1
0
Fork 0
mirror of synced 2024-12-19 12:41:10 -05:00
This commit is contained in:
Sprait 2023-10-10 15:20:40 +00:00
parent 3c1190be93
commit a0d32eabf5
5 changed files with 8 additions and 6 deletions

5
.env
View file

@ -1,3 +1,4 @@
OVPN_LISTEN_BASE_URL="/"
OVPN_SERVER_NET="192.168.100.0"
OVPN_SERVER_MASK="255.255.255.0"
OVPN_NETWORK="192.168.100.0/24"
@ -6,8 +7,6 @@ OVPN_CCD_PATH="/mnt/ccd"
EASYRSA_PATH="/mnt/easyrsa"
OVPN_INDEX_PATH="/mnt/easyrsa/pki/index.txt"
OVPN_SERVER="127.0.0.1:7777:tcp"
OVPN_AUTH="true"
OVPN_AUTH_TFA="true"
OVPN_PASSWD_AUTH="true"
OVPN_AUTH="TOTP"
OVPN_AUTH_DB_PATH="/mnt/easyrsa/pki/users.db"
LOG_LEVEL="debug"

View file

@ -9,6 +9,7 @@ services:
environment:
OVPN_SERVER_NET: ${OVPN_SERVER_NET}
OVPN_SERVER_MASK: ${OVPN_SERVER_MASK}
OVPN_LISTEN_BASE_URL: ${OVPN_LISTEN_BASE_URL}
OVPN_AUTH: ${OVPN_AUTH}
cap_add:
- NET_ADMIN
@ -30,6 +31,7 @@ services:
EASYRSA_PATH: ${EASYRSA_PATH}
OVPN_SERVER: ${OVPN_SERVER}
OVPN_INDEX_PATH: ${OVPN_INDEX_PATH}
OVPN_LISTEN_BASE_URL: ${OVPN_LISTEN_BASE_URL}
OVPN_AUTH: ${OVPN_AUTH}
OVPN_AUTH_DB_PATH: ${OVPN_AUTH_DB_PATH}
LOG_LEVEL: ${LOG_LEVEL}

View file

@ -1,5 +1,5 @@
#!/usr/bin/env sh
source /etc/openvpn/scripts/.env
PATH=$PATH:/usr/local/bin
set -e
@ -7,7 +7,7 @@ auth_usr=$(head -1 $1)
auth_secret=$(tail -1 $1)
if [ $common_name = $auth_usr ]; then
curl -s --fail --data-raw 'username='${auth_usr} --data-raw 'token='${auth_secret} localhost:8080/api/auth/check
curl -s --fail --data-raw 'username='${auth_usr} --data-raw 'token='${auth_secret} localhost:8080${OVPN_LISTEN_BASE_URL}api/auth/check
else
echo "$(date) Authorization for user $common_name failed"
exit 1

View file

@ -43,6 +43,7 @@ cp -f /etc/openvpn/setup/openvpn.conf /etc/openvpn/openvpn.conf
if [ ${OVPN_AUTH} == "TOTP" ] || [ ${OVPN_AUTH} == "PASSWORD" ]; then
mkdir -p /etc/openvpn/scripts/
echo OVPN_LISTEN_BASE_URL=${OVPN_LISTEN_BASE_URL} > /etc/openvpn/scripts/.env
cp -f /etc/openvpn/setup/auth.sh /etc/openvpn/scripts/auth.sh
chmod +x /etc/openvpn/scripts/auth.sh
echo "auth-user-pass-verify /etc/openvpn/scripts/auth.sh via-file" | tee -a /etc/openvpn/openvpn.conf