [[ "$_to_lower_local_networks" = "none" ]]; then - LOCAL_NETWORKS="" - break - fi - if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then - echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" - echononl "Local networks to route through OpenVPN line: " - continue - fi - - for _net in ${LOCAL_NETWORKS} ; do - IFS='/' read -a _net_arr <<< "${_net}" - if ! is_valid_ipv4 ${_net_arr[0]} ; then - LOCAL_NETWORKS="" - LOCAL_NETWORK_ARR=() - echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" - echononl "Local networks to route through OpenVPN line: " - break + +if [[ -z "$DEFAULT_LOCAL_NETWORKS" ]] || [[ "$(trim ${DEFAULT_LOCAL_NETWORKS,,})" = none ]]; then + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + if [[ $_IN -eq 0 ]] ; then + LOCAL_NETWORKS="" + _OK=true + else + + echo "" + echo "Give client networks to route through OpenVPN line." + echo "" + echo " - use CIDR notation" + echo " - multiple networks are possible: use blank separated list of CIDR-networks" + echo -e " - \"\033[33mNone\033[m\" if no local client network should routed through OpenVPN line." + echo "" + + echononl "Client Networks routed through VPN line: " + while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do + read LOCAL_NETWORKS + _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})" + if [[ "$_to_lower_local_networks" = "none" ]]; then + LOCAL_NETWORKS="" + break + fi + if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Client Networks routed through VPN line: " + continue + fi + + for _net in ${LOCAL_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + LOCAL_NETWORKS="" + LOCAL_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Client Networks routed through VPN line: " + break + fi + LOCAL_NETWORK_ARR+=("$_net") + done + done + _OK=true + + fi + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " fi - LOCAL_NETWORK_ARR+=("$_net") done -done + +else + echo -e " [${i}] $DEFAULT_LOCAL_NETWORKS" + (( i++ )) + echo -e " [${i}] \033[33mNone\033[m" + (( i++ )) + echo "" + echo -e " [${i}] other" + + _OK=false + echo "" + echononl "Eingabe: " + + while ! $_OK ; do + read _IN + if is_number "$_IN" && [[ $_IN -lt 3 ]]; then + if [[ $_IN -eq 0 ]] ; then + + LOCAL_NETWORKS="$DEFAULT_LOCAL_NETWORKS" + for _net in ${LOCAL_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + LOCAL_NETWORKS="" + LOCAL_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Client Networks routed through VPN line: " + break + fi + LOCAL_NETWORK_ARR+=("$_net") + done + _OK=true + + elif [[ $_IN -eq 1 ]] ; then + + LOCAL_NETWORKS="" + _OK=true + + else + + echo "" + echo "Give client networks to route through OpenVPN line." + echo "" + echo " - use CIDR notation" + echo " - multiple networks are possible: use blank separated list of CIDR-networks" + echo -e " - \"\033[33mNone\033[m\" if no local client network should routed through OpenVPN line." + echo "" + + echononl "Client Networks routed through VPN line: " + while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do + read LOCAL_NETWORKS + _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})" + if [[ "$_to_lower_local_networks" = "none" ]]; then + LOCAL_NETWORKS="" + break + fi + if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then + echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" + echononl "Client Networks routed through VPN line: " + continue + fi + + for _net in ${LOCAL_NETWORKS} ; do + IFS='/' read -a _net_arr <<< "${_net}" + if ! is_valid_ipv4 ${_net_arr[0]} ; then + LOCAL_NETWORKS="" + LOCAL_NETWORK_ARR=() + echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" + echononl "Client Networks routed through VPN line: " + break + fi + LOCAL_NETWORK_ARR+=("$_net") + done + done + _OK=true + + fi # if [[ $_IN -eq 0 ]] ; then + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl "Eingabe: " + fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then + + done + +fi + + + + +#LOCAL_NETWORKS="" +#declare -a LOCAL_NETWORK_ARR=() +#echononl "Local networks to route through OpenVPN line: " +#while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do +# read LOCAL_NETWORKS +# _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})" +# if [[ "$_to_lower_local_networks" = "none" ]]; then +# LOCAL_NETWORKS="" +# break +# fi +# if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then +# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" +# echononl "Local networks to route through OpenVPN line: " +# continue +# fi +# +# for _net in ${LOCAL_NETWORKS} ; do +# IFS='/' read -a _net_arr <<< "${_net}" +# if ! is_valid_ipv4 ${_net_arr[0]} ; then +# LOCAL_NETWORKS="" +# LOCAL_NETWORK_ARR=() +# echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" +# echononl "Local networks to route through OpenVPN line: " +# break +# fi +# LOCAL_NETWORK_ARR+=("$_net") +# done +#done echo ""