defined ovpn-client-management.conf

2024-01-05 12:15:59 +03:00 · 2024-01-05 12:15:59 +03:00 · f5800dcc7e
commit f5800dcc7e
parent c8d985018b
2 changed files with 77 additions and 33 deletions
--- a/README.md
+++ b/README.md
@ -103,6 +103,22 @@ sudo wget https://git.hmp.today/pavel.muhortov/openvpn-management/raw/branch/mas
 sudo chmod +x /etc/openvpn/server/ovpn-client-management.sh
 ```

+```bash
+# edit ovpn-client-management.conf
+sudo tee /etc/openvpn/server/ovpn-client-management.conf > /dev/null <<'EOF'
+# mail configuration
+from=user@host.zone
+pass=password
+dest=user@host.zone
+smtp=smtp.host.zone
+port=587
+# telegram configuration
+API_KEY=YOURAPIKEY
+CHAT_ID=-100123456789
+THRD_ID=123
+EOF
+```
+
 ```bash
 # create link
 ln -s /etc/openvpn/server/ovpn-client-management.sh ./ovpn
--- a/ovpn-client-management.sh
+++ b/ovpn-client-management.sh
@ -3,7 +3,7 @@
 # DESCRIPTION:
 #   creating or deleting client config for openvpn
 #   and
-#   sending config and info to email
+#   sending config and info to email/telegram
 #
 # DEPENDENCIES:
 #   - privileged rights
@ -48,7 +48,7 @@ execquite() {
 }

 #######################################
-# Error exit procedure
+# Error exit procedure.
 # Globals:
 #   None
 # Arguments:
@ -59,6 +59,36 @@ execerror() {
  execquite
 }

+#######################################
+# Parsing config file and creating global vars.
+# Globals:
+#   None
+# Arguments:
+#   None
+#######################################
+getconfig() {
+  logs=/var/log/openvpn/$(basename -s .sh "$(realpath "$0")").log
+  conf="$(dirname "$(realpath "$0")")/$(basename -s .sh "$(realpath "$0")").conf"
+  # easyrsa configuration
+  easyrsadir="/etc/openvpn/easy-rsa"
+  easyrsaidx="${easyrsadir}/pki/index.txt"
+  easyrsaexe="${easyrsadir}/easyrsa"
+  easyrsavar="${easyrsadir}/vars"
+  easyrsacap="openvpnca"
+  ovpncfgdir="/etc/openvpn/client"
+  ovpncfgdef="${ovpncfgdir}/client.conf.default"
+  # mail configuration
+  from="$(grep "from=" "${conf}" | cut -d= -f2)"
+  pass="$(grep "pass=" "${conf}" | cut -d= -f2)"
+  dest="$(grep "dest=" "${conf}" | cut -d= -f2)"
+  smtp="$(grep "smtp=" "${conf}" | cut -d= -f2)"
+  port="$(grep "port=" "${conf}" | cut -d= -f2)"
+  # telegram configuration
+  API_KEY=$(grep "API_KEY=" "${conf}" | cut -d= -f2)
+  CHAT_ID=$(grep "CHAT_ID=" "${conf}" | cut -d= -f2)
+  THRD_ID=$(grep "THRD_ID=" "${conf}" | cut -d= -f2)
+}
+
 #######################################
 # Checking user rights.
 # Globals:
@ -77,7 +107,7 @@ checkroot() {
 }

 #######################################
-# Creating linux user
+# Creating linux user.
 # Globals:
 #   clientname
 #   clientpass
@ -90,7 +120,7 @@ createuser() {
 }

 #######################################
-# Creating Easy-RSA user certificate
+# Creating Easy-RSA user certificate.
 # Globals:
 #   easyrsadir
 #   easyrsavar
@ -111,7 +141,7 @@ createcert() {
 }

 #######################################
-# Creating ovpn config file
+# Creating ovpn config file.
 # Globals:
 #   easyrsadir
 #   ovpncfgdef
@ -132,7 +162,7 @@ createovpn() {
 }

 #######################################
-# Creating tar with config file
+# Creating tar with config file.
 # Globals:
 #   easyrsadir
 #   clientname
@ -152,7 +182,7 @@ createtars() {
 }

 #######################################
-# Creating info file
+# Creating info file.
 # Globals:
 #   easyrsadir
 #   easyrsaexe
@ -182,11 +212,16 @@ createinfo() {
 }

