From fdb474235a8ce7fd0d5cc9fd74e5c880eb2093e6 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 17 Aug 2019 00:02:11 +0200 Subject: openvpn: T1548: add op-mode command for key generation --- op-mode-definitions/openvpn.xml | 48 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 op-mode-definitions/openvpn.xml (limited to 'op-mode-definitions') diff --git a/op-mode-definitions/openvpn.xml b/op-mode-definitions/openvpn.xml new file mode 100644 index 000000000..44f8e01e9 --- /dev/null +++ b/op-mode-definitions/openvpn.xml @@ -0,0 +1,48 @@ + + + + + + + OpenVPN key generation tool + + + + + Generate shared-secret key with specified file name + + <filename> + + + + result=1; + key_path=$4 + full_path= + + # Prepend /config/auth if the path is not absolute + if echo $key_path | egrep -ve '^/.*' > /dev/null; then + full_path=/config/auth/$key_path + else + full_path=$key_path + fi + + key_dir=`dirname $full_path` + if [ ! -d $key_dir ]; then + echo "Directory $key_dir does not exist!" + exit 1 + fi + + echo "Generating OpenVPN key to $full_path" + sudo /usr/sbin/openvpn --genkey --secret "$full_path" + result=$? + if [ $result = 0 ]; then + echo "Your new local OpenVPN key has been generated" + fi + /usr/libexec/vyos/validators/file-exists --directory /config/auth "$full_path" + + + + + + + -- cgit v1.2.3