Update iiab-vpn

roles/openvpn/templates/iiab-vpn

@@ -1,11 +1,12 @@
-#!/bin/sh
+#!/bin/bash
 # script to manage openvpn
+
 if [ ! -f "/etc/openvpn/iiab-vpn.conf" ]; then
-  VPNCONFIG='party-line.conf'
+    VPNCONFIG='party-line.conf'
-  VPNIP={{ openvpn_server_virtual_ip }}
+    VPNIP=10.8.0.1
 else
-  # expect the sourced file to set the above variables
+    # expect the sourced file to set the above variables
-  source /etc/openvpn/iiab-vpn.conf
+    source /etc/openvpn/iiab-vpn.conf
 fi
 
 # we'd like the user of this script to have root privilege
@@ -15,22 +16,21 @@ if [ "$(id -u)" != "0" ]; then
 fi
 
 case $1 in
-"stop" | "no" | "off")
+    "stop" | "no" | "off")
-    killall openvpn
+        killall openvpn
-    exit 0
+        exit 0
-    ;;
+        ;;
-"status")
+    "status")
-    pid=`ps -e|grep openvpn`
+        pid=`ps -e|grep openvpn`
-    if [ -z "$pid" ]; then
+        if [ -z "$pid" ]; then
-        echo "The openvpn process is not running"
+            echo "The openvpn process is not running"
-    else
+        else
-        echo "Openvpn is running with id $pid"
+            echo "Openvpn is running with id $pid"
-        ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'`
+            ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'`
-        echo "Local vpn tunnel address is $ip"
+            echo "Local vpn tunnel address is $ip"
-    fi
+        fi
-    exit 0
+        exit 0
-    ;;
+        ;;
-    
 esac
 
 # we'd like for passwords authentication to be turned off
@@ -38,56 +38,55 @@ grep -e^PasswordAuthentication.*[Yy]es /etc/ssh/sshd_config
 PASSWORDS_ENABLED=$?
 
 if [ $PASSWORDS_ENABLED -eq 0 ];then
-	case $1 in
+    case $1 in
-    "test" | "unsafe") ;;
+        "test" | "unsafe") ;;
-    *)
+        *)
-
+            echo "Openvpn is only safe when public/private keys are used"
-		echo "Openvpn is only safe when public/private keys are used"
+            echo " And when passwords are turned off in /etc/ssh/sshd_conf"
-		echo " And when passwords are turned off in /etc/ssh/sshd_conf"
+            exit 1
-		exit 1
+    esac
-  esac
 fi
 
 # openvpn config file directory
 dir=/etc/openvpn
 
 if [ $# -eq 0 ]; then
-  cmd="test"
+    cmd="test"
 else
-  cmd=$1
+    cmd=$1
 fi
 
 case $cmd in
-"test" | "unsafe" )
+    "test" | "unsafe" )
-# load TUN/TAP kernel module
+        # load TUN/TAP kernel module
-    modprobe tun
+        modprobe tun
 
-	# make sure the wan is functioning
+        # make sure the wan is functioning
-	# 8.8.8.8 is one of google's dns servers
+        # 8.8.8.8 is one of google's dns servers
-	ping -c 3 -i 3 8.8.8.8
+        ping -c 3 -i 3 8.8.8.8
-	if [ $? -ne 0 ]; then
+        if [ $? -ne 0 ]; then
-		echo "internet is not available, tunnel not possible"
+            echo "internet is not available, tunnel not possible"
-		exit 1
+            exit 1
-	fi
+        fi
 
-	# check the vpn tunnel
+        # check the vpn tunnel
-	ping -c 5 -i 5 "$VPNIP"
+        ping -c 5 -i 5 "$VPNIP"
-	# a zero return means the tunnel is up
+        # a zero return means the tunnel is up
-	if [ $? -ne "0" ]; then
+        if [ $? -ne "0" ]; then
-		echo "Stopping any openvpn instance"
+            echo "Stopping any openvpn instance"
-		killall openvpn
+            killall openvpn
-		sleep 10
+            sleep 10
-		echo "Starting openvpn and waiting 10 seconds for daemon to become ready"
+            echo "Starting openvpn and waiting 10 seconds for daemon to become r
-    		openvpn --cd $dir --daemon --config $VPNCONFIG
+eady"
-	fi
+            openvpn --cd $dir --daemon --config $VPNCONFIG
-	sleep 10 
+        fi
-	echo "Testing VPN connection"
+        sleep 10
-	ping -c 4 -i 4 "$VPNIP"
+        echo "Testing VPN connection"
-	if [ $? -eq 0 ]; then
+        ping -c 4 -i 4 "$VPNIP"
-		echo "vpn tunnel established"
+        if [ $? -eq 0 ]; then
-	else
+            echo "vpn tunnel established"
-		echo "vpn connection failed"
+        else
-	fi
+            echo "vpn connection failed"
-
+        fi
-    ;;
+        ;;
 esac