AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

removed crl-verify from client config

Browse source 
- specified full path to crl in server config
- added crl generation when setting up a container
This commit is contained in:
vladimir.kuznetsov 2023-04-21 07:44:35 +03:00
parent 97e322ba22
commit f5057dfac4
9 changed files with 12 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
client/server_scripts/openvpn/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

5
client/server_scripts/openvpn/run_container.sh
View file

@ -21,5 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH

2
client/server_scripts/openvpn_cloak/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

4
client/server_scripts/openvpn_cloak/run_container.sh
View file

@ -21,4 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn_cloak/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH

2
client/server_scripts/openvpn_shadowsocks/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

4
client/server_scripts/openvpn_shadowsocks/run_container.sh
View file

@ -21,4 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn_shadowsocks/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH