Add generate-client.sh script

2025-03-22 19:01:40 +00:00
parent 7e2a01532d
commit f30687d059
1 changed files with 52 additions and 0 deletions
--- a/generate-client.sh
+++ b/generate-client.sh
@ -0,0 +1,52 @@
+#!/bin/bash
+
+# Check if running as root
+if [ "$EUID" -ne 0 ]; then 
+    echo "Please run as root"
+    exit 1
+fi
+
+if [ -z "$1" ]; then
+    echo "Usage: $0 <client-name>"
+    exit 1
+fi
+
+CLIENT_NAME=$1
+cd /etc/openvpn/server/easy-rsa
+
+# Generate client certificate and key
+./easyrsa gen-req $CLIENT_NAME nopass
+./easyrsa sign-req client $CLIENT_NAME
+
+# Make sure client directory exists
+mkdir -p /etc/openvpn/client
+
+# Create client configuration
+cat > /etc/openvpn/client/$CLIENT_NAME.ovpn << EOL
+client
+dev tun
+proto udp
+remote $(curl -s ifconfig.me) 1194
+resolv-retry infinite
+nobind
+persist-key
+persist-tun
+remote-cert-tls server
+cipher AES-256-GCM
+data-ciphers AES-256-GCM:AES-256-CBC:AES-128-GCM:CHACHA20-POLY1305
+block-outside-dns
+verb 3
+dhcp-option DNS 1.1.1.1
+dhcp-option DNS 1.0.0.1
+<ca>
+$(cat /etc/openvpn/server/ca.crt)
+</ca>
+<cert>
+$(cat /etc/openvpn/server/easy-rsa/pki/issued/$CLIENT_NAME.crt)
+</cert>
+<key>
+$(cat /etc/openvpn/server/easy-rsa/pki/private/$CLIENT_NAME.key)
+</key>
+EOL
+
+echo "Client configuration created: /etc/openvpn/client/$CLIENT_NAME.ovpn"