forked from conlon/pia-openvpn
-
Notifications
You must be signed in to change notification settings - Fork 0
/
openvpn.sh
executable file
·39 lines (28 loc) · 1.05 KB
/
openvpn.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/bin/bash
#set -e -u -o pipefail
[ ! -z $STRONG_ENCRYPT ] && path="pia-strong" || path="pia-standard"
echo "Using $path settings for $REGION"
if [ -n "$REGION" ]; then
# eliminate issues with whitespace in filenames
cp -p "${path}/${REGION}.ovpn" "config.ovpn"
set -- "$@" '--config' "config.ovpn"
fi
sed -i "s/aes-128-cbc/aes-128-gcm/gI" config.ovpn
sed -i "s/^auth\s.*//gI" config.ovpn
echo "ncp-disable" >> config.ovpn
cp -p ${path}/*.crt ${path}/*.pem .
if [ -n "${USERNAME-}" ]&& [ -n "${PASSWORD-}" ] ; then
echo "USERNAME is set and is not empty"
echo "$USERNAME" > /etc/openvpn/auth.conf
echo "$PASSWORD" >> /etc/openvpn/auth.conf
set -- "$@" '--auth-user-pass' 'auth.conf' '--auth-nocache'
else
echo "USERNAME is not set"
set -- "$@" '--auth-user-pass' 'auth.conf' '--auth-nocache'
fi
if [ -n "${LOCAL_NETWORK:-}" ] ; then
ip route add `ip route | sed -n "/^default/ s#default#$LOCAL_NETWORK#p"`
fi
# Add up script
set -- "$@" '--script-security' '2' '--up' '/etc/openvpn/up.sh' '--down' '/etc/openvpn/down.sh'
openvpn "$@"