|
@@ -140,6 +140,8 @@ function remove_vpn {
|
140
|
140
|
shred -zu /home/$USERNAME/$OPENVPN_KEY_FILENAME
|
141
|
141
|
fi
|
142
|
142
|
done
|
|
143
|
+ userdel -f vpn
|
|
144
|
+ groupdel -f vpn
|
143
|
145
|
}
|
144
|
146
|
|
145
|
147
|
function create_user_vpn_key {
|
|
@@ -196,8 +198,8 @@ function create_user_vpn_key {
|
196
|
198
|
|
197
|
199
|
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf $user_vpn_cert_file
|
198
|
200
|
sed -i "s|remote .*|remote $DEFAULT_DOMAIN_NAME 1194|g" $user_vpn_cert_file
|
199
|
|
- sed -i 's|;user nobody|user nobody|g' $user_vpn_cert_file
|
200
|
|
- sed -i 's|;group nogroup|group nobody|g' $user_vpn_cert_file
|
|
201
|
+ sed -i 's|;user no.*|user vpn|g' $user_vpn_cert_file
|
|
202
|
+ sed -i 's|;group no.*|group vpn|g' $user_vpn_cert_file
|
201
|
203
|
|
202
|
204
|
sed -i 's|ca ca.crt|;ca ca.crt|g' $user_vpn_cert_file
|
203
|
205
|
sed -i 's|cert client.crt|;cert client.crt|g' $user_vpn_cert_file
|
|
@@ -244,12 +246,15 @@ function install_vpn {
|
244
|
246
|
exit 783953
|
245
|
247
|
fi
|
246
|
248
|
|
|
249
|
+ groupadd vpn
|
|
250
|
+ useradd -r -s /bin/false -g vpn vpn
|
|
251
|
+
|
247
|
252
|
# server configuration
|
248
|
253
|
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
|
249
|
254
|
sed -i "s|;push \"redirect-gateway|push \"redirect-gateway|g" /etc/openvpn/server.conf
|
250
|
255
|
sed -i 's|;push "dhcp-option|push "dhcp-option|g' /etc/openvpn/server.conf
|
251
|
|
- sed -i 's|;user nobody|user nobody|g' /etc/openvpn/server.conf
|
252
|
|
- sed -i 's|;group nogroup|group nobody|g' /etc/openvpn/server.conf
|
|
256
|
+ sed -i 's|;user no.*|user vpn|g' /etc/openvpn/server.conf
|
|
257
|
+ sed -i 's|;group no.*|group vpn|g' /etc/openvpn/server.conf
|
253
|
258
|
sed -i 's|;max-clients.*|max-clients 2|g' /etc/openvpn/server.conf
|
254
|
259
|
|
255
|
260
|
echo 1 > /proc/sys/net/ipv4/ip_forward
|