pavel.muhortov/openvpn-management
1
0
Fork 0
generated from pavel.muhortov/template-bash
Code Issues Pull Requests Projects Releases Wiki Activity

defined ovpn-client-management.conf

Browse Source
This commit is contained in:
Pavel Muhortov 2024-01-05 12:15:59 +03:00
parent c8d985018b
commit f5800dcc7e
2 changed files with 77 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@ -103,6 +103,22 @@ sudo wget https://git.hmp.today/pavel.muhortov/openvpn-management/raw/branch/mas
sudo chmod +x /etc/openvpn/server/ovpn-client-management.sh sudo chmod +x /etc/openvpn/server/ovpn-client-management.sh
``` ```
```bash
# edit ovpn-client-management.conf
sudo tee /etc/openvpn/server/ovpn-client-management.conf > /dev/null <<'EOF'
# mail configuration
from=user@host.zone
pass=password
dest=user@host.zone
smtp=smtp.host.zone
port=587
# telegram configuration
API_KEY=YOURAPIKEY
CHAT_ID=-100123456789
THRD_ID=123
EOF
```
```bash ```bash
# create link # create link
ln -s /etc/openvpn/server/ovpn-client-management.sh ./ovpn ln -s /etc/openvpn/server/ovpn-client-management.sh ./ovpn

