Is there a windows script to 1 command create new user ?

Scripts to manage certificates or generate config files
Post Reply
xh43k
OpenVpn Newbie
Posts: 19
Joined: Tue Jun 09, 2020 8:55 pm

Is there a windows script to 1 command create new user ?

Post by xh43k » Tue Jun 09, 2020 11:41 pm

Looking for some script that would simply use build-key and only ask for name.. then put all generated data inline in to .ovpn file ?

Is there something like that actually working ? I found several outdated scripts on github that I dont trust tbh.

Trying to make my life easier creating new users..


xh43k
OpenVpn Newbie
Posts: 19
Joined: Tue Jun 09, 2020 8:55 pm

Re: Is there a windows script to 1 command create new user ?

Post by xh43k » Wed Jun 10, 2020 7:13 am

TinCanTech wrote:
Wed Jun 10, 2020 12:00 am
Look harder:
https://github.com/OpenVPN/easy-rsa
This one has removed the inline feature
TinCanTech wrote:
Wed Jun 10, 2020 12:00 am
Look harder:
https://github.com/TinCanTech/easy-tls
That's not windows bat files.. but bash scripts


So I looked really hard.

Edit: I'm apparently stupid, after deep dive I found out that the easyrsa3 can run bash scripts since it creates environment for it..

Anyway, there is missing some simply guide on how to actually use easy-tls, like how to create a new ovpn file with new inline certs.. how to set up a default ovpn file where these will be filled etc..

And every single time I actually try to test something I get an error "OpenVPN not found: openvpn"
Ofc I could use the command to define it, but how the hell do I define it so I dont have to do it manually ?

Edit2: Solved it by putting this in to vars...

Code: Select all

set_var EASYTLS_OPENVPN "C:/Program Files/OpenVPN/bin/openvpn.exe"

Soooo, I am just tired today since I was up until 2 AM and I need some simplistic answer...

Until now I used build-key command from openvpn easyrsa folder to generate keys for new users and I put them all in to also generated ovpn file inline manually.

HOW can easy-tls do this automatically ? Please some simple guide.

I managed to create inline file from already created files by easyrsa with command inline-tls-auth, however, it contains absolutely no info about server therefore it's not ready ovpn file.. do I still have to manually copy the data there or how does it actually work ?

So far it would seem that I always have to:
1. Create new client using "easyrsa build-client-full xxxxxx nopass"
2. Create inline file using "easytls inline-tls-auth xxxxxx x"
3. Open my default .ovpn file and copy/paste inline data there.

Is that correct ?

Thank you.

Last edit: I helped myself, created 2 scripts, one for adding user, one for removal.. feel free to use, very simple and dumb scripts:

add (you have to create your own _default.ovpn file, where all settings you need will be present.. ofc except certificates setup which is done inline by easytls)

Code: Select all

#!/bin/sh
# This script creates a new user for OpenVPN server.

if [ ! -z $1 ];
then

easyrsa build-client-full $1 nopass

easytls inline-tls-auth $1 1

cp pki/_default.ovpn pki/ovpn/$1.ovpn

cat pki/easytls/$1.inline >> pki/ovpn/$1.ovpn

else
	echo "User undefined"
	exit 0
fi
del

Code: Select all

#!/bin/sh
# This script deletes user from OpenVPN server.

if [ ! -z $1 ];
then

easyrsa revoke $1

easyrsa gen-crl

easytls inline-remove $1

rm pki/ovpn/$1.ovpn

else
	echo "User undefined"
	exit 0
fi

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7342
Joined: Fri Jun 03, 2016 1:17 pm

Re: Is there a windows script to 1 command create new user ?

Post by TinCanTech » Wed Jun 10, 2020 12:15 pm

xh43k wrote:
Wed Jun 10, 2020 7:13 am
I found out that the easyrsa3 can run bash scripts since it creates environment for it..
You can use ./easytls in that exact environment. That is how it is meant to be used.
xh43k wrote:
Wed Jun 10, 2020 7:13 am
there is missing some simply guide on how to actually use easy-tls
./easytls help

And https://github.com/TinCanTech/easy-tls/ ... /Howto.txt
xh43k wrote:
Wed Jun 10, 2020 7:13 am
Ofc I could use the command to define it, but how the hell do I define it so I dont have to do it manually ?
You should add openvpn.exe to your system PATH.
xh43k wrote:
Wed Jun 10, 2020 7:13 am
Soooo, I am just tired today since I was up until 2 AM and I need some simplistic answer
Take a break and let the dust settle..
xh43k wrote:
Wed Jun 10, 2020 7:13 am
I managed to create inline file from already created files by easyrsa with command inline-tls-auth, however, it contains absolutely no info about server therefore it's not ready ovpn file.. do I still have to manually copy the data there or how does it actually work ?
EasyYLS creates .inline files which configure all your keys and certificates correctly. Then you have to build your server and client config files and plugin the .inline file.

Thanks for testing, it looks like the two scripts did their job. Maybe not what you want exactly but, hey, that's free software for you ..

Post Reply