openvpn 批量生成使用者指令碼
#/bin/bash
for user in "[email protected]"
do
echo "新增使用者:$user"
if [ -d "/etc/openvpn/client/$user" ]
then rm -rf /etc/openvpn/client/$user
rm -rf /etc/openvpn/easy-rsa/3.0.3/pki/reqs/$user.req
sed -i '/'"$user"'/d' /etc/openvpn/easy-rsa/3.0.3/pki/index.txt
fi
echo "生產證書"
cd /etc/openvpn/client/easy-rsa/3.0.3
./easyrsa init-pki
./easyrsa gen-req $user nopass
echo "簽約客戶端證書"
cd /etc/openvpn/easy-rsa/3.0.3/
./easyrsa import-req /etc/openvpn/client/easy-rsa/3.0.3/pki/reqs/$user.req $user
./easyrsa sign client $user
echo "整理證書"
mkdir -p /etc/openvpn/client/$user/
cp /etc/openvpn/easy-rsa/3.0.3/pki/ca.crt /etc/openvpn/client/$user/
cp /etc/openvpn/easy-rsa/3.0.3/pki/issued/$user.crt /etc/openvpn/client/$user/
cp /etc/openvpn/client/easy-rsa/3.0.3/pki/private/$user.key /etc/openvpn/client/$user/
cp /etc/openvpn/client/admin.ovpn /etc/openvpn/client/$user/$user.ovpn
sed -i 's/admin/'"$user"'/g' /etc/openvpn/client/$user/$user.ovpn
cd /etc/openvpn/client/$user/
zip -r $user.zip *
mv /etc/openvpn/client/$user/$user.zip ~
done