From ba4756d79946d2006a59ff2516b30624cf84c9dd Mon Sep 17 00:00:00 2001 From: Paul Rock Date: Wed, 14 Feb 2018 16:57:16 +0300 Subject: [PATCH] * ENV naming fix * URI in menu changed back to relative * Server conf script fix, mode field added --- .env.example | 4 +-- app/html/menu.php | 4 +-- scripts/install/00_env.sh | 75 ++++++++++++++++++++++++--------------- scripts/server-conf.php | 2 +- 4 files changed, 52 insertions(+), 33 deletions(-) diff --git a/.env.example b/.env.example index 8bb08e7..5ab9235 100644 --- a/.env.example +++ b/.env.example @@ -13,8 +13,8 @@ DB_PASS=openvpn_pass VPN_CONF=/etc/openvpn VPN_DEV=tun0 VPN_PROTO=tcp -VPN_LISTEN=192.168.1.2 -VPN_LISTEN_PORT=1194 +VPN_LOCAL=192.168.1.2 +VPN_LOCAL_PORT=1194 VPN_REMOTE=172.10.12.15 VPN_REMOTE_PORT=443 VPN_USER=nobody diff --git a/app/html/menu.php b/app/html/menu.php index e409f6c..295d56b 100644 --- a/app/html/menu.php +++ b/app/html/menu.php @@ -3,8 +3,8 @@ diff --git a/scripts/install/00_env.sh b/scripts/install/00_env.sh index f8af1b9..f580ba4 100644 --- a/scripts/install/00_env.sh +++ b/scripts/install/00_env.sh @@ -2,21 +2,21 @@ printf "\n################## Server informations ##################\n" -[ ! -z "$VPN_LISTEN" ] && echo "VPN_LISTEN=$VPN_LISTEN" -[ -z "$VPN_LISTEN" ] && read -p "Server local Hostname/IP: " VPN_LISTEN -[ -z "$VPN_LISTEN" ] && print_error "Server local address is required!" +[ ! -z "$VPN_LOCAL" ] && echo "VPN_LOCAL=$VPN_LOCAL" +[ -z "$VPN_LOCAL" ] && read -p "Server local Hostname/IP: " VPN_LOCAL +[ -z "$VPN_LOCAL" ] && print_error "Server local address is required!" -[ ! -z "$VPN_LISTEN_PORT" ] && echo "VPN_LISTEN_PORT=$VPN_LISTEN_PORT" -[ -z "$VPN_LISTEN_PORT" ] && read -p "OpenVPN listen port [1194]: " VPN_LISTEN_PORT -[ -z "$VPN_LISTEN_PORT" ] && VPN_LISTEN_PORT="1194" +[ ! -z "$VPN_LOCAL_PORT" ] && echo "VPN_LOCAL_PORT=$VPN_LOCAL_PORT" +[ -z "$VPN_LOCAL_PORT" ] && read -p "OpenVPN local port [1194]: " VPN_LOCAL_PORT +[ -z "$VPN_LOCAL_PORT" ] && VPN_LOCAL_PORT="1194" [ ! -z "$VPN_REMOTE" ] && echo "VPN_REMOTE=$VPN_REMOTE" -[ -z "$VPN_REMOTE" ] && read -p "Server remote Hostname/IP: " VPN_REMOTE -[ -z "$VPN_REMOTE" ] && print_error "Server remote address is required!" +[ -z "$VPN_REMOTE" ] && read -p "Server remote Hostname/IP: " VPN_REMOTE +[ -z "$VPN_REMOTE" ] && print_error "Server remote address is required!" [ ! -z "$VPN_REMOTE_PORT" ] && echo "VPN_REMOTE_PORT=$VPN_REMOTE_PORT" -[ -z "$VPN_REMOTE_PORT" ] && read -p "OpenVPN remote port [443]: " VPN_REMOTE_PORT -[ -z "$VPN_REMOTE_PORT" ] && VPN_REMOTE_PORT="443" +[ -z "$VPN_REMOTE_PORT" ] && read -p "OpenVPN remote port [443]: " VPN_REMOTE_PORT +[ -z "$VPN_REMOTE_PORT" ] && VPN_REMOTE_PORT="443" [ ! -z "$VPN_PROTO" ] && echo "VPN_PROTO=$VPN_PROTO" [ -z "$VPN_PROTO" ] && read -p "OpenVPN protocol (tcp or udp) [tcp]: " VPN_PROTO @@ -31,26 +31,26 @@ printf "\n################## Server informations ##################\n" [ -z "$VPN_GROUP" ] && VPN_GROUP="nogroup" [ ! -z "$VPN_DEV" ] && echo "VPN_DEV=$VPN_DEV" -[ -z "$VPN_DEV" ] && read -p "OpenVPN tunnel interface [tun0]: " VPN_DEV -[ -z "$VPN_DEV" ] && VPN_DEV="tun0" +[ -z "$VPN_DEV" ] && read -p "OpenVPN tunnel interface [tun0]: " VPN_DEV +[ -z "$VPN_DEV" ] && VPN_DEV="tun0" [ ! -z "$VPN_IF" ] && echo "VPN_IF=$VPN_IF" [ -z "$VPN_IF" ] && read -p "OpenVPN physical interface [eth0]: " VPN_IF [ -z "$VPN_IF" ] && VPN_IF="eth0" [ ! -z "$VPN_NET" ] && echo "VPN_NET=$VPN_NET" -[ -z "$VPN_NET" ] && read -p "OpenVPN clients subnet [10.8.0.0/24]: " VPN_NET -[ -z "$VPN_NET" ] && VPN_NET="10.8.0.0/24" +[ -z "$VPN_NET" ] && read -p "OpenVPN clients subnet [10.8.0.0/24]: " VPN_NET +[ -z "$VPN_NET" ] && VPN_NET="10.8.0.0/24" printf "\n################## Application informations ##################\n" [ ! -z "$APP_PATH" ] && echo "APP_PATH=$APP_PATH" -[ -z "$APP_PATH" ] && read -p "Web application root folder [/var/www/html]: " APP_PATH -[ -z "$APP_PATH" ] && APP_PATH="/var/www/html" +[ -z "$APP_PATH" ] && read -p "Web application root folder [/var/www/html]: " APP_PATH +[ -z "$APP_PATH" ] && APP_PATH="/var/www/html" [ ! -z "$SCRIPTS_PATH" ] && echo "SCRIPTS_PATH=$SCRIPTS_PATH" -[ -z "$SCRIPTS_PATH" ] && read -p "Folder with scripts for OpenVPN [$APP_PATH/scripts/auth-bash]: " SCRIPTS_PATH -[ -z "$SCRIPTS_PATH" ] && SCRIPTS_PATH="$APP_PATH/scripts/auth-bash" +[ -z "$SCRIPTS_PATH" ] && read -p "Folder with scripts for OpenVPN [$APP_PATH/scripts/auth-bash]: " SCRIPTS_PATH +[ -z "$SCRIPTS_PATH" ] && SCRIPTS_PATH="$APP_PATH/scripts/auth-bash" SCRIPTS_LOGIN="$SCRIPTS_PATH/login.sh" [ ! -z "$SCRIPTS_LOGIN" ] && echo "SCRIPTS_LOGIN=$SCRIPTS_LOGIN" @@ -63,13 +63,32 @@ SCRIPTS_DISCONNECT="$SCRIPTS_PATH/disconnect.sh" printf "\n################## Certificates informations ##################\n" -[ -z "$EASYRSA_KEY_SIZE" ] && read -p "Key size (1024, 2048 or 4096) [2048]: " EASYRSA_KEY_SIZE -[ -z "$EASYRSA_CA_EXPIRE" ] && read -p "Root certificate expiration (in days) [3650]: " EASYRSA_CA_EXPIRE -[ -z "$EASYRSA_CERT_EXPIRE" ] && read -p "Certificate expiration (in days) [3650]: " EASYRSA_CERT_EXPIRE -[ -z "$EASYRSA_REQ_COUNTRY" ] && read -p "Country Name (2 letter code) [US]: " EASYRSA_REQ_COUNTRY -[ -z "$EASYRSA_REQ_PROVINCE" ] && read -p "State or Province Name (full name) [California]: " EASYRSA_REQ_PROVINCE -[ -z "$EASYRSA_REQ_CITY" ] && read -p "Locality Name (eg, city) [San Francisco]: " EASYRSA_REQ_CITY -[ -z "$EASYRSA_REQ_ORG" ] && read -p "Organization Name (eg, company) [Copyleft Certificate Co]: " EASYRSA_REQ_ORG -[ -z "$EASYRSA_REQ_OU" ] && read -p "Organizational Unit Name (eg, section) [My Organizational Unit]: " EASYRSA_REQ_OU -[ -z "$EASYRSA_REQ_EMAIL" ] && read -p "Email Address [me@example.net]: " EASYRSA_REQ_EMAIL -[ -z "$EASYRSA_REQ_CN" ] && read -p "Common Name (eg, your name or your server's hostname) [ChangeMe]: " EASYRSA_REQ_CN +[ ! -z "$EASYRSA_KEY_SIZE" ] && echo "EASYRSA_KEY_SIZE=$EASYRSA_KEY_SIZE" +[ -z "$EASYRSA_KEY_SIZE" ] && read -p "Key size (1024, 2048 or 4096) [2048]: " EASYRSA_KEY_SIZE + +[ ! -z "$EASYRSA_CA_EXPIRE" ] && echo "EASYRSA_CA_EXPIRE=$EASYRSA_CA_EXPIRE" +[ -z "$EASYRSA_CA_EXPIRE" ] && read -p "Root certificate expiration (in days) [3650]: " EASYRSA_CA_EXPIRE + +[ ! -z "$EASYRSA_CERT_EXPIRE" ] && echo "EASYRSA_CERT_EXPIRE=$EASYRSA_CERT_EXPIRE" +[ -z "$EASYRSA_CERT_EXPIRE" ] && read -p "Certificate expiration (in days) [3650]: " EASYRSA_CERT_EXPIRE + +[ ! -z "$EASYRSA_REQ_COUNTRY" ] && echo "EASYRSA_REQ_COUNTRY=$EASYRSA_REQ_COUNTRY" +[ -z "$EASYRSA_REQ_COUNTRY" ] && read -p "Country Name (2 letter code) [US]: " EASYRSA_REQ_COUNTRY + +[ ! -z "$EASYRSA_REQ_PROVINCE" ] && echo "EASYRSA_REQ_PROVINCE=$EASYRSA_REQ_PROVINCE" +[ -z "$EASYRSA_REQ_PROVINCE" ] && read -p "State or Province Name (full name) [California]: " EASYRSA_REQ_PROVINCE + +[ ! -z "$EASYRSA_REQ_CITY" ] && echo "EASYRSA_REQ_CITY=$EASYRSA_REQ_CITY" +[ -z "$EASYRSA_REQ_CITY" ] && read -p "Locality Name (eg, city) [San Francisco]: " EASYRSA_REQ_CITY + +[ ! -z "$EASYRSA_REQ_ORG" ] && echo "EASYRSA_REQ_ORG=$EASYRSA_REQ_ORG" +[ -z "$EASYRSA_REQ_ORG" ] && read -p "Organization Name (eg, company) [Copyleft Certificate Co]: " EASYRSA_REQ_ORG + +[ ! -z "$EASYRSA_REQ_OU" ] && echo "EASYRSA_REQ_OU=$EASYRSA_REQ_OU" +[ -z "$EASYRSA_REQ_OU" ] && read -p "Organizational Unit Name (eg, section) [My Organizational Unit]: " EASYRSA_REQ_OU + +[ ! -z "$EASYRSA_REQ_EMAIL" ] && echo "EASYRSA_REQ_EMAIL=$EASYRSA_REQ_EMAIL" +[ -z "$EASYRSA_REQ_EMAIL" ] && read -p "Email Address [me@example.net]: " EASYRSA_REQ_EMAIL + +[ ! -z "$EASYRSA_REQ_CN" ] && echo "EASYRSA_REQ_CN=$EASYRSA_REQ_CN" +[ -z "$EASYRSA_REQ_CN" ] && read -p "Common Name (eg, your name or your server's hostname) [ChangeMe]: " EASYRSA_REQ_CN diff --git a/scripts/server-conf.php b/scripts/server-conf.php index 264114f..9f1e85f 100644 --- a/scripts/server-conf.php +++ b/scripts/server-conf.php @@ -8,7 +8,7 @@ $_ovpn = new EvilFreelancer\OpenVPN(); // TCP or UDP, port 443, tunneling $_ovpn - ->addParam('server') + ->addParam('mode', 'server') ->addParam('dev', getenv('VPN_DEV')) ->addParam('proto', getenv('VPN_PROTO')) ->addParam('port', getenv('VPN_LISTEN_PORT'));