Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rename config files #38

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

rename config files #38

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
fa6fe94
rename config files
hiroTochigi Sep 30, 2023
6c38528
remove error
hiroTochigi Sep 30, 2023
3758256
change file name as expected by systemctl
hiroTochigi Sep 30, 2023
94b1347
driver experiment
hiroTochigi Oct 7, 2023
0f1cf51
fix making the incorrect conf file
hiroTochigi Oct 12, 2023
4d91698
bug fix
hiroTochigi Oct 14, 2023
0b3bb81
fix bug
hiroTochigi Oct 14, 2023
477e21a
fixes the makeVPN functions
hiroTochigi Oct 21, 2023
1c34987
push ipv4 address
hiroTochigi Nov 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions dependencies/createDirectories.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/bin/bash

scriptDir="$(dirname "$0")"

dirPaths=(
"$scriptDir/vpn/server"
"$scriptDir/vpn/client"
)

createDirectories() {
for dirPath in "${dirPaths[@]}"; do
if [ ! -d "$dirPath" ]; then
mkdir -p "$dirPath"
fi
done
}

getServerDirectory(){
echo "$scriptDir/vpn/server"
}


getClientDirectory(){
echo "$scriptDir/vpn/client"
}
3 changes: 3 additions & 0 deletions driver.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/bash
manageConfigPath=$(pwd)
source $manageConfigPath/vpn/executeBash.sh
1 change: 0 additions & 1 deletion init.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,6 @@ function createEc2(){
--instance-type t2.micro \
--key-name $keyname \
--security-groups $groupName
--user-data file://./setupIpTables.txt
}

function findData(){
Expand Down
7 changes: 7 additions & 0 deletions vpn/executeBash.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/bin/bash
manageConfigPath=$(pwd)
source $manageConfigPath/../dependencies/createDirectories.sh

createDirectories
getServerDirectory
getClientDirectory
20 changes: 14 additions & 6 deletions vpn/executeScriptOnRemoteServer.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,21 @@ sshkey=`treehouses sshtunnel key name | cut -d ' ' -f 5`
ssh -i /root/.ssh/$sshkey root@$publicIp "
apt update && apt upgrade && apt install -y openvpn"

function getServerConfName(){
serverName=server
defaultName=$serverName.conf
proxyName=${serverName}Proxy.conf
if [ "$mode" == "proxy" ]
then
echo $proxyName
else
echo $defaultName
fi
}

if [ "$mode" == "proxy" ]
then
scp -i /root/.ssh/$sshkey /etc/openvpn/server/serverProxy.conf root@$publicIp:/etc/openvpn/server/
else
scp -i /root/.ssh/$sshkey /etc/openvpn/server/server.conf root@$publicIp:/etc/openvpn/server/
fi
serverConfName=$(getServerConfName)

scp -i /root/.ssh/$sshkey /etc/openvpn/server/$serverConfName root@$publicIp:/etc/openvpn/server/server.conf


ssh -i /root/.ssh/$sshkey root@$publicIp "
Expand Down
54 changes: 41 additions & 13 deletions vpn/makeVPNClient.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
#!/bin/bash

mode=$1
balloonName=$1
Expand All @@ -20,31 +21,57 @@ source $manageConfigPath/../dependencies/securitygroupFunction.sh
source $manageConfigPath/../dependencies/manageConfig.sh
source $manageConfigPath/../dependencies/sshtunnelFunction.sh
source $manageConfigPath/../dependencies/reverseShell.sh
source $manageConfigPath/../dependencies/createDirectories.sh

source getRunningVPNEntityConfName.sh
source deleteEasytlsIClientnline.sh

startpath=$(pwd)
publicIp=$(getValueByAttribute $balloonName publicIp)

function makeClientConf(){
createDirectories

function getClientConfName(){
clientName=$1
fileName=$clientName.conf
defaultName=$clientName.conf
proxyName=${clientName}Proxy.conf
if [ "$mode" == "proxy" ]
then
cp $manageConfigPath/templates/clientProxy.conf /etc/openvpn/client/${clientName}Proxy.conf
echo $proxyName
else
cp $manageConfigPath/templates/client.conf /etc/openvpn/client/$fileName
echo $defaultName
fi
}

#
function makeClientConf(){
clientName=$1
defaultName=$clientName.conf
proxyName=${clientName}Proxy.conf

sed -i '/ca ca.crt/d' /etc/openvpn/client/$fileName
sed -i '/cert client.crt/d' /etc/openvpn/client/$fileName
sed -i '/key client.key/d' /etc/openvpn/client/$fileName
sed -i '/tls-auth ta.key 1/d' /etc/openvpn/client/$fileName
if [ "$mode" == "proxy" ]
then
cp $manageConfigPath/templates/clientProxy.conf /etc/openvpn/client/$proxyName
sed -i '/ca ca.crt/d' /etc/openvpn/client/$proxyName
sed -i '/cert client.crt/d' /etc/openvpn/client/$proxyName
sed -i '/key client.key/d' /etc/openvpn/client/$proxyName
sed -i '/tls-auth ta.key 1/d' /etc/openvpn/client/$proxyName

