diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2020-11-06 18:25:10 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2020-11-06 18:25:10 -0300 |
| commit | 44aa200f3fc65c52b58bb49533bbfd17530911d0 (patch) | |
| tree | e0721500e31e412463233d635cb2bff1c4dee439 /share/provision/njalla-openvpn | |
| parent | c3d66da7c162508a7fdfddbf4aaaf2adfc4f7a58 (diff) | |
| download | kvmx-44aa200f3fc65c52b58bb49533bbfd17530911d0.tar.gz kvmx-44aa200f3fc65c52b58bb49533bbfd17530911d0.tar.bz2 | |
Provision: njalla-openvpn and njalla-wireguardfeature/njalla
Diffstat (limited to 'share/provision/njalla-openvpn')
| -rwxr-xr-x | share/provision/njalla-openvpn | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/share/provision/njalla-openvpn b/share/provision/njalla-openvpn new file mode 100755 index 0000000..eb8d1f4 --- /dev/null +++ b/share/provision/njalla-openvpn @@ -0,0 +1,49 @@ +#!/usr/bin/env bash +# +# Full desktop provision example +# +# Copyright (C) 2017 Silvio Rhatto - rhatto at riseup.net +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published +# by the Free Software Foundation, either version 3 of the License, +# or any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# Parameters +DIRNAME="`dirname $0`" +BASENAME="`basename $0`" +HOSTNAME="$1" +DOMAIN="$2" +MIRROR="$3" +APT_INSTALL="sudo LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y" + +# Provision the basic stuff +$DIRNAME/openvpn $HOSTNAME $DOMAIN $MIRROR + +# Firewall +$APT_INSTALL ferm ulogd2 ulogd2-pcap +sudo cp $DIRNAME/files/njalla-openvpn/etc/ferm/ferm.conf /etc/ferm +sudo cp $DIRNAME/files/njalla-openvpn/etc/udev/rules.d/81-vpn-firewall.rules /etc/udev/rules.d +sudo cp $DIRNAME/files/njalla-openvpn/usr/local/bin/fermreload.sh /usr/local/bin +sudo chmod 555 /usr/local/bin/fermreload.sh +sudo sed -i -e 's/^ENABLED=.*$/ENABLED="yes"/' /etc/default/ferm +sudo service ferm restart + +# Njalla +#sudo cp $DIRNAME/files/njalla/etc/openvpn/njalla.conf /etc/openvpn +#sudo touch /etc/openvpn/njalla.auth +#sudo chown root:root /etc/openvpn/njalla.conf +#sudo chown root:root /etc/openvpn/njalla.auth +#sudo chmod 400 /etc/openvpn/njalla.conf +#sudo chmod 400 /etc/openvpn/njalla.auth +#echo "Please set user/password at /etc/openvpn/njalla.auth" +echo "Please configure /etc/openvpn/njalla.conf" |