install/openvpn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Better install support for configuration files .

Browse Source
This commit is contained in:
Christoph 2020-03-13 21:58:27 +01:00
parent 5f73003638
commit a5bffa091d
2 changed files with 898 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
conf/install_openvpn.conf.sample
View File

@ -24,19 +24,24 @@ ORG_SHORTCUT=""
# - Name of the OpenVPN Service # - Name of the OpenVPN Service
# - # -
# - Example: 'so36' or 'home' or 'gw-ckubu' or 'opp' or 'opferperspektive' or.. # - Multiple names are posssible - List of blank separated names.
# -
# - Example: 'so36'
# - 'home'
# - 'gw-ckubu'
# - 'opp'
# - 'opferperspektive'
# - 'home gw-ckubu'
# - 'spr gw-ckubu'
# - # -
OPENVPN_NAME="" OPENVPN_NAME=""
# - OpenVPN Base Directory for Service # - OpenVPN Base Directory for Service
# -
# - Defaults to: OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}"
# -
OPENVPN_BASE_DIR="" OPENVPN_BASE_DIR=""
# - OpenVPN Key Directory for Service
OPENVPN_KEY_DIR=""
# - OpenVPN Client Cofiguration Directory for Service
OPENVPN_CCD_DIR=""
# --- # ---
# - Parameters OpenVPN Configuration / KEY Creation # - Parameters OpenVPN Configuration / KEY Creation
# --- # ---
@ -92,9 +97,10 @@ LZO_COMPRESSION="no"
# - # -
SERVER_CIPHER="AES-256-CBC" SERVER_CIPHER="AES-256-CBC"
# - OpenVPN Network used for the connection. # - OpenVPN Network(s) used for this server.
# - # -
# - Eample: 10.0.217.0 # - Eample: "10.0.217.0"
# - "10.0.82.0 10.0.82.1"
# - # -
OPENVPN_NETWORK="" OPENVPN_NETWORK=""
@ -106,13 +112,13 @@ OPENVPN_NETWORK=""
# - # -
# - Example: '192.168.82.0/24 192.168.83.0' # - Example: '192.168.82.0/24 192.168.83.0'
# - # -
REMOTE_NETWORKS="none" REMOTE_NETWORKS="None"
# - IP-Address of DNS server to push from OpenVPN server to the client. # - IP-Address of DNS server to push from OpenVPN server to the client.
# - # -
# - "None" if no DNS Server should be pushed. # - "None" if no DNS Server should be pushed.
# - # -
DNS_SERVER="none" DNS_SERVER="None"
# - Search Domain(s) to push from OpenVPN server to the client. # - Search Domain(s) to push from OpenVPN server to the client.
# - # -

827
install_openvpn.sh
View File

@ -45,6 +45,21 @@ blank_line() {
fi fi
} }
is_number() {
return $(test ! -z "${1##*[!0-9]*}" > /dev/null 2>&1);
# - also possible
# -
#[[ ! -z "${1##*[!0-9]*}" ]] && return 0 || return 1
#return $([[ ! -z "${1##*[!0-9]*}" ]])
}
is_int() {
return $(test "$@" -eq "$@" > /dev/null 2>&1);
}
# - Test of valid IPv4 Address # - Test of valid IPv4 Address
# - # -
@ -213,7 +228,8 @@ echo -e "\n\t\033[32mStart script for installation of OpenVPN on this Server..\0
#----------------------------- #-----------------------------
#--------------------------------------- #---------------------------------------
DEFAULT_SERVER_PORT=1194 DEFAULT_SERVER_PORT="1194 1195"
DEFAULT_OPENVPN_NAME="home gw-ckubu"
DEFAULT_CA_EXPIRE=11688 DEFAULT_CA_EXPIRE=11688
DEFAULT_CERT_EXPIRE=7305 DEFAULT_CERT_EXPIRE=7305
@ -227,7 +243,6 @@ DEFAULT_KEY_EMAIL='argus@oopen.de'
DEFAULT_KEY_ORG='o.open' DEFAULT_KEY_ORG='o.open'
DEFAULT_KEY_OU="Network Services" DEFAULT_KEY_OU="Network Services"
#DEFAULT_SERVER_CIPHER="BF-CBC"
DEFAULT_SERVER_CIPHER="AES-256-CBC" DEFAULT_SERVER_CIPHER="AES-256-CBC"
@ -256,6 +271,60 @@ else
fi fi
[[ -z "$DEFAULT_SERVER_CIPHER" ]] && DEFAULT_SERVER_CIPHER='None' [[ -z "$DEFAULT_SERVER_CIPHER" ]] && DEFAULT_SERVER_CIPHER='None'
[[ -n "$OPENVPN_SERVER" ]] && DEFAULT_SERVER="$(trim "$OPENVPN_SERVER")"
#[[ -n "$SERVER_PORT" ]] && DEFAULT_SERVER_PORT="$( trim "$SERVER_PORT")"
declare -a DEFAULT_SERVER_PORT_ARR=()
if [[ -n "$SERVER_PORT" ]] ; then
for _port in $SERVER_PORT ; do
DEFAULT_SERVER_PORT_ARR+=("$_port")
done
else
for _port in $DEFAULT_SERVER_PORT ; do
DEFAULT_SERVER_PORT_ARR+=("$_port")
done
fi
[[ -n "$ORG_SHORTCUT" ]] && DEFAULT_ORG_SHORTCUT="$(trim "$ORG_SHORTCUT")"
declare -a DEFAULT_OPENVPN_NAME_ARR=()
if [[ -n "$OPENVPN_NAME" ]] ; then
for _name in $OPENVPN_NAME ; do
DEFAULT_OPENVPN_NAME_ARR+=("$_name")
done
else
for _name in $DEFAULT_OPENVPN_NAME ; do
DEFAULT_OPENVPN_NAME_ARR+=("$_name")
done
fi
[[ -n "$OPENVPN_BASE_DIR" ]] && DEFAULT_OPENVPN_BASE_DIR="$OPENVPN_BASE_DIR"
[[ -n "$CA_EXPIRE" ]] && DEFAULT_CERT_EXPIRE="$(trim "$CA_EXPIRE")"
[[ -n "$KEY_PROVINCE" ]] && DEFAULT_KEY_PROVINCE="$(trim "$KEY_PROVINCE")"
[[ -n "$KEY_CITY" ]] && DEFAULT_KEY_CITY="$(trim "$KEY_CITY")"
[[ -n "$KEY_ORG" ]] && DEFAULT_KEY_ORG="$(trim "$KEY_ORG")"
[[ -n "$KEY_EMAIL" ]] && DEFAULT_KEY_EMAIL="$(trim "$KEY_EMAIL")"
[[ -n "$KEY_OU" ]] && DEFAULT_KEY_OU="$(trim "$KEY_OU")"
[[ -n "$LZO_COMPRESSION" ]] && DEFAULT_LZO_COMPRESSION="$(trim "$LZO_COMPRESSION")"
[[ -n "$SERVER_CIPHER" ]] && DEFAULT_SERVER_CIPHER="$(trim "$SERVER_CIPHER")"
#[[ -n "$" ]] && DEFAULT_="$(trim "$")"
declare -a DEFAULT_OPENVPN_NETWORK=()
if [[ -n "$OPENVPN_NETWORK" ]] ; then
for _net in $OPENVPN_NETWORK ; do
DEFAULT_OPENVPN_NETWORK_ARR+=("$_net")
done
fi
[[ -n "$REMOTE_NETWORKS" ]] && DEFAULT_REMOTE_NETWORKS="$(trim "$REMOTE_NETWORKS")"
[[ -n "$DNS_SERVER" ]] && DEFAULT_DNS_SERVER="$(trim "$DNS_SERVER")"
[[ -n "$SEARCH_DOMAINS" ]] && DEFAULT_SEARCH_DOMAINS="$(trim "$SEARCH_DOMAINS")"
[[ -n "$LOCAL_NETWORKS" ]] && DEFAULT_LOCAL_NETWORKS="$(trim "$LOCAL_NETWORKS")"
echo "" echo ""
echo "" echo ""
@ -300,14 +369,51 @@ fi
echo "" echo ""
SERVER_PORT="" SERVER_PORT=""
echononl "Server Port [${DEFAULT_SERVER_PORT}]: " #echononl "Server Port [${DEFAULT_SERVER_PORT}]: "
