OpenVPN Test Server Setup Script

build-ovpn-server.sh

#!/bin/sh
set -e

if [ "$#" -ne 1 ]; then
    echo "Need parameter for HOST IP/NAME."
fi

MY_HOST=$1

cd /etc/openvpn

# Generate shared-key files for 365 days
openssl dhparam -out dh.pem 1024
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out csr.pem -subj /CN=OpenVPN/
openssl x509 -req -in csr.pem -out cert.pem -signkey key.pem -days 365

# Generate tcp443.conf for server to use
cat >tcp443.conf <<EOF
server 172.29.255.0 255.255.255.128
duplicate-cn
key key.pem
ca cert.pem
cert cert.pem
dh dh.pem
keepalive 10 60
persist-key
persist-tun

proto tcp-server
port 443
dev tun443
EOF

# Generate udp1194.conf for server to use
cat >udp1194.conf <<EOF
server 172.29.255.128 255.255.255.128
duplicate-cn
key key.pem
ca cert.pem
cert cert.pem
dh dh.pem
keepalive 10 60
persist-key
persist-tun

proto udp
port 1194
dev tun1194
EOF

# Generate client.ovpn for client to use
cat >client.ovpn <<EOF
client
nobind
dev tun
redirect-gateway def1

<key>
`cat key.pem`
</key>
<cert>
`cat cert.pem`
</cert>
<ca>
`cat cert.pem`
</ca>
<dh>
`cat dh.pem`
</dh>

<connection>
remote $MY_HOST 1194 udp
</connection>

<connection>
remote $MY_HOST 443 tcp-client
</connection>
EOF