Skip to content

Commit 97f8677

Browse files
kylemannakylemanna
authored
Merge pull request #160 from slamont/master
Add multiple extra config option
2 parents a17dfd7 + ac3cb44 commit 97f8677

File tree

2 files changed

+104
-18
lines changed

2 files changed

+104
-18
lines changed

bin/ovpn_genconfig

Lines changed: 78 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,50 @@
44
# Generate OpenVPN configs
55
#
66

7+
TMP_EXTRA_CONFIGFILE=$(mktemp -t vpn_extra.XXXXXXX)
8+
9+
#Traceback on Error and Exit come from https://docwhat.org/tracebacks-in-bash/
10+
set -eu
11+
12+
_showed_traceback=f
13+
14+
traceback() {
15+
# Hide the traceback() call.
16+
local -i start=$(( ${1:-0} + 1 ))
17+
local -i end=${#BASH_SOURCE[@]}
18+
local -i i=0
19+
local -i j=0
20+
21+
echo "Traceback (last called is first):" 1>&2
22+
for ((i=${start}; i < ${end}; i++)); do
23+
j=$(( $i - 1 ))
24+
local function="${FUNCNAME[$i]}"
25+
local file="${BASH_SOURCE[$i]}"
26+
local line="${BASH_LINENO[$j]}"
27+
echo " ${function}() in ${file}:${line}" 1>&2
28+
done
29+
}
30+
31+
on_error() {
32+
local _ec="$?"
33+
local _cmd="${BASH_COMMAND:-unknown}"
34+
traceback 1
35+
_showed_traceback=t
36+
echo "The command ${_cmd} exited with exit code ${_ec}." 1>&2
37+
}
38+
trap on_error ERR
39+
40+
41+
on_exit() {
42+
echo "Cleaning up before Exit ..."
43+
rm -f $TMP_EXTRA_CONFIGFILE
44+
local _ec="$?"
45+
if [[ $_ec != 0 && "${_showed_traceback}" != t ]]; then
46+
traceback 1
47+
fi
48+
}
49+
trap on_exit EXIT
50+
751
# Convert 1.2.3.4/24 -> 255.255.255.0
852
cidr2mask()
953
{
@@ -55,13 +99,28 @@ usage() {
5599
echo " -z Enable comp-lzo compression."
56100
}
57101

58-
if [ "$DEBUG" == "1" ]; then
102+
process_extra_config() {
103+
local ovpn_extra_config=''
104+
ovpn_extra_config="$1"
105+
echo "Processing Extra Config: '${ovpn_extra_config}'"
106+
[ -n "$ovpn_extra_config" ] && echo "$ovpn_extra_config" >> "$TMP_EXTRA_CONFIGFILE"
107+
108+
}
109+
110+
if [ "${DEBUG:-}" == "1" ]; then
59111
set -x
60112
fi
61113

62114
set -e
63115

64-
OVPN_ENV=$OPENVPN/ovpn_env.sh
116+
if [ -z "${OPENVPN:-}" ]; then
117+
export OPENVPN="$PWD"
118+
fi
119+
if [ -z "${EASYRSA_PKI:-}" ]; then
120+
export EASYRSA_PKI="$OPENVPN/pki"
121+
fi
122+
123+
OVPN_ENV=${OPENVPN}/ovpn_env.sh
65124
OVPN_SERVER=192.168.255.0/24
66125
OVPN_DEFROUTE=1
67126
OVPN_NAT=0
@@ -89,7 +148,7 @@ while getopts ":a:e:C:T:r:s:du:cp:n:DNmf:tz2" opt; do
89148
OVPN_AUTH="$OPTARG"
90149
;;
91150
e)
92-
OVPN_EXTRA_CONFIG="$OPTARG"
151+
process_extra_config "$OPTARG"
93152
;;
94153
C)
95154
OVPN_CIPHER="$OPTARG"
@@ -155,7 +214,7 @@ while getopts ":a:e:C:T:r:s:du:cp:n:DNmf:tz2" opt; do
155214
done
156215

