Updated vpn.in (initialization fixes, automatic crl regeneration).

diff --git a/sources/vpn.usr/firstboot/90_setupservices.sh b/sources/vpn.usr/firstboot/90_setupservices.sh
new file mode 100755 (executable)
index 0000000..31d33da
--- /dev/null
+++ b/sources/vpn.usr/firstboot/90_setupservices.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/sh
+
+
+systemctl enable openvpn-server@server.service
+systemctl start openvpn-server@server.service
+systemctl enable NetworkManager-wait-online.service
+systemctl start NetworkManager-wait-online.service
+
+systemctl enable logrotate.timer
+systemctl start logrotate.timer

diff --git a/sources/vpn.usr/postinstall/01_setownership.sh b/sources/vpn.usr/postinstall/01_setownership.sh
index f2e6b94f8abd27b8fae0ec0fbfe2f4e9e9d9250c..1f084208916985a963763be454fccf8baf7b2fe3 100755 (executable)
--- a/sources/vpn.usr/postinstall/01_setownership.sh
+++ b/sources/vpn.usr/postinstall/01_setownership.sh
@@ -5,3 +5,6 @@ REAL_PATH=$(dirname $(realpath $0))
 SOURCE_PATH=$REAL_PATH/install
 
 chown -R root.root $SOURCE_PATH/*
+
+chgrp openvpn $SOURCE_PATH/etc/openvpn/client
+chgrp openvpn $SOURCE_PATH/etc/openvpn/server

diff --git a/sources/vpn.usr/postinstall/02_setpermissions.sh b/sources/vpn.usr/postinstall/02_setpermissions.sh
index 241386a64107da58df7f18a6a0186df03ac340d5..9730c3722eb6ec162b42b76cfd665cdee5a860f8 100755 (executable)
--- a/sources/vpn.usr/postinstall/02_setpermissions.sh
+++ b/sources/vpn.usr/postinstall/02_setpermissions.sh
@@ -3,3 +3,7 @@
 
 REAL_PATH=$(dirname $(realpath $0))
 SOURCE_PATH=$REAL_PATH/install
+
+chmod 755 $SOURCE_PATH/etc/cron.monthly/vpn
+chmod 750 $SOURCE_PATH/etc/openvpn/client
+chmod 750 $SOURCE_PATH/etc/openvpn/server

diff --git a/sources/vpn.usr/postinstall/10_setupservices.sh b/sources/vpn.usr/postinstall/10_setupservices.sh
index 7b6a56c672deb379e05c383802cac4b6174d63af..15d794429408e60c8ebd4615beef850bac78868f 100755 (executable)
--- a/sources/vpn.usr/postinstall/10_setupservices.sh
+++ b/sources/vpn.usr/postinstall/10_setupservices.sh
@@ -1,7 +1,6 @@
 #!/bin/sh
 
 
-systemctl enable openvpn-server@server.service
-systemctl enable NetworkManager-wait-online.service
+systemctl disable NetworkManager-wait-online.service
 
-systemctl enable logrotate.timer
+systemctl disable logrotate.timer

diff --git a/sources/vpn.usr/postinstall/20_setupvpn.sh b/sources/vpn.usr/postinstall/20_setupvpn.sh
new file mode 100755 (executable)
index 0000000..8e55c48
--- /dev/null
+++ b/sources/vpn.usr/postinstall/20_setupvpn.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/sh
+
+
+/etc/openvpn/server/easy-rsa/easyrsa --pki-dir=/etc/openvpn/server/easy-rsa/pki gen-crl

diff --git a/sources/vpn.usr/postinstall/install/etc/cron.monthly/vpn b/sources/vpn.usr/postinstall/install/etc/cron.monthly/vpn
new file mode 100644 (file)
index 0000000..c1008df
--- /dev/null
+++ b/sources/vpn.usr/postinstall/install/etc/cron.monthly/vpn
@@ -0,0 +1,5 @@
+#!/usr/bin/sh
+
+
+/etc/openvpn/server/easy-rsa/easyrsa --pki-dir=/etc/openvpn/server/easy-rsa/pki gen-crl
+/usr/bin/systemctl restart openvpn-server@server

diff --git a/sources/vpn.usr/postinstall/install/etc/hosts b/sources/vpn.usr/postinstall/install/etc/hosts
deleted file mode 100644 (file)
index 219e747..0000000
--- a/sources/vpn.usr/postinstall/install/etc/hosts
+++ /dev/null
@@ -1,4 +0,0 @@
-127.0.0.1      localhost.localdomain localhost localhost4.localdomain4 localhost4
-::1            localhost6.localdomain6 localhost6
-
-10.228.109.236 vpn.usr.user.hu vpn