94
ovpn-client-management.sh
View File

@ -3,7 +3,7 @@
# DESCRIPTION: # DESCRIPTION:
# creating or deleting client config for openvpn # creating or deleting client config for openvpn
# and # and
# sending config and info to email # sending config and info to email/telegram
# #
# DEPENDENCIES: # DEPENDENCIES:
# - privileged rights # - privileged rights
@ -48,7 +48,7 @@ execquite() {
} }
####################################### #######################################
# Error exit procedure # Error exit procedure.
# Globals: # Globals:
# None # None
# Arguments: # Arguments:
@ -59,6 +59,36 @@ execerror() {
execquite execquite
} }
#######################################
# Parsing config file and creating global vars.
# Globals:
# None
# Arguments:
# None
#######################################
getconfig() {
logs=/var/log/openvpn/$(basename -s .sh "$(realpath "$0")").log
conf="$(dirname "$(realpath "$0")")/$(basename -s .sh "$(realpath "$0")").conf"
# easyrsa configuration
easyrsadir="/etc/openvpn/easy-rsa"
easyrsaidx="${easyrsadir}/pki/index.txt"
easyrsaexe="${easyrsadir}/easyrsa"
easyrsavar="${easyrsadir}/vars"
easyrsacap="openvpnca"
ovpncfgdir="/etc/openvpn/client"
ovpncfgdef="${ovpncfgdir}/client.conf.default"
# mail configuration
from="$(grep "from=" "${conf}" | cut -d= -f2)"
pass="$(grep "pass=" "${conf}" | cut -d= -f2)"
dest="$(grep "dest=" "${conf}" | cut -d= -f2)"
smtp="$(grep "smtp=" "${conf}" | cut -d= -f2)"
port="$(grep "port=" "${conf}" | cut -d= -f2)"
# telegram configuration
API_KEY=$(grep "API_KEY=" "${conf}" | cut -d= -f2)
CHAT_ID=$(grep "CHAT_ID=" "${conf}" | cut -d= -f2)
THRD_ID=$(grep "THRD_ID=" "${conf}" | cut -d= -f2)
}
####################################### #######################################
# Checking user rights. # Checking user rights.
# Globals: # Globals:
@ -77,7 +107,7 @@ checkroot() {
} }
####################################### #######################################
# Creating linux user # Creating linux user.
# Globals: # Globals:
# clientname # clientname
# clientpass # clientpass
@ -90,7 +120,7 @@ createuser() {
} }
####################################### #######################################
# Creating Easy-RSA user certificate # Creating Easy-RSA user certificate.
# Globals: # Globals:
# easyrsadir # easyrsadir
# easyrsavar # easyrsavar
@ -111,7 +141,7 @@ createcert() {
} }
####################################### #######################################
# Creating ovpn config file # Creating ovpn config file.
# Globals: # Globals:
# easyrsadir # easyrsadir
# ovpncfgdef # ovpncfgdef
@ -132,7 +162,7 @@ createovpn() {
} }
####################################### #######################################
# Creating tar with config file # Creating tar with config file.
# Globals: # Globals:
# easyrsadir # easyrsadir
# clientname # clientname
@ -152,7 +182,7 @@ createtars() {
} }
####################################### #######################################
# Creating info file # Creating info file.
# Globals: # Globals:
# easyrsadir # easyrsadir
# easyrsaexe # easyrsaexe
@ -182,11 +212,16 @@ createinfo() {
} }
####################################### #######################################
# Send email notification about client config # Send email notification about client config.
# Globals: # Globals:
# clientname # clientname
# faqprofile # faqprofile
# ovpncfgdir # ovpncfgdir
# from
# pass
# dest
# smtp
# port
# Arguments: # Arguments:
# None # None
####################################### #######################################
@ -194,34 +229,35 @@ startsendmail() {
subj="[OVPN Settings] $(cat /etc/hostname): ${clientname}.ovpn client profile" subj="[OVPN Settings] $(cat /etc/hostname): ${clientname}.ovpn client profile"
( (
python3 /usr/local/bin/sendmail.py \ python3 /usr/local/bin/sendmail.py \
-u "$(grep "from=" /usr/local/bin/sendmail.config | cut -d= -f2)" \ -u "${from}" \
-p "$(grep "pass=" /usr/local/bin/sendmail.config | cut -d= -f2)" \ -p "${pass}" \
-d "$(grep "dest=" /usr/local/bin/sendmail.config | cut -d= -f2)" \ -d "${dest}" \
--smtp "$(grep "smtp=" /usr/local/bin/sendmail.config | cut -d= -f2)" \ --smtp "${smtp}" \
--port "$(grep "port=" /usr/local/bin/sendmail.config | cut -d= -f2)" \ --port "${port}" \
--stls "True" \ --stls "True" \
--subj "${subj}" \ --subj "${subj}" \
--text "$(printf "%s\n" "${faqprofile}" | sed 's|`||g')" \ --text "$(printf "%s\n" "${faqprofile}" | sed 's|`||g')" \
--file "${ovpncfgdir}/${clientname}.ovpn,${ovpncfgdir}/${clientname}.tar" \ --file "${ovpncfgdir}/${clientname}.ovpn,${ovpncfgdir}/${clientname}.tar" \
>> /dev/null 2>&1 & >> /dev/null 2>&1 &
) )
addtologs "sent mail with subject '${subj}'" addtologs "sent mail with subject '${subj}' to ${dest}"
} }
####################################### #######################################
# Send telegram notification about client config # Send telegram notification about client config.
# Globals: # Globals:
# clientname # clientname
# faqprofile # faqprofile
# ovpncfgdir # ovpncfgdir
# API_KEY
# CHAT_ID
# THRD_ID
# Arguments: # Arguments:
# None # None
####################################### #######################################
# shellcheck disable=SC2030,2031
startsendtlgm() { startsendtlgm() {
( (
API_KEY=$(grep "API_KEY=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
CHAT_ID=$(grep "CHAT_ID=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
THRD_ID=$(grep "THRD_ID=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
API_URL="https://api.telegram.org/bot${API_KEY}/sendMediaGroup?chat_id=${CHAT_ID}" API_URL="https://api.telegram.org/bot${API_KEY}/sendMediaGroup?chat_id=${CHAT_ID}"
if grep -q "_" <<< "${CHAT_ID}"; then if grep -q "_" <<< "${CHAT_ID}"; then
@ -238,11 +274,11 @@ startsendtlgm() {
-F "tars=@${ovpncfgdir}/${clientname}.tar" \ -F "tars=@${ovpncfgdir}/${clientname}.tar" \
"${API_URL}" "${API_URL}"
) )
addtologs "sent telegram media with ${clientname}.ovpn client profile" addtologs "sent telegram media with ${clientname}.ovpn client profile to ${CHAT_ID}"
} }
####################################### #######################################
# Deleting linux user # Deleting linux user.
# Globals: # Globals:
# clientname # clientname
# Arguments: # Arguments:
@ -253,7 +289,7 @@ deleteuser() {
} }
####################################### #######################################
# Deleting Easy-RSA user certificate # Deleting Easy-RSA user certificate.
# Globals: # Globals:
# easyrsadir # easyrsadir
# easyrsavar # easyrsavar
@ -270,7 +306,7 @@ deletecert() {
} }
####################################### #######################################
# Deleting ovpn config file # Deleting ovpn config file.
# Globals: # Globals:
# clientname # clientname
# ovpncfgdir # ovpncfgdir
@ -282,7 +318,7 @@ deleteovpn() {
} }
####################################### #######################################
# Deleting tar with config file # Deleting tar with config file.
# Globals: # Globals:
# clientname # clientname
# ovpncfgdir # ovpncfgdir
@ -294,7 +330,7 @@ deletetars() {
} }
####################################### #######################################
# Deleting info file # Deleting info file.
# Globals: # Globals:
# clientname # clientname
# ovpncfgdir # ovpncfgdir
@ -309,14 +345,6 @@ deleteinfo() {
# VARIABLES: # VARIABLES:
# #
easyrsadir="/etc/openvpn/easy-rsa"
easyrsaidx="${easyrsadir}/pki/index.txt"
easyrsaexe="${easyrsadir}/easyrsa"
easyrsavar="${easyrsadir}/vars"
easyrsacap="openvpnca"
ovpncfgdir="/etc/openvpn/client"
ovpncfgdef="${ovpncfgdir}/client.conf.default"
clienttodo=$1 clienttodo=$1
clientname=$2 clientname=$2
clientpass=$3 clientpass=$3
@ -341,7 +369,7 @@ logs=/dev/null
# #
if checkroot; then if checkroot; then
logs=/var/log/openvpn/$(basename -s .sh "$0").log getconfig
if [ "${clienttodo}" == "add" ] && \ if [ "${clienttodo}" == "add" ] && \
[ -n "${clientname}" ] && \ [ -n "${clientname}" ] && \
[ "${#clientpass}" -ge 8 ]; then [ "${#clientpass}" -ge 8 ]; then