157216
# Create ccd directory for static routes
158-
[ ! -d "$OPENVPN/ccd" ] && mkdir -p $OPENVPN/ccd
217+
[ ! -d "${OPENVPN:-}/ccd" ] && mkdir -p ${OPENVPN:-}/ccd
159218

160219
# if new routes were not defined with -r, use default
161220
[ ${#TMP_ROUTES[@]} -gt 0 ] && OVPN_ROUTES=("${TMP_ROUTES[@]}")
@@ -199,7 +258,7 @@ if [ -f "$OVPN_ENV" ]; then
199258
fi
200259
export | grep OVPN_ > "$OVPN_ENV"
201260

202-
conf=$OPENVPN/openvpn.conf
261+
conf=${OPENVPN:-}/openvpn.conf
203262
if [ -f "$conf" ]; then
204263
bak=$conf.$(date +%s).bak
205264
echo "Backing up $conf -> $bak"
@@ -234,12 +293,10 @@ EOF
234293
[ -n "$OVPN_CIPHER" ] && echo "cipher $OVPN_CIPHER" >> "$conf"
235294
[ -n "$OVPN_AUTH" ] && echo "auth $OVPN_AUTH" >> "$conf"
236295

237-
[ -n "$OVPN_CLIENT_TO_CLIENT" ] && echo "client-to-client" >> "$conf"
238-
[ -n "$OVPN_COMP_LZO" ] && echo "comp-lzo" >> "$conf"
239-
240-
[ -n "$OVPN_FRAGMENT" ] && echo "fragment $OVPN_FRAGMENT" >> "$conf"
296+
[ -n "${OVPN_CLIENT_TO_CLIENT:-}" ] && echo "client-to-client" >> "$conf"
297+
[ -n "${OVPN_COMP_LZO:-}" ] && echo "comp-lzo" >> "$conf"
241298

242-
[ -n "$OVPN_EXTRA_CONFIG" ] && echo "$OVPN_EXTRA_CONFIG" >> "$conf"
299+
[ -n "${OVPN_FRAGMENT:-}" ] && echo "fragment $OVPN_FRAGMENT" >> "$conf"
243300

244301
[ "$OVPN_DNS" == "1" ] && for i in "${OVPN_DNS_SERVERS[@]}"; do
245302
echo "push dhcp-option DNS $i" >> "$conf"
@@ -252,24 +309,29 @@ for i in "${OVPN_ROUTES[@]}"; do
252309
done
253310

254311
# Append push commands
255-
for i in "${OVPN_PUSH[@]}"; do
312+
if [ ! -z ${OVPN_PUSH[@]:-} ];then
313+
echo "${OVPN_PUSH}"
314+
for i in "${OVPN_PUSH[@]}"; do
256315
echo push \"$i\" >> "$conf"
257-
done
258-
316+
done
317+
fi
259318
# Optional OTP authentication support
260-
if [ -n "$OVPN_OTP_AUTH" ]; then
319+
if [ -n "${OVPN_OTP_AUTH:-}" ]; then
261320
echo -e "\n\n# Enable OTP+PAM for user authentication" >> "$conf"
262321
echo "plugin /usr/lib/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn" >> "$conf"
263322
fi
264323

324+
echo -e "\n### Extra Configurations Below" >> "$conf"
325+
cat $TMP_EXTRA_CONFIGFILE >> "$conf"
326+
265327
set +e
266328

267329
# Clean-up duplicate configs
268-
if diff -q "$bak_env" "$OVPN_ENV" 2>/dev/null; then
330+
if diff -q "${bak_env:-}" "$OVPN_ENV" 2>/dev/null; then
269331
echo "Removing duplicate back-up: $bak_env"
270332
rm -fv "$bak_env"
271333
fi
272-
if diff -q "$bak" "$conf" 2>/dev/null; then
334+
if diff -q "${bak:-}" "$conf" 2>/dev/null; then
273335
echo "Removing duplicate back-up: $bak"
274336
rm -fv "$bak"
275337
fi

test/tests/conf_options/container.sh

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,13 +7,13 @@ abort() { cat <<< "$@" 1>&2; exit 1; }
77
#
88
# Generate openvpn.config file
99
#
10-
read -d '' EXTRA_SERVER_CONF << EOF
10+
read -d '' MULTILINE_EXTRA_SERVER_CONF << EOF
1111
management localhost 7505
1212
max-clients 10
1313
EOF
1414

