50 lines
1.2 KiB
Bash
Executable File
50 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Update System
|
|
sudo apt-get update && sudo apt-get upgrade -y
|
|
|
|
# Install OpenVPN and Easy-RSA
|
|
sudo apt-get install openvpn easy-rsa -y
|
|
|
|
# Set up Easy-RSA
|
|
make-cadir ~/openvpn-ca
|
|
cd ~/openvpn-ca
|
|
|
|
# Customize the vars file (Optional)
|
|
# nano vars
|
|
|
|
# Build CA
|
|
source vars
|
|
./clean-all
|
|
./build-ca --batch
|
|
|
|
# Create the Server Certificate, Key, and Encryption Files
|
|
./build-key-server --batch server
|
|
./build-dh
|
|
openvpn --genkey --secret keys/ta.key
|
|
|
|
# Copy the Server Certificates and Keys
|
|
sudo cp keys/{ca.crt,server.crt,server.key,ta.key,dh2048.pem} /etc/openvpn
|
|
|
|
# Configure the OpenVPN Service
|
|
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf
|
|
|
|
# Adjust the OpenVPN Configuration (Manual Step)
|
|
# sudo nano /etc/openvpn/server.conf
|
|
|
|
# Enable IP Forwarding
|
|
echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.conf
|
|
sudo sysctl -p
|
|
|
|
# Adjust UFW Rules (If UFW is used)
|
|
# sudo ufw allow 1194/udp
|
|
# sudo ufw allow OpenSSH
|
|
# sudo ufw disable
|
|
# sudo ufw enable
|
|
|
|
# Start and Enable OpenVPN Service
|
|
sudo systemctl start openvpn@server
|
|
sudo systemctl enable openvpn@server
|
|
|
|
echo "OpenVPN installation is complete."
|