Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-30 09:35:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update IKEv2 script

Browse Source 
- Improvement: If the script is run using sudo, export the VPN client
  config files to the user's home directory instead of "/root", and set
  owner/group so that users can more easily download the config files.
This commit is contained in:
hwdsl2 2021-01-30 14:24:01 -06:00
parent fd0d20ecc1
commit a44c1ea473
1 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
extras/ikev2setup.sh
View File

@ -110,10 +110,8 @@ check_utils_exist() {
check_container() {
in_container=0
export_dir=~/
if grep -qs "hwdsl2" /opt/src/run.sh; then
in_container=1
export_dir="/etc/ipsec.d/"
fi
}
@ -276,6 +274,22 @@ show_export_client_message() {
bigecho2 "Exporting existing IKEv2 client '$client_name', using default options."
}
get_export_dir() {
export_to_home_dir=0
if grep -qs "hwdsl2" /opt/src/run.sh; then
export_dir="/etc/ipsec.d/"
else
export_dir=~/
if [ -n "$SUDO_USER" ] && getent group "$SUDO_USER" >/dev/null 2>&1; then
user_home_dir=$(getent passwd "$SUDO_USER" 2>/dev/null | cut -d: -f6)
if [ -d "$user_home_dir" ] && [ "$user_home_dir" != "/" ]; then
export_dir="$user_home_dir/"
export_to_home_dir=1
fi
fi
fi
}
get_server_ip() {
echo "Trying to auto discover IP of this server..."
public_ip=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
@ -619,11 +633,17 @@ EOF
[ -z "$p12_password" ] && exiterr "Could not generate a random password for .p12 file."
fi
p12_file="$export_dir$client_name-$SYS_DT.p12"
if [ "$use_own_password" = "1" ]; then
pk12util -d sql:/etc/ipsec.d -n "$client_name" -o "$export_dir$client_name-$SYS_DT.p12" || exit 1
pk12util -d sql:/etc/ipsec.d -n "$client_name" -o "$p12_file" || exit 1
else
pk12util -W "$p12_password" -d sql:/etc/ipsec.d -n "$client_name" -o "$export_dir$client_name-$SYS_DT.p12" || exit 1
pk12util -W "$p12_password" -d sql:/etc/ipsec.d -n "$client_name" -o "$p12_file" || exit 1
fi
if [ "$export_to_home_dir" = "1" ]; then
chown "$SUDO_USER:$SUDO_USER" "$p12_file"
fi
chmod 600 "$p12_file"
}
install_base64_uuidgen() {
@ -802,6 +822,9 @@ $ca_base64
</plist>
EOF
if [ "$export_to_home_dir" = "1" ]; then
chown "$SUDO_USER:$SUDO_USER" "$mc_file"
fi
chmod 600 "$mc_file"
}
@ -835,6 +858,9 @@ cat > "$sswan_file" <<EOF
}
EOF
if [ "$export_to_home_dir" = "1" ]; then
chown "$SUDO_USER:$SUDO_USER" "$sswan_file"
fi
chmod 600 "$sswan_file"
}
@ -1162,6 +1188,7 @@ ikev2setup() {
done
check_arguments
get_export_dir
if [ "$add_client_using_defaults" = "1" ]; then
show_add_client_message