 #######################################
-# Send email notification about client config
+# Send email notification about client config.
 # Globals:
 #   clientname
 #   faqprofile
 #   ovpncfgdir
+#   from
+#   pass
+#   dest
+#   smtp
+#   port
 # Arguments:
 #   None
 #######################################
@ -194,34 +229,35 @@ startsendmail() {
  subj="[OVPN Settings] $(cat /etc/hostname): ${clientname}.ovpn client profile"
  (
    python3 /usr/local/bin/sendmail.py \
-    -u "$(grep "from=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
-    -p "$(grep "pass=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
-    -d "$(grep "dest=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
-    --smtp "$(grep "smtp=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
-    --port "$(grep "port=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
+    -u "${from}" \
+    -p "${pass}" \
+    -d "${dest}" \
+    --smtp "${smtp}" \
+    --port "${port}" \
    --stls "True" \
    --subj "${subj}" \
    --text "$(printf "%s\n" "${faqprofile}" | sed 's|`||g')" \
    --file "${ovpncfgdir}/${clientname}.ovpn,${ovpncfgdir}/${clientname}.tar" \
    >> /dev/null 2>&1 &
  )
-  addtologs "sent mail with subject '${subj}'"
+  addtologs "sent mail with subject '${subj}' to ${dest}"
 }

 #######################################
-# Send telegram notification about client config
+# Send telegram notification about client config.
 # Globals:
 #   clientname
 #   faqprofile
 #   ovpncfgdir
+#   API_KEY
+#   CHAT_ID
+#   THRD_ID
 # Arguments:
 #   None
 #######################################
+# shellcheck disable=SC2030,2031
 startsendtlgm() {
  (
-    API_KEY=$(grep "API_KEY=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
-    CHAT_ID=$(grep "CHAT_ID=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
-    THRD_ID=$(grep "THRD_ID=" /usr/local/bin/sendtelegram.config | cut -d= -f2)
    API_URL="https://api.telegram.org/bot${API_KEY}/sendMediaGroup?chat_id=${CHAT_ID}"

    if grep -q "_" <<< "${CHAT_ID}"; then
@ -238,11 +274,11 @@ startsendtlgm() {
         -F "tars=@${ovpncfgdir}/${clientname}.tar" \
        "${API_URL}"
  )
-  addtologs "sent telegram media with ${clientname}.ovpn client profile"
+  addtologs "sent telegram media with ${clientname}.ovpn client profile to ${CHAT_ID}"
 }

 #######################################
-# Deleting linux user
+# Deleting linux user.
 # Globals:
 #   clientname
 # Arguments:
@ -253,7 +289,7 @@ deleteuser() {
 }

 #######################################
-# Deleting Easy-RSA user certificate
+# Deleting Easy-RSA user certificate.
 # Globals:
 #   easyrsadir
 #   easyrsavar
@ -270,7 +306,7 @@ deletecert() {
 }

 #######################################
-# Deleting ovpn config file
+# Deleting ovpn config file.
 # Globals:
 #   clientname
 #   ovpncfgdir
@ -282,7 +318,7 @@ deleteovpn() {
 }

 #######################################
-# Deleting tar with config file
+# Deleting tar with config file.
 # Globals:
 #   clientname
 #   ovpncfgdir
@ -294,7 +330,7 @@ deletetars() {
 }

 #######################################
-# Deleting info file
+# Deleting info file.
 # Globals:
 #   clientname
 #   ovpncfgdir
@ -309,14 +345,6 @@ deleteinfo() {
 # VARIABLES:
 #

-easyrsadir="/etc/openvpn/easy-rsa"
-easyrsaidx="${easyrsadir}/pki/index.txt"
-easyrsaexe="${easyrsadir}/easyrsa"
-easyrsavar="${easyrsadir}/vars"
-easyrsacap="openvpnca"
-ovpncfgdir="/etc/openvpn/client"
-ovpncfgdef="${ovpncfgdir}/client.conf.default"
-
 clienttodo=$1
 clientname=$2
 clientpass=$3
@ -341,7 +369,7 @@ logs=/dev/null
 #

 if checkroot; then
-  logs=/var/log/openvpn/$(basename -s .sh "$0").log
+  getconfig
  if [ "${clienttodo}" == "add" ] && \
     [ -n "${clientname}" ] && \
     [ "${#clientpass}" -ge 8 ]; then