labriqueinternet
/
vpnclient_ynh
mirror of https://github.com/labriqueinternet/vpnclient_ynh


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
							#!/bin/bash

# Retrieve arguments
server_name=$1
crt_client_path=$2
crt_client_key_path=$3
crt_server_ca_path=$4
ip6_net=$5

# Check arguments
# TODO

# Install packages
sudo apt-get --assume-yes --force-yes install openvpn

# Install extra packages
sudo apt-get --assume-yes --force-yes install sipcalc

# Compute extra arguments
wired_device=$(ip r | awk '/default via/ { print $NF; }')
ip6_expanded_net=$(sipcalc ${ip6_net} | grep Expanded | awk '{ print $NF; }')
ip6_net=$(sipcalc ${ip6_net} | grep Compressed | awk '{ print $NF; }')
ip6_addr=$(echo "$(echo ${ip6_expanded_net} | cut -d: -f1-7):1")
ip6_addr=$(sipcalc ${ip6_addr} | grep Compressed | awk '{ print $NF; }')
server_ip6=$(host ${server_name} | awk '/IPv6/ { print $NF; }')

# Save arguments for future upgrades
sudo yunohost app setting vpnclient wired_device -v ${wired_device}
sudo yunohost app setting vpnclient ip6_addr -v ${ip6_addr}
sudo yunohost app setting vpnclient ip6_net -v ${ip6_net}
sudo yunohost app setting vpnclient server_name -v ${server_name}
sudo yunohost app setting vpnclient server_ip6 -v ${server_ip6}

# Copy confs
sudo install -b -o root -g root -m 0644 ../conf/client.conf.tpl /etc/openvpn/

# Copy certificates
sudo mkdir -pm 0700 /etc/openvpn/keys/
sudo chown root: /etc/openvpn/keys/

sudo install -b -o root -g root -m 0600 ${crt_client_path} /etc/openvpn/keys/user.crt
sudo install -b -o root -g root -m 0600 ${crt_client_key_path} /etc/openvpn/keys/user.key
sudo install -b -o root -g root -m 0600 ${crt_server_ca_path} /etc/openvpn/keys/ca-server.crt

sudo rm -f ${crt_client_path} ${crt_client_key_path} ${crt_server_ca_path}

# Fix confs
## openvpn
sudo sed "s|<TPL:SERVER_NAME>|${server_name}|g" -i /etc/openvpn/client.conf.tpl

# Copy init script
sudo install -b -o root -g root -m 0755 ../conf/ynh-vpnclient /etc/init.d/

# Fix init script
## ynh-vpnclient
sudo sed "s|<TPL:IP6_ADDR>|${ip6_addr}|g" -i /etc/init.d/ynh-vpnclient
sudo sed "s|<TPL:SERVER_IP6>|${server_ip6}|g" -i /etc/init.d/ynh-vpnclient
sudo sed "s|<TPL:WIRED_DEVICE>|${wired_device}|g" -i /etc/init.d/ynh-vpnclient

# Set default inits
# The openvpn configuration is modified before the start, so the service is disabled by default
# and the ynh-vpnclient service handles it.
# All services are registred by yunohost in order to prevent conflicts after the uninstall.
sudo yunohost service add openvpn
sudo yunohost service stop openvpn
sudo yunohost service disable openvpn

# Gooo
sudo yunohost service add ynh-vpnclient
sudo yunohost service enable ynh-vpnclient
sudo yunohost service start ynh-vpnclient

# Restart hotspot service if installed to change NAT configuration (now on tun0)
sudo yunohost app list -f hotspot --json | grep -q '"installed": true'
if [ "$?" -eq 0 ]; then
  sudo yunohost service stop ynh-hotspot
  sudo yunohost service start ynh-hotspot
fi

exit 0