r4mp · June 4, 2013 11:01
diff --git a/gistfile1.sh b/gistfile1.sh
 #!/bin/sh
 #
 # ds9vpn - creates the setting files for a DS9-VPN
 # Copyright (C) 2013  Gerrit Giehl <[email protected]>
 #
 # This program is free software: you can redistribute it and/or modify it under
 # the terms of the GNU General Public License as published by the Free Software
 # Foundation, either version 3 of the License, or (at your option) any later
 # version.
 #
 # This program is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 # FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 # details.
 #
 # You should have received a copy of the GNU General Public License along with
 # this program.  If not, see <http://www.gnu.org/licenses/>.

 USERNAME=$1
 PASSWORD=$2

 DS9CERT_FILE="ds9.ca"
 DS9CERT_CONTENT="-----BEGIN CERTIFICATE-----
 MIID7DCCA1WgAwIBAgIJAKi66ix+0cwqMA0GCSqGSIb3DQEBBQUAMIGrMQswCQYD
 VQQGEwJERTEMMAoGA1UECBMDTlJXMRQwEgYDVQQHEwtEdWVzc2VsZG9yZjEgMB4G
 A1UEChMXRnJlaWZ1bmsgUmhlaW5sYW5kIGUuVi4xFDASBgNVBAsTC1ZQTiB0ZXN0
 aW5nMQwwCgYDVQQDEwNkczkxDDAKBgNVBCkTA2RzOTEkMCIGCSqGSIb3DQEJARYV
 bm9tYXN0ZXJAY2hhb3Nkb3JmLmRlMB4XDTEyMTIxMDE2MTcwOFoXDTIyMTIwODE2
 MTcwOFowgasxCzAJBgNVBAYTAkRFMQwwCgYDVQQIEwNOUlcxFDASBgNVBAcTC0R1
 ZXNzZWxkb3JmMSAwHgYDVQQKExdGcmVpZnVuayBSaGVpbmxhbmQgZS5WLjEUMBIG
 A1UECxMLVlBOIHRlc3RpbmcxDDAKBgNVBAMTA2RzOTEMMAoGA1UEKRMDZHM5MSQw
 IgYJKoZIhvcNAQkBFhVub21hc3RlckBjaGFvc2RvcmYuZGUwgZ8wDQYJKoZIhvcN
 AQEBBQADgY0AMIGJAoGBAL0W05y7iOOI75B+iJIWzHKV7Qs9SGG1jICGZDNYBs98
 0KsxkHjeOE1ier2r/t5kJefW/GhOo0eqrWLJrLw7z1G6AKm0fxjPgeiuO7kgCAzU
 hHydC9yW/eM5NDYxq7hep3PlmtMuELOCsJr0K9/Osx3GxD3yhi+QRO6ftApEYY+n
 AgMBAAGjggEUMIIBEDAdBgNVHQ4EFgQUpOCOm8Tgv5x2rx/A1nP11uwGyuowgeAG
 A1UdIwSB2DCB1YAUpOCOm8Tgv5x2rx/A1nP11uwGyuqhgbGkga4wgasxCzAJBgNV
 BAYTAkRFMQwwCgYDVQQIEwNOUlcxFDASBgNVBAcTC0R1ZXNzZWxkb3JmMSAwHgYD
 VQQKExdGcmVpZnVuayBSaGVpbmxhbmQgZS5WLjEUMBIGA1UECxMLVlBOIHRlc3Rp
 bmcxDDAKBgNVBAMTA2RzOTEMMAoGA1UEKRMDZHM5MSQwIgYJKoZIhvcNAQkBFhVu
 b21hc3RlckBjaGFvc2RvcmYuZGWCCQCouuosftHMKjAMBgNVHRMEBTADAQH/MA0G
 CSqGSIb3DQEBBQUAA4GBAIZLqR9IXiYA9OjurY9W0w09jqX2wqsI+XGCCxs2vxcC
 oIcI5pSPZUrlMlxuR9CK1loiknll8JLTJ2et8E8KRrH6Lxbqa9UO97zvVoPEBH3q
 YmoZmUWHno6leNjbnXNP5DVKs2VGV6GqqMZQdN9JrE76DECsXKd9goOCCTIdPAwe
 -----END CERTIFICATE-----"

 DS9CONF_FILE="ds9.conf"
 DS9CONF_CONTENT="client
 remote ds9.freifunk-rheinland.net
 comp-lzo
 dev tunff
 remote-cert-tls server
 ca /etc/openvpn/ds9.ca
 auth-user-pass /etc/openvpn/ds9.txt"

 DS9PW_FILE="ds9.txt"
 DS9PW_USER="${USERNAME}"
 DS9PW_PASS="${PASSWORD}"