while [[ "X${SERVER_PORT}" = "X" ]]; do #while [[ "X${SERVER_PORT}" = "X" ]]; do
# read SERVER_PORT
# if [[ "X$SERVER_PORT" = "X" ]]; then
# SERVER_PORT="$DEFAULT_SERVER_PORT"
# fi
#done
declare -i i=0
echo ""
echo "Which Server Port should be used:"
echo ""
for _port in "${DEFAULT_SERVER_PORT_ARR[@]}" ; do
echo " [${i}] ${DEFAULT_SERVER_PORT_ARR[${i}]}"
(( i++ ))
done
echo ""
echo " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ -n ${DEFAULT_SERVER_PORT_ARR[$_IN]} ]]; then
SERVER_PORT="${DEFAULT_SERVER_PORT_ARR[$_IN]}"
_OK=true
elif is_number "$_IN" && [[ $_IN -eq $i ]]; then
echo ""
echononl "Server Port: "
read SERVER_PORT read SERVER_PORT
if [[ "X$SERVER_PORT" = "X" ]]; then while [[ "X${SERVER_PORT}" = "X" ]]; do
SERVER_PORT="$DEFAULT_SERVER_PORT" echo -e "\n\t\033[33m\033[1mSetting 'Server Port' is required!\033[m\n"
echononl "Server Port: "
read SERVER_PORT
done
_OK=true
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi fi
done done
if $(grep -q -E "SERVER_PORT=$SERVER_PORT" ${script_dir}/conf/server-*.conf 2> /dev/null) ; then if $(grep -q -E "SERVER_PORT=$SERVER_PORT" ${script_dir}/conf/server-*.conf 2> /dev/null) ; then
warn "Port '$SERVER_PORT' is already in use by an other OpenVPN Service on this Server" warn "Port '$SERVER_PORT' is already in use by an other OpenVPN Service on this Server"
fi fi
@ -317,7 +423,16 @@ echo "Insert shortcut (acronym) for the company or organisation"
echo "" echo ""
echo " Example: 'AKB' or 'FLR' or 'OPP' or.." echo " Example: 'AKB' or 'FLR' or 'OPP' or.."
echo "" echo ""
ORG_SHORTCUT="" ORG_SHORTCUT=""
echononl "Organisations shortcut: "
if [[ -n "$DEFAULT_ORG_SHORTCUT" ]] ; then
echononl "Organisations shortcut [${DEFAULT_ORG_SHORTCUT}]: "
read ORG_SHORTCUT
if [[ "X$ORG_SHORTCUT" = "X" ]]; then
ORG_SHORTCUT="$DEFAULT_ORG_SHORTCUT"
fi
else
echononl "Organisations shortcut: " echononl "Organisations shortcut: "
read ORG_SHORTCUT read ORG_SHORTCUT
while [ "X$ORG_SHORTCUT" = "X" ] ; do while [ "X$ORG_SHORTCUT" = "X" ] ; do
@ -325,27 +440,72 @@ while [ "X$ORG_SHORTCUT" = "X" ] ; do
echononl "Organisations shortcut: " echononl "Organisations shortcut: "
read ORG_SHORTCUT read ORG_SHORTCUT
done done
fi
DEFAULT_KEY_NAME="VPN $ORG_SHORTCUT" DEFAULT_KEY_NAME="VPN $ORG_SHORTCUT"
DEFAULT_KEY_CN="VPN-$ORG_SHORTCUT" DEFAULT_KEY_CN="VPN-$ORG_SHORTCUT"
DEFAULT_KEY_ALTNAMES="VPN $ORG_SHORTCUT" DEFAULT_KEY_ALTNAMES="VPN $ORG_SHORTCUT"
echo "" #echo ""
echo "Insert Name of OpenVPN Service (i.e. so36, gw-ckubu, opferperspektive)" #echo "Insert Name of OpenVPN Service (i.e. so36, gw-ckubu, opferperspektive)"
echo "" #echo ""
echo " Example: 'so36' or 'gw-ckubu' or 'opferperspektive' or.." #echo " Example: 'so36' or 'gw-ckubu' or 'opferperspektive' or.."