1515
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
16-
ovpn_genconfig -u udp://$SERV_IP -f 1400 -e "$EXTRA_SERVER_CONF"
16+
ovpn_genconfig -u udp://$SERV_IP -f 1400 -e "$MULTILINE_EXTRA_SERVER_CONF" -e "duplicate-cn" -e "topology subnet"
1717

1818
#
1919
# grep for config lines from openvpn.conf
@@ -28,6 +28,7 @@ CONFIG_MATCH_VERB=$(busybox grep verb /etc/openvpn/openvpn.conf)
2828
CONFIG_REQUIRED_FRAGMENT="fragment 1400"
2929
CONFIG_MATCH_FRAGMENT=$(busybox grep fragment /etc/openvpn/openvpn.conf)
3030

31+
## Tests for extra configs
3132
# 3. management config
3233
CONFIG_REQUIRED_MANAGEMENT="^management localhost 7505"
3334
CONFIG_MATCH_MANAGEMENT=$(busybox grep management /etc/openvpn/openvpn.conf)
@@ -36,6 +37,14 @@ CONFIG_MATCH_MANAGEMENT=$(busybox grep management /etc/openvpn/openvpn.conf)
3637
CONFIG_REQUIRED_MAX_CLIENTS="^max-clients 10"
3738
CONFIG_MATCH_MAX_CLIENTS=$(busybox grep max-clients /etc/openvpn/openvpn.conf)
3839

40+
# 5. duplicate-cn config
41+
CONFIG_REQUIRED_DUPCN="^duplicate-cn"
42+
CONFIG_MATCH_DUPCN=$(busybox grep duplicate-cn /etc/openvpn/openvpn.conf)
43+
44+
# 6. topology config
45+
CONFIG_REQUIRED_TOPOLOGY="^topology subnet"
46+
CONFIG_MATCH_TOPOLOGY=$(busybox grep 'topology subnet' /etc/openvpn/openvpn.conf)
47+
3948
#
4049
# Tests
4150
#
@@ -61,9 +70,24 @@ else
6170
abort "==> Config match not found: $CONFIG_REQUIRED_MANAGEMENT != $CONFIG_MATCH_MANAGEMENT"
6271
fi
6372

73+
6474
if [[ $CONFIG_MATCH_MAX_CLIENTS =~ $CONFIG_REQUIRED_MAX_CLIENTS ]]
6575
then
6676
echo "==> Config match found: $CONFIG_REQUIRED_MAX_CLIENTS == $CONFIG_MATCH_MAX_CLIENTS"
6777
else
6878
abort "==> Config match not found: $CONFIG_REQUIRED_MAX_CLIENTS != $CONFIG_MATCH_MAX_CLIENTS"
6979
fi
80+
81+
if [[ $CONFIG_MATCH_DUPCN =~ $CONFIG_REQUIRED_DUPCN ]]
82+
then
83+
echo "==> Config match found: $CONFIG_REQUIRED_DUPCN == $CONFIG_MATCH_DUPCN"
84+
else
85+
abort "==> Config match not found: $CONFIG_REQUIRED_DUPCN != $CONFIG_MATCH_DUPCN"
86+
fi
87+
88+
if [[ $CONFIG_MATCH_TOPOLOGY =~ $CONFIG_REQUIRED_TOPOLOGY ]]
89+
then
90+
echo "==> Config match found: $CONFIG_REQUIRED_TOPOLOGY == $CONFIG_MATCH_TOPOLOGY"
91+
else
92+
abort "==> Config match not found: $CONFIG_REQUIRED_TOPOLOGY != $CONFIG_MATCH_TOPOLOGY"
93+
fi

0 commit comments

Comments
 (0)