echo '' >> /etc/openvpn/client/$proxyName
cat /usr/share/easy-rsa/pki/easytls/$clientName.inline >> /etc/openvpn/client/$proxyName
cp /etc/openvpn/client/$proxyName $startpath/$proxyName
else
cp $manageConfigPath/templates/client.conf /etc/openvpn/client/$defaultName
sed -i '/ca ca.crt/d' /etc/openvpn/client/$defaultName
sed -i '/cert client.crt/d' /etc/openvpn/client/$defaultName
sed -i '/key client.key/d' /etc/openvpn/client/$defaultName
sed -i '/tls-auth ta.key 1/d' /etc/openvpn/client/$defaultName

echo '' >> /etc/openvpn/client/$defaultName
cat /usr/share/easy-rsa/pki/easytls/$clientName.inline >> /etc/openvpn/client/$defaultName
cp /etc/openvpn/client/$defaultName $startpath/$defaultName
fi

echo '' >> /etc/openvpn/client/$fileName
cat /usr/share/easy-rsa/pki/easytls/$clientName.inline >> /etc/openvpn/client/$fileName
cp /etc/openvpn/client/$fileName $startpath/$fileName
}


Expand Down Expand Up @@ -80,15 +107,16 @@ function makeTlsAuthInline(){

function addIPAddress(){
fileName=$1
sed -i "s/my-server-1/$publicIp/" /etc/openvpn/client/$fileName.conf
sed -i "s/my-server-1/$publicIp/" /etc/openvpn/client/$fileName
}

function makeClientCertificate(){
client=$1
makeClient $client
makeTlsAuthInline $client
makeClientConf $client
addIPAddress $client
fileName=$(getClientConfName $client)
addIPAddress $fileName
}

function checkFile(){
Expand Down
36 changes: 27 additions & 9 deletions vpn/makeVPNServer.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,34 @@
#!/bin/bash

source $manageConfigPath/../dependencies/createDirectories.sh

mode=$1
serverName=openvpn-server

createDirectories

if [[ -n "$mode" && "$mode" != "default" && "$mode" != "proxy" ]];
then
echo "Invalid mode: $mode. Mode must be 'proxy', 'default', or empty."
exit 1
fi

# Make pki, one master ca, and one server
function makeVPNServer(){
function getServerConfName(){
localServerName=server
defaultName=$localServerName.conf
proxyName=${localServerName}Proxy.conf
if [ "$mode" == "proxy" ]
then
cp ./templates/serverProxy.conf /etc/openvpn/server/
echo $proxyName
else
cp ./templates/server.conf /etc/openvpn/server/
echo $defaultName
fi
}

# Make pki, one master ca, and one server
function makeVPNServer(){
serverConfName=$(getServerConfName)
cp ./templates/$serverConfName /etc/openvpn/server/

cd /usr/share/easy-rsa/
cp vars.example vars
Expand All @@ -25,20 +39,24 @@ function makeVPNServer(){
./easyrsa gen-dh
}

#
function makeTlsKey(){
./easytls init-tls
./easytls build-tls-auth
}

#
function makeServerConfiguration(){
serverConfName=$(getServerConfName)
./easytls ita $serverName 0
cat /usr/share/easy-rsa/pki/easytls/$serverName.inline >> /etc/openvpn/server/server.conf
sed -i '/dh none/d' /etc/openvpn/server/server.conf
echo \<dh\> >> /etc/openvpn/server/server.conf
cat /usr/share/easy-rsa/pki/dh.pem >> /etc/openvpn/server/server.conf
echo \<\/dh\> >> /etc/openvpn/server/server.conf
cat /usr/share/easy-rsa/pki/easytls/$serverName.inline >> /etc/openvpn/server/$serverConfName
sed -i '/dh none/d' /etc/openvpn/server/$serverConfName
echo \<dh\> >> /etc/openvpn/server/$serverConfName
cat /usr/share/easy-rsa/pki/dh.pem >> /etc/openvpn/server/$serverConfName
echo \<\/dh\> >> /etc/openvpn/server/$serverConfName
}

#
function startVPNServer(){
# Start openvpn-server
status=$(systemctl status [email protected])
Expand Down
0 vpn/templates/clientSecure.conf → vpn/templates/clientProxy.conf
View file
Open in desktop
File renamed without changes.
3 changes: 3 additions & 0 deletions vpn/templates/serverSecure.conf → vpn/templates/serverProxy.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
port 1194
server 10.8.0.0 255.255.255.0
server-ipv6 2001:DB8:100::/64
proto udp
dev tun
ifconfig-pool-persist /var/log/openvpn/ipp.txt
Expand All @@ -8,6 +9,8 @@ ifconfig-pool-persist /var/log/openvpn/ipp.txt
;push "dhcp-option DNS 208.67.220.220"
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 2001:abde::1"
push "route-ipv6 ::/0"
keepalive 10 120
cipher AES-256-CBC
persist-key
Expand Down
Loading