| Zack Williams | ba5c9d3 | 2022-06-05 21:49:18 -0700 | [diff] [blame^] | 1 | #!/usr/bin/env bash |
| 2 | |
| 3 | set -xeu -o pipefail |
| 4 | |
| 5 | VPN_USER=$1 |
| 6 | |
| 7 | VPN_SITE=${VPN_SITE:-example} |
| 8 | |
| 9 | export IM_CA_NAME=openvpn_ca |
| 10 | export LEAF_PURPOSE=client_cert_ext |
| 11 | |
| 12 | export LEAF_KEYPAIR=${VPN_USER} |
| 13 | export LEAF_EMAIL=${LEAF_EMAIL:-"${VPN_USER}@opennetworking.org"} |
| 14 | export LEAF_SAN="email:${LEAF_EMAIL}" |
| 15 | |
| 16 | make onf_pki/certout/${VPN_USER}.pem |
| 17 | |
| 18 | # build config |
| 19 | VPN_CONFIG=openvpn/${VPN_USER}_${VPN_SITE}.ovpn |
| 20 | cat openvpn/generic_${VPN_SITE}.ovpn > $VPN_CONFIG |
| 21 | |
| 22 | cat << EOKEY >> $VPN_CONFIG |
| 23 | |
| 24 | # client key |
| 25 | <key> |
| 26 | EOKEY |
| 27 | |
| 28 | # add key |
| 29 | cat onf_pki/certout/${VPN_USER}.key >> $VPN_CONFIG |
| 30 | |
| 31 | cat << EOCERT >> $VPN_CONFIG |
| 32 | </key> |
| 33 | |
| 34 | # client cert |
| 35 | <cert> |
| 36 | EOCERT |
| 37 | |
| 38 | # add pem |
| 39 | cat onf_pki/certout/${VPN_USER}.pem >> $VPN_CONFIG |
| 40 | |
| 41 | cat << EOF >> $VPN_CONFIG |
| 42 | </cert> |
| 43 | EOF |