 DS9FW_FILE="firewall.user"
 DS9FW_CONTENT="#openvpn
 iptables -I FORWARD -i br-mesh -o tunff -j ACCEPT
 iptables -I FORWARD -i tunff -o br-mesh -j ACCEPT
 iptables -t nat -A POSTROUTING -o tunff -j MASQUERADE
 iptables -A INPUT -i tunff -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 iptables -A INPUT -i tunff -j REJECT"


 DS9_OVERRIDE=""

 create_file() {
  if [[ -a "$1" ]]; then
 		while [[ ! "${DS9_OVERRIDE}" =~ ^[Yy]$ ]] || [[ ! "${DS9_OVERRIDE}" =~ ^[Nn]$ ]]; do
 			echo "$1 already exists! Override? (Y/N)"
 			read DS9_OVERRIDE
 		done
 	
 		if [[ "${DS9_OVERRIDE}" =~ ^[Yy]$ ]]; then
 			echo -e "$2" > "$1"
 		else
 			echo "have a nice day!"
 			return 0;
 		fi

 		DS9_OVERRIDE=""
 	else
 		touch "$1"
 		echo -e "$2" > "$1"
 		DS9_OVERRIDE=""
 	fi
 }

 create_file "${DS9CERT_FILE}" "${DS9CERT_CONTENT}"
 create_file "${DS9CONF_FILE}" "${DS9CONF_CONTENT}"

 if [[ $# -ne 2 ]]; then
 	while [[ ! "${DS9PW_OK}" =~ ^[Yy]$ ]] || [[ ! "${DS9PW_OK}" =~ ^[Nn]$ ]]; do
 		echo "username:"
 		read DS9PW_USER
 		echo "password:"
 		read DS9PW_PASS
 		echo "use this credentials? (Y/N)"
 		read DS9PW_OK
 	done
 	
 	if [[ "${DS9PW_OK}" =~ ^[Yy]$ ]]; then
 		create_file "${DS9PW_USER}" "${DS9PW_PASS}"
 		break;
 	else
 		echo "have a nice day!"
 		return 0;
 	fi
 else
 	create_file "${DS9PW_FILE}" "${1}\n${2}"
 fi

 uci set openvpn.custom_config.enable=1
 uci set openvpn.custom_config.config=/etc/openvpn/ds9.conf
 uci commit openvpn

 /etc/init.d/openvpn enable
 /etc/init.d/openvpn start

 echo "reboot..."

 reboot
	#!/bin/sh
	#
	# ds9vpn - creates the setting files for a DS9-VPN
	# Copyright (C) 2013 Gerrit Giehl <[email protected]>
	#
	# This program is free software: you can redistribute it and/or modify it under
	# the terms of the GNU General Public License as published by the Free Software
	# Foundation, either version 3 of the License, or (at your option) any later
	# version.
	#
	# This program is distributed in the hope that it will be useful, but WITHOUT
	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
	# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
	# details.
	#
	# You should have received a copy of the GNU General Public License along with
	# this program. If not, see <http://www.gnu.org/licenses/>.