echo "" #echo ""
#OPENVPN_NAME=""
#echononl "OpenVPN Name: "
#read OPENVPN_NAME
#while [ "X$OPENVPN_NAME" = "X" ] ; do
# echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n"
# echononl "OpenVPN Name: "
# read OPENVPN_NAME
#done
OPENVPN_NAME="" OPENVPN_NAME=""
echononl "OpenVPN Name: " declare -i i=0
echo ""
echo "Select Name of OpenVPN Service"
echo ""
for _port in "${DEFAULT_OPENVPN_NAME_ARR[@]}" ; do
echo " [${i}] ${DEFAULT_OPENVPN_NAME_ARR[${i}]}"
(( i++ ))
done
echo ""
echo " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ -n ${DEFAULT_OPENVPN_NAME_ARR[$_IN]} ]]; then
OPENVPN_NAME="${DEFAULT_OPENVPN_NAME_ARR[$_IN]}"
_OK=true
elif is_number "$_IN" && [[ $_IN -eq $i ]]; then
echo ""
echo "Give Name of OpenVPN Service (i.e. home, so36, gw-ckubu, opferperspektive, opp)"
echo ""
echononl "Name of OpenVPN Service: "
read OPENVPN_NAME read OPENVPN_NAME
while [ "X$OPENVPN_NAME" = "X" ] ; do while [[ "X${OPENVPN_NAME}" = "X" ]]; do
echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Name' is required!\033[m\n" echo -e "\n\t\033[33m\033[1mSetting 'Name of OpenVPN Service' is required!\033[m\n"
echononl "OpenVPN Name: " echononl "Name of OpenVPN Service: "
read OPENVPN_NAME read OPENVPN_NAME
done done
_OK=true
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi
done
DEFAULT_OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}"
[[ -z "$DEFAULT_OPENVPN_BASE_DIR" ]] && DEFAULT_OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}"
echo "" echo ""
@ -556,8 +716,6 @@ fi
echo "" echo ""
echo "" echo ""
echo "Enable LZO compression"
echo ""
echononl "Enable LZO compression (yes/no) [no]: " echononl "Enable LZO compression (yes/no) [no]: "
read OK read OK
echo "" echo ""
@ -567,10 +725,31 @@ else
LZO_COMPRESSION=false LZO_COMPRESSION=false
fi fi
echo "" #echo ""
echo "Set OpenVPN Network used for the connection." #echo "Set OpenVPN Network used for the connection."
echo "" #echo ""
#OPENVPN_NETWORK=""
#echononl "OpenVPN Network: "
#read OPENVPN_NETWORK
#while [ "X$OPENVPN_NETWORK" = "X" ] ; do
# echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n"
# echononl "OpenVPN Network: "
# read OPENVPN_NETWORK
#done
#OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1"
OPENVPN_NETWORK="" OPENVPN_NETWORK=""
declare -i i=0
echo ""
echo "Select OpenVPN Network used for the connection."
echo ""
for _port in "${DEFAULT_OPENVPN_NETWORK_ARR[@]}" ; do
echo " [${i}] ${DEFAULT_OPENVPN_NETWORK_ARR[${i}]}"
(( i++ ))
done
if [[ $i -eq 0 ]] ; then
echononl "OpenVPN Network: " echononl "OpenVPN Network: "
read OPENVPN_NETWORK read OPENVPN_NETWORK
while [ "X$OPENVPN_NETWORK" = "X" ] ; do while [ "X$OPENVPN_NETWORK" = "X" ] ; do
@ -578,11 +757,39 @@ while [ "X$OPENVPN_NETWORK" = "X" ] ; do
echononl "OpenVPN Network: " echononl "OpenVPN Network: "
read OPENVPN_NETWORK read OPENVPN_NETWORK
done done
else
echo ""
echo " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ -n ${DEFAULT_OPENVPN_NETWORK_ARR[$_IN]} ]]; then
OPENVPN_NETWORK="${DEFAULT_OPENVPN_NETWORK_ARR[$_IN]}"
_OK=true
elif is_number "$_IN" && [[ $_IN -eq $i ]]; then
echo ""
echo "Give Name of OpenVPN Service (i.e. home, so36, gw-ckubu, opferperspektive, opp)"
echo ""
echononl "Name of OpenVPN Service: "
read OPENVPN_NETWORK
while [[ "X${OPENVPN_NETWORK}" = "X" ]]; do
echo -e "\n\t\033[33m\033[1mSetting 'Name of OpenVPN Service' is required!\033[m\n"
echononl "Name of OpenVPN Service: "
read OPENVPN_NETWORK
done
_OK=true
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi
done
fi
OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1" OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1"
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
@ -591,13 +798,38 @@ echo ""
echo "" echo ""
echo "Networks to push from OpenVPN server to the client" echo "Networks to push from OpenVPN server to the client"
echo "" echo ""
echo " - use CIDR notation"
echo " - multiple networks are possible: use blank separated list of CIDR-networks"
echo "" declare -i i=0
echo -e "Type \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server."
