labriqueinternet
/
vpnclient_ynh
miroir de https://github.com/labriqueinternet/vpnclient_ynh


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
							#!/bin/bash

# Retrieve arguments
server_name=$1
crt_client=$2
crt_client_key=$3
crt_server_ca=$4
ip6_net=$5
ip6_interco=$6

# Check arguments
# TODO

# Install packages
sudo apt-get --assume-yes --force-yes install openvpn

# Install extra packages
sudo apt-get --assume-yes --force-yes install sipcalc

# Compute extra arguments
wired_device=$(ip r | awk '/default via/ { print $NF; }')
ip6_interco=$(sipcalc ${ip6_interco} | grep Compressed | awk '{ print $NF; }')
ip6_expanded_net=$(sipcalc ${ip6_net} | grep Expanded | awk '{ print $NF; }')
ip6_net=$(sipcalc ${ip6_net} | grep Compressed | awk '{ print $NF; }')
ip6_addr=$(echo "$(echo ${ip6_expanded_net} | cut -d: -f1-7):42")
ip6_addr=$(sipcalc ${ip6_addr} | grep Compressed | awk '{ print $NF; }')

# Save arguments for future upgrades
sudo yunohost app setting vpnclient wired_device -v ${wired_device}
sudo yunohost app setting vpnclient ip6_addr -v ${ip6_addr}
sudo yunohost app setting vpnclient ip6_net -v ${ip6_net}
sudo yunohost app setting vpnclient ip6_interco -v ${ip6_interco}
sudo yunohost app setting vpnclient crt_client -v ${crt_client}
sudo yunohost app setting vpnclient crt_client_key -v ${crt_client_key}
sudo yunohost app setting vpnclient crt_server_ca -v ${crt_server_ca}

# Copy confs
sudo install -b -o root -g root -m 0644 ../conf/client.conf.tpl /etc/openvpn/

# Create certificates
mkdir -pm 0700 /etc/openvpn/keys/

sudo cat << EOF > /etc/openvpn/keys/user.crt
${crt_client}
EOF
sudo cat << EOF > /etc/openvpn/keys/user.key
${crt_client_key}
EOF
sudo cat << EOF > /etc/openvpn/keys/ca-server.crt
${crt_server_ca}
EOF

sudo chown root: /etc/openvpn/keys/*
sudo chmod 0600 /etc/openvpn/keys/*

# Fix confs
## openvpn
sudo sed "s|<TPL:SERVER_NAME>|${server_name}|g" -i /etc/openvpn/client.conf.tpl

# Copy init script
sudo install -b -o root -g root -m 0755 ../conf/ynh-vpnclient /etc/init.d/

# Fix init script
## ynh-vpnclient
sudo sed "s|<TPL:IP6_ADDR>|${ip6_addr}|g" -i /etc/init.d/ynh-vpnclient
sudo sed "s|<TPL:IP6_INTERCO>|${ip6_interco}|g" -i /etc/init.d/ynh-vpnclient
sudo sed "s|<TPL:WIRED_DEVICE>|${wired_device}|g" -i /etc/init.d/ynh-vpnclient

# Set default inits
# The boot order of these services are important, so they are disabled by default
# and the ynh-vpnclient service handles them.
# All services are registred by yunohost in order to prevent conflicts after the uninstall.
sudo yunohost service add openvpn
sudo yunohost service stop openvpn
sudo yunohost service disable openvpn

# Gooo
sudo yunohost service add ynh-vpnclient
sudo yunohost service enable ynh-vpnclient
sudo yunohost service start ynh-vpnclient

exit 0