ykomatsu · November 30, 2015 05:04
diff --git a/generate-client-onc.sh b/generate-client-onc.sh
 #! /bin/sh

 _CA_CRT='/etc/openvpn/ca.crt'
 _TA_KEY='/etc/openvpn/ta.key'

 _CA_GUID="$(uuid)"
 _CA_X509="$(sudo awk 'ORS="";!/^-----/{print $0}' ${_CA_CRT})"
 _GUID="$(uuid)"
 _NAME='OpenVPN Playground'
 _OPENVPN_USER='user'
 _OPENVPN_PASSWORD='password'
 _SERVER_ADDRESS='example.org'
 _TLS_AUTH_CONTENTS="$(sudo awk 'ORS="";!/^#/{print $0 "\\n"}' ${_TA_KEY})"

 sh -c "cat << _EOF > client-onc.json
 {
  \"NetworkConfigurations\": [{
    \"GUID\": \"{${_GUID}}\",
    \"Name\": \"${_NAME}\",
    \"Type\": \"VPN\",
    \"VPN\": {
      \"Host\": \"${_SERVER_ADDRESS}\",
      \"Type\": \"OpenVPN\",
      \"OpenVPN\": {
        \"ClientCertPattern\": {
          \"IssuerCARef\": [\"{${_CA_GUID}}\"]
        },
        \"ClientCertType\": \"Pattern\",
        \"CompLZO\": \"true\",
        \"IgnoreDefaultRoute\": true,
        \"KeyDirection\": \"1\",
        \"Password\": \"${_OPENVPN_PASSWORD}\",
        \"ServerCARefs\": [\"{${_CA_GUID}}\"],
        \"TLSAuthContents\": \"${_TLS_AUTH_CONTENTS}\",
        \"UserAuthenticationType\": \"Password\",
        \"Username\": \"${_OPENVPN_USER}\"
      }
    }
  }],
  \"Certificates\": [{
    \"GUID\": \"{${_CA_GUID}}\",
    \"Type\": \"Authority\",
    \"X509\": \"${_CA_X509}\"
  }]
 }
 _EOF"
	#! /bin/sh

	_CA_CRT='/etc/openvpn/ca.crt'
	_TA_KEY='/etc/openvpn/ta.key'

	_CA_GUID="$(uuid)"
	_CA_X509="$(sudo awk 'ORS="";!/^-----/{print $0}' ${_CA_CRT})"
	_GUID="$(uuid)"
	_NAME='OpenVPN Playground'
	_OPENVPN_USER='user'
	_OPENVPN_PASSWORD='password'
	_SERVER_ADDRESS='example.org'
	_TLS_AUTH_CONTENTS="$(sudo awk 'ORS="";!/^#/{print $0 "\\n"}' ${_TA_KEY})"

	sh -c "cat << _EOF > client-onc.json
	{
	\"NetworkConfigurations\": [{
	\"GUID\": \"{${_GUID}}\",
	\"Name\": \"${_NAME}\",
	\"Type\": \"VPN\",
	\"VPN\": {
	\"Host\": \"${_SERVER_ADDRESS}\",
	\"Type\": \"OpenVPN\",
	\"OpenVPN\": {
	\"ClientCertPattern\": {
	\"IssuerCARef\": [\"{${_CA_GUID}}\"]
	},
	\"ClientCertType\": \"Pattern\",
	\"CompLZO\": \"true\",
	\"IgnoreDefaultRoute\": true,
	\"KeyDirection\": \"1\",
	\"Password\": \"${_OPENVPN_PASSWORD}\",
	\"ServerCARefs\": [\"{${_CA_GUID}}\"],
	\"TLSAuthContents\": \"${_TLS_AUTH_CONTENTS}\",
	\"UserAuthenticationType\": \"Password\",
	\"Username\": \"${_OPENVPN_USER}\"
	}
	}
	}],
	\"Certificates\": [{
	\"GUID\": \"{${_CA_GUID}}\",
	\"Type\": \"Authority\",
	\"X509\": \"${_CA_X509}\"
	}]
	}
	_EOF"