echo ""
REMOTE_NETWORKS="" REMOTE_NETWORKS=""
declare -a REMOTE_NETWORK_ARR=() declare -a REMOTE_NETWORK_ARR=()
if [[ -z "$DEFAULT_REMOTE_NETWORKS" ]] || [[ "$(trim ${DEFAULT_REMOTE_NETWORKS,,})" = none ]]; then
echo -e "[${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e "[${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
if [[ $_IN -eq 0 ]] ; then
REMOTE_NETWORKS=""
_OK=true
else
echo ""
echo "Networks to push from OpenVPN server to the client"
echo ""
echo " - use CIDR notation"
echo " - multiple networks are possible: use blank separated list of CIDR-networks"
echo -e " - \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server."
echo ""
echononl "Networks to push from server: " echononl "Networks to push from server: "
while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do
read REMOTE_NETWORKS read REMOTE_NETWORKS
@ -624,12 +856,159 @@ while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do
REMOTE_NETWORK_ARR+=("$_net") REMOTE_NETWORK_ARR+=("$_net")
done done
done done
_OK=true
fi
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi
done
else
echo -e "[${i}] $DEFAULT_REMOTE_NETWORKS"
(( i++ ))
echo -e "[${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e "[${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 3 ]]; then
if [[ $_IN -eq 0 ]] ; then
REMOTE_NETWORKS="$DEFAULT_REMOTE_NETWORKS"
for _net in ${REMOTE_NETWORKS} ; do
IFS='/' read -a _net_arr <<< "${_net}"
if ! is_valid_ipv4 ${_net_arr[0]} ; then
REMOTE_NETWORKS=""
REMOTE_NETWORK_ARR=()
echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
echononl "Networks to push from server: "
break
fi
REMOTE_NETWORK_ARR+=("$_net")
done
_OK=true
elif [[ $_IN -eq 1 ]] ; then
REMOTE_NETWORKS=""
_OK=true
else
echo ""
echo "Networks to push from OpenVPN server to the client"
echo ""
echo " - use CIDR notation"
echo " - multiple networks are possible: use blank separated list of CIDR-networks"
echo -e " - \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server."
echo ""
echononl "Networks to push from server: "
while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do
read REMOTE_NETWORKS
_to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})"
if [[ "$_to_lower_remote_networks" = "none" ]]; then
REMOTE_NETWORKS=""
break
fi
if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then
echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
echononl "Networks to push from server: "
continue
fi
for _net in ${REMOTE_NETWORKS} ; do
IFS='/' read -a _net_arr <<< "${_net}"
if ! is_valid_ipv4 ${_net_arr[0]} ; then
REMOTE_NETWORKS=""
REMOTE_NETWORK_ARR=()
echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
echononl "Networks to push from server: "
break
fi
REMOTE_NETWORK_ARR+=("$_net")
done
done
_OK=true
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done
fi
#REMOTE_NETWORKS=""
#declare -a REMOTE_NETWORK_ARR=()
#echononl "Networks to push from server: "
#while [[ "X$REMOTE_NETWORKS" = "X" ]] ; do
# read REMOTE_NETWORKS
# _to_lower_remote_networks="$(trim ${REMOTE_NETWORKS,,})"
# if [[ "$_to_lower_remote_networks" = "none" ]]; then
# REMOTE_NETWORKS=""
# break
# fi
# if [[ "X$REMOTE_NETWORKS" = "X" ]] ; then
# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
# echononl "Networks to push from server: "
# continue
# fi
#
# for _net in ${REMOTE_NETWORKS} ; do
# IFS='/' read -a _net_arr <<< "${_net}"
# if ! is_valid_ipv4 ${_net_arr[0]} ; then
# REMOTE_NETWORKS=""
# REMOTE_NETWORK_ARR=()
# echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
# echononl "Networks to push from server: "
# break
# fi
# REMOTE_NETWORK_ARR+=("$_net")
# done
#done
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
echo "" echo ""
declare -i i=0
echo "" echo ""
echo "IP-Address of DNS server to push from OpenVPN server to the client."
