Merge pull request #763 from holta/openvpn

Minor refactor of {iiab-vpn, iiab-remote-off, iiab-remote-on} for readability
2025-03-09 15:40:17 +00:00 · 2018-04-29 02:59:45 -04:00 · 2018-04-29 02:59:45 -04:00 · 88c850303c
commit 88c850303c
parent 54c9a0e837 79a362ace3
3 changed files with 69 additions and 70 deletions
--- a/roles/openvpn/templates/iiab-remote-off
+++ b/roles/openvpn/templates/iiab-remote-off
@ -4,7 +4,7 @@
 # do nothing if it is not installed
 which openvpn
 if [ $? -ne 0 ]; then
-   echo Cannot find the openvpn program.
+    echo Cannot find the OpenVPN program (openvpn).
    exit 1
 fi
 systemctl disable openvpn@xscenet.service
@ -13,7 +13,7 @@ systemctl stop openvpn@xscenet.service
 sleep 5
 ps -e|grep vpn
 if [ $? -eq 0 ]; then
-  echo Openvpn failed to stop.
+    echo OpenVPN failed to stop.
 else
-  echo Successfully stopped and disabled Openvpn
+    echo Successfully stopped and disabled OpenVPN.
 fi
--- a/roles/openvpn/templates/iiab-remote-on
+++ b/roles/openvpn/templates/iiab-remote-on
@ -4,7 +4,7 @@
 # do nothing if it is not installed
 which openvpn
 if [ $? -ne 0 ]; then
-   echo Cannot find the openvpn program.
+    echo Cannot find the OpenVPN program (openvpn).
    exit 1
 fi
 systemctl enable openvpn@xscenet.service
@ -13,7 +13,7 @@ systemctl start openvpn@xscenet.service
 sleep 5
 ping -c 2 10.8.0.1
 if [ $? -eq 0 ]; then
-  echo Openvpn successfully started.
+    echo OpenVPN successfully started.
 else
-  echo Openvpn failed to contact remote server.
+    echo OpenVPN failed to contact remote server.
 fi
--- a/roles/openvpn/templates/iiab-vpn
+++ b/roles/openvpn/templates/iiab-vpn
@ -1,5 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 # script to manage openvpn
 if [ ! -f "/etc/openvpn/iiab-vpn.conf" ]; then
    VPNCONFIG='party-line.conf'
    VPNIP={{ openvpn_server_virtual_ip }}
@ -15,25 +16,24 @@ if [ "$(id -u)" != "0" ]; then
 fi
 case $1 in
-"stop" | "no" | "off")
+    "stop" | "no" | "off")
        killall openvpn
        exit 0
        ;;
-"status")
+    "status")
        pid=`ps -e|grep openvpn`
        if [ -z "$pid" ]; then
-        echo "The openvpn process is not running"
+            echo "The OpenVPN process is not running"
        else
-        echo "Openvpn is running with id $pid"
+            echo "OpenVPN is running with id $pid"
            ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'`
            echo "Local vpn tunnel address is $ip"
        fi
        exit 0
        ;;
 esac
-# we'd like for passwords authentication to be turned off
+# we'd like for password authentication to be turned off
 grep -e^PasswordAuthentication.*[Yy]es /etc/ssh/sshd_config
 PASSWORDS_ENABLED=$?
@ -41,8 +41,7 @@ if [ $PASSWORDS_ENABLED -eq 0 ];then
    case $1 in
        "test" | "unsafe") ;;
        *)
-
+            echo "OpenVPN is only safe when public/private keys are used"
 		echo "Openvpn is only safe when public/private keys are used"
            echo " And when passwords are turned off in /etc/ssh/sshd_conf"
            exit 1
    esac
@ -58,8 +57,8 @@ else
 fi
 case $cmd in
-"test" | "unsafe" )
+    "test" | "unsafe" )
-# load TUN/TAP kernel module
+        # load TUN/TAP kernel module
        modprobe tun
        # make sure the wan is functioning
@ -77,7 +76,7 @@ case $cmd in
            echo "Stopping any openvpn instance"
            killall openvpn
            sleep 10
-		echo "Starting openvpn and waiting 10 seconds for daemon to become ready"
+            echo "Starting OpenVPN and waiting 10 seconds for daemon to become ready"
            openvpn --cd $dir --daemon --config $VPNCONFIG
        fi
        sleep 10