aboutsummaryrefslogtreecommitdiff
path: root/share/provision/njalla-openvpn
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2020-11-06 18:25:10 -0300
committerSilvio Rhatto <rhatto@riseup.net>2020-11-06 18:25:10 -0300
commit44aa200f3fc65c52b58bb49533bbfd17530911d0 (patch)
treee0721500e31e412463233d635cb2bff1c4dee439 /share/provision/njalla-openvpn
parentc3d66da7c162508a7fdfddbf4aaaf2adfc4f7a58 (diff)
downloadkvmx-44aa200f3fc65c52b58bb49533bbfd17530911d0.tar.gz
kvmx-44aa200f3fc65c52b58bb49533bbfd17530911d0.tar.bz2
Provision: njalla-openvpn and njalla-wireguardfeature/njalla
Diffstat (limited to 'share/provision/njalla-openvpn')
-rwxr-xr-xshare/provision/njalla-openvpn49
1 files changed, 49 insertions, 0 deletions
diff --git a/share/provision/njalla-openvpn b/share/provision/njalla-openvpn
new file mode 100755
index 0000000..eb8d1f4
--- /dev/null
+++ b/share/provision/njalla-openvpn
@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+#
+# Full desktop provision example
+#
+# Copyright (C) 2017 Silvio Rhatto - rhatto at riseup.net
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published
+# by the Free Software Foundation, either version 3 of the License,
+# or any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# Parameters
+DIRNAME="`dirname $0`"
+BASENAME="`basename $0`"
+HOSTNAME="$1"
+DOMAIN="$2"
+MIRROR="$3"
+APT_INSTALL="sudo LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y"
+
+# Provision the basic stuff
+$DIRNAME/openvpn $HOSTNAME $DOMAIN $MIRROR
+
+# Firewall
+$APT_INSTALL ferm ulogd2 ulogd2-pcap
+sudo cp $DIRNAME/files/njalla-openvpn/etc/ferm/ferm.conf /etc/ferm
+sudo cp $DIRNAME/files/njalla-openvpn/etc/udev/rules.d/81-vpn-firewall.rules /etc/udev/rules.d
+sudo cp $DIRNAME/files/njalla-openvpn/usr/local/bin/fermreload.sh /usr/local/bin
+sudo chmod 555 /usr/local/bin/fermreload.sh
+sudo sed -i -e 's/^ENABLED=.*$/ENABLED="yes"/' /etc/default/ferm
+sudo service ferm restart
+
+# Njalla
+#sudo cp $DIRNAME/files/njalla/etc/openvpn/njalla.conf /etc/openvpn
+#sudo touch /etc/openvpn/njalla.auth
+#sudo chown root:root /etc/openvpn/njalla.conf
+#sudo chown root:root /etc/openvpn/njalla.auth
+#sudo chmod 400 /etc/openvpn/njalla.conf
+#sudo chmod 400 /etc/openvpn/njalla.auth
+#echo "Please set user/password at /etc/openvpn/njalla.auth"
+echo "Please configure /etc/openvpn/njalla.conf"