echo ""
if [[ -z "$DEFAULT_DNS_SERVER" ]] || [[ "$(trim ${DEFAULT_DNS_SERVER,,})" = "none" ]]; then
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
if [[ $_IN -eq 0 ]] ; then
DNS_SERVER=""
_OK=true
else
echo "IP-Address of DNS server to push from OpenVPN server to the client." echo "IP-Address of DNS server to push from OpenVPN server to the client."
echo "" echo ""
echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed." echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed."
@ -650,18 +1029,132 @@ while [[ "X$DNS_SERVER" = "X" ]]; do
fi fi
fi fi
done done
_OK=true
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done # while ! $_OK ; do
else
echo -e " [${i}] $DEFAULT_DNS_SERVER"
(( i++ ))
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 3 ]]; then
if [[ $_IN -eq 0 ]] ; then
DNS_SERVER="$DEFAULT_DNS_SERVER"
_OK=true
elif [[ $_IN -eq 1 ]] ; then
DNS_SERVER=""
_OK=true
else
echo "IP-Address of DNS server to push from OpenVPN server to the client."
echo ""
echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed."
echo ""
DNS_SERVER=""
echononl "DNS server to push to clients: "
while [[ "X$DNS_SERVER" = "X" ]]; do
read DNS_SERVER
if [[ "X$DNS_SERVER" = "X" ]]; then
echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
echononl "DNS server to pusch to clients"
continue
else
_to_lower_dns_server="$(trim ${DNS_SERVER,,})"
if [[ "$_to_lower_dns_server" = "none" ]]; then
DNS_SERVER=""
break;
fi
fi
done
_OK=true
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done # while ! $_OK ; do
fi # if [[ -z "$DEFAULT_DNS_SERVER" ]] || [[ "$(trim ${DNS_SERVER,,})" = "none" ]]; then
#echo "IP-Address of DNS server to push from OpenVPN server to the client."
#echo ""
#echo -e "Type \"\033[33mNone\033[m\" if no DNS Server should be pushed."
#echo ""
#DNS_SERVER=""
#echononl "DNS server to push to clients: "
#while [[ "X$DNS_SERVER" = "X" ]]; do
# read DNS_SERVER
# if [[ "X$DNS_SERVER" = "X" ]]; then
# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
# echononl "DNS server to pusch to clients"
# continue
# else
# _to_lower_dns_server="$(trim ${DNS_SERVER,,})"
# if [[ "$_to_lower_dns_server" = "none" ]]; then
# DNS_SERVER=""
# break;
# fi
# fi
#done
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
echo "" echo ""
declare -i i=0
SEARCH_DOMAINS=""
echo "" echo ""
echo "Search Domain(s) to push from OpenVPN server to the client." echo "Select Search Domain(s) to push from OpenVPN server to the client."
echo "" echo ""
echo " - multiple domains are possible: use blank separated list of search domains"
if [[ -z "$DEFAULT_SEARCH_DOMAINS" ]] || [[ "$(trim ${DEFAULT_SEARCH_DOMAINS,,})" = "none" ]]; then
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo "" echo ""
echo -e "Type \"\033[33mNone\033[m\" if no default domain should be pushed." echo -e " [${i}] other"
_OK=false
echo "" echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
if [[ $_IN -eq 0 ]] ; then
SEARCH_DOMAINS=""
_OK=true
else
SEARCH_DOMAINS="" SEARCH_DOMAINS=""
echononl "Default Domain to push to clients: " echononl "Default Domain to push to clients: "
while [[ "X$SEARCH_DOMAINS" = "X" ]]; do while [[ "X$SEARCH_DOMAINS" = "X" ]]; do
@ -678,26 +1171,150 @@ while [[ "X$SEARCH_DOMAINS" = "X" ]]; do
fi fi
fi fi
done done
declare -a SEARCH_DOMAINS_ARR=() _OK=true
echo ""
echo "SEARCH_DOMAINS: $SEARCH_DOMAINS"
echo ""
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done #while ! $_OK ; do
else
echo -e " [${i}] $DEFAULT_SEARCH_DOMAINS"
(( i++ ))
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 3 ]]; then
if [[ $_IN -eq 0 ]] ; then
SEARCH_DOMAINS="$DEFAULT_SEARCH_DOMAINS"
_OK=true
elif [[ $_IN -eq 1 ]] ; then
SEARCH_DOMAINS=""
_OK=true
else
echo ""
echo "Search Domain(s) to push from OpenVPN server to the client."