	USERNAME=$1
	PASSWORD=$2

	DS9CERT_FILE="ds9.ca"
	DS9CERT_CONTENT="-----BEGIN CERTIFICATE-----
	MIID7DCCA1WgAwIBAgIJAKi66ix+0cwqMA0GCSqGSIb3DQEBBQUAMIGrMQswCQYD
	VQQGEwJERTEMMAoGA1UECBMDTlJXMRQwEgYDVQQHEwtEdWVzc2VsZG9yZjEgMB4G
	A1UEChMXRnJlaWZ1bmsgUmhlaW5sYW5kIGUuVi4xFDASBgNVBAsTC1ZQTiB0ZXN0
	aW5nMQwwCgYDVQQDEwNkczkxDDAKBgNVBCkTA2RzOTEkMCIGCSqGSIb3DQEJARYV
	bm9tYXN0ZXJAY2hhb3Nkb3JmLmRlMB4XDTEyMTIxMDE2MTcwOFoXDTIyMTIwODE2
	MTcwOFowgasxCzAJBgNVBAYTAkRFMQwwCgYDVQQIEwNOUlcxFDASBgNVBAcTC0R1
	ZXNzZWxkb3JmMSAwHgYDVQQKExdGcmVpZnVuayBSaGVpbmxhbmQgZS5WLjEUMBIG
	A1UECxMLVlBOIHRlc3RpbmcxDDAKBgNVBAMTA2RzOTEMMAoGA1UEKRMDZHM5MSQw
	IgYJKoZIhvcNAQkBFhVub21hc3RlckBjaGFvc2RvcmYuZGUwgZ8wDQYJKoZIhvcN
	AQEBBQADgY0AMIGJAoGBAL0W05y7iOOI75B+iJIWzHKV7Qs9SGG1jICGZDNYBs98
	0KsxkHjeOE1ier2r/t5kJefW/GhOo0eqrWLJrLw7z1G6AKm0fxjPgeiuO7kgCAzU
	hHydC9yW/eM5NDYxq7hep3PlmtMuELOCsJr0K9/Osx3GxD3yhi+QRO6ftApEYY+n
	AgMBAAGjggEUMIIBEDAdBgNVHQ4EFgQUpOCOm8Tgv5x2rx/A1nP11uwGyuowgeAG
	A1UdIwSB2DCB1YAUpOCOm8Tgv5x2rx/A1nP11uwGyuqhgbGkga4wgasxCzAJBgNV
	BAYTAkRFMQwwCgYDVQQIEwNOUlcxFDASBgNVBAcTC0R1ZXNzZWxkb3JmMSAwHgYD
	VQQKExdGcmVpZnVuayBSaGVpbmxhbmQgZS5WLjEUMBIGA1UECxMLVlBOIHRlc3Rp
	bmcxDDAKBgNVBAMTA2RzOTEMMAoGA1UEKRMDZHM5MSQwIgYJKoZIhvcNAQkBFhVu
	b21hc3RlckBjaGFvc2RvcmYuZGWCCQCouuosftHMKjAMBgNVHRMEBTADAQH/MA0G
	CSqGSIb3DQEBBQUAA4GBAIZLqR9IXiYA9OjurY9W0w09jqX2wqsI+XGCCxs2vxcC
	oIcI5pSPZUrlMlxuR9CK1loiknll8JLTJ2et8E8KRrH6Lxbqa9UO97zvVoPEBH3q
	YmoZmUWHno6leNjbnXNP5DVKs2VGV6GqqMZQdN9JrE76DECsXKd9goOCCTIdPAwe
	-----END CERTIFICATE-----"

	DS9CONF_FILE="ds9.conf"
	DS9CONF_CONTENT="client
	remote ds9.freifunk-rheinland.net
	comp-lzo
	dev tunff
	remote-cert-tls server
	ca /etc/openvpn/ds9.ca
	auth-user-pass /etc/openvpn/ds9.txt"

	DS9PW_FILE="ds9.txt"
	DS9PW_USER="${USERNAME}"
	DS9PW_PASS="${PASSWORD}"

	DS9FW_FILE="firewall.user"
	DS9FW_CONTENT="#openvpn
	iptables -I FORWARD -i br-mesh -o tunff -j ACCEPT
	iptables -I FORWARD -i tunff -o br-mesh -j ACCEPT
	iptables -t nat -A POSTROUTING -o tunff -j MASQUERADE
	iptables -A INPUT -i tunff -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
	iptables -A INPUT -i tunff -j REJECT"


	DS9_OVERRIDE=""

	create_file() {
	if [[ -a "$1" ]]; then
	while [[ ! "${DS9_OVERRIDE}" =~ ^[Yy]$ ]] \|\| [[ ! "${DS9_OVERRIDE}" =~ ^[Nn]$ ]]; do
	echo "$1 already exists! Override? (Y/N)"
	read DS9_OVERRIDE
	done

	if [[ "${DS9_OVERRIDE}" =~ ^[Yy]$ ]]; then
	echo -e "$2" > "$1"
	else
	echo "have a nice day!"
	return 0;
	fi

	DS9_OVERRIDE=""
	else
	touch "$1"
	echo -e "$2" > "$1"
	DS9_OVERRIDE=""
	fi
	}

	create_file "${DS9CERT_FILE}" "${DS9CERT_CONTENT}"
	create_file "${DS9CONF_FILE}" "${DS9CONF_CONTENT}"

	if [[ $# -ne 2 ]]; then
	while [[ ! "${DS9PW_OK}" =~ ^[Yy]$ ]] \|\| [[ ! "${DS9PW_OK}" =~ ^[Nn]$ ]]; do
	echo "username:"
	read DS9PW_USER
	echo "password:"
	read DS9PW_PASS
	echo "use this credentials? (Y/N)"
	read DS9PW_OK
	done

	if [[ "${DS9PW_OK}" =~ ^[Yy]$ ]]; then
	create_file "${DS9PW_USER}" "${DS9PW_PASS}"
	break;
	else
	echo "have a nice day!"
	return 0;
	fi
	else
	create_file "${DS9PW_FILE}" "${1}\n${2}"
	fi

	uci set openvpn.custom_config.enable=1
	uci set openvpn.custom_config.config=/etc/openvpn/ds9.conf
	uci commit openvpn

	/etc/init.d/openvpn enable
	/etc/init.d/openvpn start

	echo "reboot..."

	reboot