upd envs
This commit is contained in:
parent
3c1190be93
commit
a0d32eabf5
5 changed files with 8 additions and 6 deletions
5
.env
5
.env
|
@ -1,3 +1,4 @@
|
|||
OVPN_LISTEN_BASE_URL="/"
|
||||
OVPN_SERVER_NET="192.168.100.0"
|
||||
OVPN_SERVER_MASK="255.255.255.0"
|
||||
OVPN_NETWORK="192.168.100.0/24"
|
||||
|
@ -6,8 +7,6 @@ OVPN_CCD_PATH="/mnt/ccd"
|
|||
EASYRSA_PATH="/mnt/easyrsa"
|
||||
OVPN_INDEX_PATH="/mnt/easyrsa/pki/index.txt"
|
||||
OVPN_SERVER="127.0.0.1:7777:tcp"
|
||||
OVPN_AUTH="true"
|
||||
OVPN_AUTH_TFA="true"
|
||||
OVPN_PASSWD_AUTH="true"
|
||||
OVPN_AUTH="TOTP"
|
||||
OVPN_AUTH_DB_PATH="/mnt/easyrsa/pki/users.db"
|
||||
LOG_LEVEL="debug"
|
||||
|
|
|
@ -9,6 +9,7 @@ services:
|
|||
environment:
|
||||
OVPN_SERVER_NET: ${OVPN_SERVER_NET}
|
||||
OVPN_SERVER_MASK: ${OVPN_SERVER_MASK}
|
||||
OVPN_LISTEN_BASE_URL: ${OVPN_LISTEN_BASE_URL}
|
||||
OVPN_AUTH: ${OVPN_AUTH}
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
|
@ -30,6 +31,7 @@ services:
|
|||
EASYRSA_PATH: ${EASYRSA_PATH}
|
||||
OVPN_SERVER: ${OVPN_SERVER}
|
||||
OVPN_INDEX_PATH: ${OVPN_INDEX_PATH}
|
||||
OVPN_LISTEN_BASE_URL: ${OVPN_LISTEN_BASE_URL}
|
||||
OVPN_AUTH: ${OVPN_AUTH}
|
||||
OVPN_AUTH_DB_PATH: ${OVPN_AUTH_DB_PATH}
|
||||
LOG_LEVEL: ${LOG_LEVEL}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
source /etc/openvpn/scripts/.env
|
||||
PATH=$PATH:/usr/local/bin
|
||||
set -e
|
||||
|
||||
|
@ -7,7 +7,7 @@ auth_usr=$(head -1 $1)
|
|||
auth_secret=$(tail -1 $1)
|
||||
|
||||
if [ $common_name = $auth_usr ]; then
|
||||
curl -s --fail --data-raw 'username='${auth_usr} --data-raw 'token='${auth_secret} localhost:8080/api/auth/check
|
||||
curl -s --fail --data-raw 'username='${auth_usr} --data-raw 'token='${auth_secret} localhost:8080${OVPN_LISTEN_BASE_URL}api/auth/check
|
||||
else
|
||||
echo "$(date) Authorization for user $common_name failed"
|
||||
exit 1
|
||||
|
|
|
@ -43,6 +43,7 @@ cp -f /etc/openvpn/setup/openvpn.conf /etc/openvpn/openvpn.conf
|
|||
|
||||
if [ ${OVPN_AUTH} == "TOTP" ] || [ ${OVPN_AUTH} == "PASSWORD" ]; then
|
||||
mkdir -p /etc/openvpn/scripts/
|
||||
echo OVPN_LISTEN_BASE_URL=${OVPN_LISTEN_BASE_URL} > /etc/openvpn/scripts/.env
|
||||
cp -f /etc/openvpn/setup/auth.sh /etc/openvpn/scripts/auth.sh
|
||||
chmod +x /etc/openvpn/scripts/auth.sh
|
||||
echo "auth-user-pass-verify /etc/openvpn/scripts/auth.sh via-file" | tee -a /etc/openvpn/openvpn.conf
|
||||
|
|
Loading…
Reference in a new issue