echo ""
echo " - multiple domains are possible: use blank separated list of search domains"
echo -e " - Type \"\033[33mNone\033[m\" if no default domain should be pushed."
echo ""
SEARCH_DOMAINS=""
echononl "Default Domain to push to clients: "
while [[ "X$SEARCH_DOMAINS" = "X" ]]; do
read SEARCH_DOMAINS
if [[ "X$SEARCH_DOMAINS" = "X" ]]; then
echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
echononl "Search Domain(s) to pusch to clients"
continue
else
_to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})"
if [[ "$_to_lower_search_domains" = "none" ]]; then
SEARCH_DOMAINS=""
break;
fi
fi
done
_OK=true
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done #while ! $_OK ; do
fi # if [[ -z "$DEFAULT_SEARCH_DOMAINS" ]] || [[ "$(trim ${SEARCH_DOMAINS,,})" = none ]]
for _domain in ${SEARCH_DOMAINS} ; do for _domain in ${SEARCH_DOMAINS} ; do
SEARCH_DOMAINS_ARR+=("$_domain") SEARCH_DOMAINS_ARR+=("$_domain")
done done
#SEARCH_DOMAINS=""
#echononl "Default Domain to push to clients: "
#while [[ "X$SEARCH_DOMAINS" = "X" ]]; do
# read SEARCH_DOMAINS
# if [[ "X$SEARCH_DOMAINS" = "X" ]]; then
# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
# echononl "Search Domain(s) to pusch to clients"
# continue
# else
# _to_lower_search_domains="$(trim ${SEARCH_DOMAINS,,})"
# if [[ "$_to_lower_search_domains" = "none" ]]; then
# SEARCH_DOMAINS=""
# break;
# fi
# fi
#done
#declare -a SEARCH_DOMAINS_ARR=()
#for _domain in ${SEARCH_DOMAINS} ; do
# SEARCH_DOMAINS_ARR+=("$_domain")
#done
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
echo "" echo ""
echo "" echo ""
echo "Local networks to route through OpenVPN line" echo "Local client networks to route through OpenVPN line."
echo ""
declare -i i=0
LOCAL_NETWORKS=""
declare -a LOCAL_NETWORK_ARR=()
if [[ -z "$DEFAULT_LOCAL_NETWORKS" ]] || [[ "$(trim ${DEFAULT_LOCAL_NETWORKS,,})" = none ]]; then
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
if [[ $_IN -eq 0 ]] ; then
LOCAL_NETWORKS=""
_OK=true
else
echo ""
echo "Give client networks to route through OpenVPN line."
echo "" echo ""
echo " - use CIDR notation" echo " - use CIDR notation"
echo " - multiple networks are possible: use blank separated list of CIDR-networks" echo " - multiple networks are possible: use blank separated list of CIDR-networks"
echo -e " - \"\033[33mNone\033[m\" if no local client network should routed through OpenVPN line."
echo "" echo ""
echo -e "Type \"\033[33mNone\033[m\" if no network should be pushed from OpenVPN server."
