New sequence for installing openvpn with setup of custom scripts

This commit is contained in:
2021-03-27 05:35:11 +00:00
parent 260daa009c
commit 741d0c74c9
7 changed files with 168 additions and 0 deletions

59
seqs/openvpn.sh Executable file
View File

@@ -0,0 +1,59 @@
#!/bin/bash
toolName=openvpn
toolDeps=openvpn
toolDefaultConf="/etc/default/openvpn"
toolUserScriptsLoc="/usr/lib/openvpn"
# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_FILE=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_FILE%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
CONFIG_DIR="$WDIR/$SCRIPT_NAME"
step_config() {
#echo "Called once before executing steps."
## e.g. to source a config file manually:
#. "$CONFIG_FILE"
## or to use sequencer api with global config file:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
## or to use sequencer api with profile config file support:
#initSeqConfig -p "$SCRIPT_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#else
# # End if no configuration file exists
# [ $DRY -eq 0 ] && return -1
#fi
#[ $QUIET -ne 0 ] && APTOPT="-y"
return 0
}
step_1_info() { echo "Install $toolName"; }
step_1_alias() { ALIAS="install"; }
step_1() {
exe apt update
exe apt install $toolDeps $APTOPT
}
step_2_info() { echo "Install customized helper scripts to $toolUserScriptsLoc"; }
step_2() {
exep "mkdir \"$toolUserScriptsLoc\" 2>>/dev/null"
[ $? -ne 0 ] && \
echoseq " [W] $toolUserScriptsLoc already exists. Not overwriting existing files."
exe cp -n "$CONFIG_DIR"/* "$toolUserScriptsLoc"
}
step_10_info() { echo "Open openvpn system start configuration"; }
step_10_alias() { ALIAS="default"; }
step_10() {
exe vi "$toolDefaultConf"
}
VERSION_SEQREV=12
. /usr/local/bin/sequencer.sh

5
seqs/openvpn/down.sh Executable file
View File

@@ -0,0 +1,5 @@
#! /bin/bash
echo "Restoring original nameservers"
rm -f /etc/resolv.conf
cp -f /etc/resolv.conf.default /etc/resolv.conf
echo "Done restoring nameservers cheers"

22
seqs/openvpn/my.conf Normal file
View File

@@ -0,0 +1,22 @@
# Set output verbosity (3 recommended by openvpn)
# 0 -- No output except fatal errors.
# 1 to 4 -- Normal usage range.
# 5 -- Output R and W characters to the console for each packet read
# and write, uppercase is used for TCP/UDP packets and lowercase is
# used for TUN/TAP packets.
# 6 to 11 -- Debug info range (see errlevel.h for additional informtion
verb 1
# Always add custom nameserver
#dhcp-option DNS 208.67.222.222
#dhcp-option DNS 84.200.69.80
# Mute common false alarm on WiFi networks
mute-replay-warnings
# Allow openvpn to call user defined scripts
script-security 2
# Execute our custom up and down scripts
up /usr/lib/openvpn/vpn-up
down /usr/lib/openvpn/vpn-down

38
seqs/openvpn/up.sh Executable file
View File

@@ -0,0 +1,38 @@
#! /bin/bash
DEV=$1
if [ ! -d /tmp/openvpn ]; then
mkdir /tmp/openvpn
fi
CACHE_NAMESERVER="/tmp/$DEV.nameserver"
echo -n "" > $CACHE_NAMESERVER
TEMP_LOG="/tmp/openvpn_dns.log"
echo "DNS openvpn" > "$TEMP_LOG"
echo -e "${foreign_option_1}\n${foreign_option_2}\n$foreign_option_3" >> "$TEMP_LOG"
rm -rf /tmp/resolv.conf
touch /tmp/resolv.conf
dns=dns
for opt in ${!foreign_option_*}
do
eval "echo \$$opt" >> "$TEMP_LOG"
eval "dns=\${$opt#dhcp-option DNS }"
if [[ $dns =~ [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ]]; then
if [ ! -f /etc/resolv.conf.default ]; then
cp /etc/resolv.conf /etc/resolv.conf.default
fi
# don't add "local" dns server
#cat /etc/resolv.conf | grep -v ^# | grep -v ^nameserver > /tmp/resolv.conf
echo "nameserver $dns" >> /tmp/resolv.conf
echo $dns >> $CACHE_NAMESERVER
#cat /etc/resolv.conf | grep -v ^# | grep -v "nameserver $dns" | grep nameserver >> /tmp/resolv.conf
fi
done
if [ -e "/tmp/resolv.conf" ]; then
mv /tmp/resolv.conf /etc/resolv.conf
fi

13
seqs/openvpn/vpn-down Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
# Manage nameserver with resolvconf
#/etc/openvpn/update-resolv-conf
# Manage nameserver with /etc/resolv.conf only
#/usr/lib/openvpn/down.sh $@
# Delete route to internal network
#/usr/sbin/ip route del 10.5.0.0/24 via 192.168.0.20 dev eth0
# Stop services only active while vpn is connected
/usr/lib/openvpn/vpn-services stop

15
seqs/openvpn/vpn-services Executable file
View File

@@ -0,0 +1,15 @@
#!/bin/bash
# Default or unrecognized stops the listed services
serviceOp="stop"
case $1 in
start|restart|stop)
serviceOp="$1";;
*)
>&2 echo "Unrecognized argument. Stopping services"
serviceOp="stop";;
esac
#/usr/sbin/service danted $serviceOp
#/usr/sbin/service privoxy $serviceOp

16
seqs/openvpn/vpn-up Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/bash
# Make sure firewall is active
#ufw --force enable
# Manage nameserver with resolvconf
#/etc/openvpn/update-resolv-conf
# Manage nameserver with /etc/resolv.conf only
#/usr/lib/openvpn/up.sh $@
# Add route to internal network
#/usr/sbin/ip route add 10.5.0.0/24 via 192.168.0.20 dev eth0
# Start services only active while vpn is connected
/usr/lib/openvpn/vpn-services start