From c997225f1dee37cc7993822a2bc954805a2b9164 Mon Sep 17 00:00:00 2001 From: thaleia-kavalierou Date: Tue, 5 Jan 2021 21:31:58 +0000 Subject: [PATCH] Upload files to 'swarmVPN/vpn-files' --- swarmVPN/vpn-files/create-user.sh | 6 ++++ swarmVPN/vpn-files/create-vpn.sh | 47 ++++++++++++++++++++++++++++ swarmVPN/vpn-files/rm-user.sh | 22 +++++++++++++ swarmVPN/vpn-files/show-conn-user.sh | 2 ++ swarmVPN/vpn-files/show-user.sh | 2 ++ 5 files changed, 79 insertions(+) create mode 100644 swarmVPN/vpn-files/create-user.sh create mode 100644 swarmVPN/vpn-files/create-vpn.sh create mode 100644 swarmVPN/vpn-files/rm-user.sh create mode 100644 swarmVPN/vpn-files/show-conn-user.sh create mode 100644 swarmVPN/vpn-files/show-user.sh diff --git a/swarmVPN/vpn-files/create-user.sh b/swarmVPN/vpn-files/create-user.sh new file mode 100644 index 0000000..45c6a8f --- /dev/null +++ b/swarmVPN/vpn-files/create-user.sh @@ -0,0 +1,6 @@ +USERNAME=test1 +vpn_data=$PWD/openvpn-services/ +docker=registry.vlabs.uniwa.gr:5080/myownvpn + +docker run -v $vpn_data:/etc/openvpn --rm -it $docker easyrsa build-client-full $USERNAME nopass +docker run -v $vpn_data:/etc/openvpn --log-driver=none --rm $docker ovpn_getclient $USERNAME > $USERNAME.ovpn diff --git a/swarmVPN/vpn-files/create-vpn.sh b/swarmVPN/vpn-files/create-vpn.sh new file mode 100644 index 0000000..7409fd7 --- /dev/null +++ b/swarmVPN/vpn-files/create-vpn.sh @@ -0,0 +1,47 @@ +#!/bin/bash +IP=127.0.0.1 # Server IP +P=1194 # Server Port +OVPN_SERVER='10.80.0.0/16' # VPN Network + +#vpn_data=/var/lib/swarmlab/openvpn/openvpn-services/ # Dir to save data ** this must exist ** +vpn_data=$PWD/openvpn-services/ +if [ ! -d $vpn_data ]; then + mkdir -p $vpn_data +fi + +NAME=swarmlab-vpn-services # name of docker service +DOCKERnetwork=swarmlab-vpn-services-network # docker network +docker=registry.vlabs.uniwa.gr:5080/myownvpn # docker image + +docker stop $NAME #stop container +sleep 1 +docker container rm $NAME #rm container + +# rm config files +rm -f $vpn_data/openvpn.conf.*.bak +rm -f $vpn_data/openvpn.conf +rm -f $vpn_data/ovpn_env.sh.*.bak +rm -f $vpn_data/ovpn_env.sh + +# create network +sleep 1 +docker network create --attachable=true --driver=bridge --subnet=172.50.0.0/16 --gateway=172.50.0.1 $DOCKERnetwork + +#run container see ovpn_genconfig +docker run --net=none -it -v $vpn_data:/etc/openvpn -p 1194:1194 --rm $docker ovpn_genconfig -u udp://$IP:1194 \ +-N -d -c -p "route 172.50.20.0 255.255.255.0" -e "topology subnet" -s $OVPN_SERVER + +# create pki see ovpn_initpki +docker run --net=none -v $vpn_data:/etc/openvpn --rm -it $docker ovpn_initpki + +# see ovpn_copy_server_files +#docker run --net=none -v $vpn_data:/etc/openvpn --rm $docker ovpn_copy_server_files + +#create vpn see --cap-add=NET_ADMIN +sleep 1 +docker run --detach --name $NAME -v $vpn_data:/etc/openvpn --net=$DOCKERnetwork --ip=172.50.0.2 -p $P:1194/udp --cap-add=NET_ADMIN $docker + +sudo sysctl -w net.ipv4.ip_forward=1 + +#show created +docker ps diff --git a/swarmVPN/vpn-files/rm-user.sh b/swarmVPN/vpn-files/rm-user.sh new file mode 100644 index 0000000..ff43444 --- /dev/null +++ b/swarmVPN/vpn-files/rm-user.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +CLIENTNAME=test1 +U=$CLIENTNAME + +vpn_data=$PWD/openvpn-services/ +docker=registry.vlabs.uniwa.gr:5080/myownvpn + +rm -f $vpn_data/pki/reqs/$CLIENTNAME.req +rm -f $vpn_data/pki/private/$CLIENTNAME.key +rm -f $vpn_data/pki/issued/$CLIENTNAME.crt +rm -f $vpn_data/server/ccd/$CLIENTNAME +rm -f $vpn_data/ccd/$CLIENTNAME +pem=$(sudo grep "CN=$U$" $vpn_data/pki/index.txt | cut -f4) + +rm -f $vpn_data/pki/certs_by_serial/$pem.pem +sed -i "/CN=$U$/d" $vpn_data/pki/index.txt +echo $pem +docker run -v $vpn_data:/etc/openvpn --log-driver=none --rm -it $docker ovpn_revokeclient $CLIENTNAME remove + +rm -f $vpn_data_user_config/$CLIENTNAME.ovpn +rm -f $vpn_data_user_config1/$CLIENTNAME.ovpn diff --git a/swarmVPN/vpn-files/show-conn-user.sh b/swarmVPN/vpn-files/show-conn-user.sh new file mode 100644 index 0000000..df41324 --- /dev/null +++ b/swarmVPN/vpn-files/show-conn-user.sh @@ -0,0 +1,2 @@ +NAME=swarmlab-vpn-services +docker exec -it $NAME cat /tmp/openvpn-status.log diff --git a/swarmVPN/vpn-files/show-user.sh b/swarmVPN/vpn-files/show-user.sh new file mode 100644 index 0000000..821d703 --- /dev/null +++ b/swarmVPN/vpn-files/show-user.sh @@ -0,0 +1,2 @@ +NAME=swarmlab-vpn-services +docker exec -it $NAME ovpn_listclients