echo "" echononl "Client Networks routed through VPN line: "
LOCAL_NETWORKS=""
declare -a LOCAL_NETWORK_ARR=()
echononl "Local networks to route through OpenVPN line: "
while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do
read LOCAL_NETWORKS read LOCAL_NETWORKS
_to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})" _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})"
@ -707,7 +1324,7 @@ while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do
fi fi
if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then
echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n" echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
echononl "Local networks to route through OpenVPN line: " echononl "Client Networks routed through VPN line: "
continue continue
fi fi
@ -717,12 +1334,140 @@ while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do
LOCAL_NETWORKS="" LOCAL_NETWORKS=""
LOCAL_NETWORK_ARR=() LOCAL_NETWORK_ARR=()
echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n" echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
echononl "Local networks to route through OpenVPN line: " echononl "Client Networks routed through VPN line: "
break break
fi fi
LOCAL_NETWORK_ARR+=("$_net") LOCAL_NETWORK_ARR+=("$_net")
done done
done done
_OK=true
fi
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi
done
else
echo -e " [${i}] $DEFAULT_LOCAL_NETWORKS"
(( i++ ))
echo -e " [${i}] \033[33mNone\033[m"
(( i++ ))
echo ""
echo -e " [${i}] other"
_OK=false
echo ""
echononl "Eingabe: "
while ! $_OK ; do
read _IN
if is_number "$_IN" && [[ $_IN -lt 3 ]]; then
if [[ $_IN -eq 0 ]] ; then
LOCAL_NETWORKS="$DEFAULT_LOCAL_NETWORKS"
for _net in ${LOCAL_NETWORKS} ; do
IFS='/' read -a _net_arr <<< "${_net}"
if ! is_valid_ipv4 ${_net_arr[0]} ; then
LOCAL_NETWORKS=""
LOCAL_NETWORK_ARR=()
echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
echononl "Client Networks routed through VPN line: "
break
fi
LOCAL_NETWORK_ARR+=("$_net")
done
_OK=true
elif [[ $_IN -eq 1 ]] ; then
LOCAL_NETWORKS=""
_OK=true
else
echo ""
echo "Give client networks to route through OpenVPN line."
echo ""
echo " - use CIDR notation"
echo " - multiple networks are possible: use blank separated list of CIDR-networks"
echo -e " - \"\033[33mNone\033[m\" if no local client network should routed through OpenVPN line."
echo ""
echononl "Client Networks routed through VPN line: "
while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do
read LOCAL_NETWORKS
_to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})"
if [[ "$_to_lower_local_networks" = "none" ]]; then
LOCAL_NETWORKS=""
break
fi
if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then
echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
echononl "Client Networks routed through VPN line: "
continue
fi
for _net in ${LOCAL_NETWORKS} ; do
IFS='/' read -a _net_arr <<< "${_net}"
if ! is_valid_ipv4 ${_net_arr[0]} ; then
LOCAL_NETWORKS=""
LOCAL_NETWORK_ARR=()
echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
echononl "Client Networks routed through VPN line: "
break
fi
LOCAL_NETWORK_ARR+=("$_net")
done
done
_OK=true
fi # if [[ $_IN -eq 0 ]] ; then
else
echo ""
echo -e "\tFalsche Eingabe !"
echo ""
echononl "Eingabe: "
fi # if is_number "$_IN" && [[ $_IN -lt 2 ]]; then
done
fi
#LOCAL_NETWORKS=""
#declare -a LOCAL_NETWORK_ARR=()
#echononl "Local networks to route through OpenVPN line: "
#while [[ "X$LOCAL_NETWORKS" = "X" ]] ; do
# read LOCAL_NETWORKS
# _to_lower_local_networks="$(trim ${LOCAL_NETWORKS,,})"
# if [[ "$_to_lower_local_networks" = "none" ]]; then
# LOCAL_NETWORKS=""
# break
# fi
# if [[ "X$LOCAL_NETWORKS" = "X" ]] ; then
# echo -e "\n\t\033[33m\033[1mWrong Entry!\033[m\n"
# echononl "Local networks to route through OpenVPN line: "
# continue
# fi
#
# for _net in ${LOCAL_NETWORKS} ; do
# IFS='/' read -a _net_arr <<< "${_net}"
# if ! is_valid_ipv4 ${_net_arr[0]} ; then
# LOCAL_NETWORKS=""
# LOCAL_NETWORK_ARR=()
# echo -e "\n\t\033[33m\033[1mNo valid network(s) given!\033[m\n"
# echononl "Local networks to route through OpenVPN line: "
# break
# fi
# LOCAL_NETWORK_ARR+=("$_net")
# done
#done
echo "" echo ""