Add PASSPHRASE support in headless mode

This commit is contained in:
Siebren Kraak 2022-07-27 14:19:07 +02:00
parent b3b7593b2d
commit c7d8455631
2 changed files with 21 additions and 2 deletions

View File

@ -71,6 +71,7 @@ If you want to customise your installation, you can export them or specify them
- `CUSTOMIZE_ENC=n`
- `CLIENT=clientname`
- `PASS=1`
- `PASSPHRASE=V3ryS3cureP4ssword#123`
If the server is behind NAT, you can specify its endpoint with the `ENDPOINT` variable. If the endpoint is the public IP address which it is behind, you can use `ENDPOINT=$(curl -4 ifconfig.co)` (the script will default to this). The endpoint can be an IPv4 or a domain.
@ -94,6 +95,17 @@ export PASS="1"
./openvpn-install.sh
```
To add a user with a passphrase instead
```bash
#!/bin/bash
export MENU_OPTION="1"
export CLIENT="foo"
export PASS="2"
export PASSPHRASE="V3ryS3cureP4ssword#123"
./openvpn-install.sh
```
## Features
- Installs and configures a ready-to-use OpenVPN server

View File

@ -1086,8 +1086,15 @@ function newClient() {
./easyrsa build-client-full "$CLIENT" nopass
;;
2)
if [[ -z "$PASSPHRASE" ]]; then
echo "⚠️ You will be asked for the client password below ⚠️"
./easyrsa build-client-full "$CLIENT"
else
echo "The password for client was already set"
PASSPHRASE="pass:${PASSPHRASE}"
./easyrsa --passin=$PASSPHRASE --passout=$PASSPHRASE build-client-full "$CLIENT"
fi
;;
esac
echo "Client $CLIENT added."