bnhf · FrancYescO · Sep 5, 2023 · Sep 5, 2023
diff --git a/README.md b/README.md
@@ -73,15 +73,18 @@ Copy and paste this into the Portainer Environment variables section in Advanced
 ```yml
  OPENVPN_ADMIN_USERNAME=admin # Leave this default as-is and update on first-run
  OPENVPN_ADMIN_PASSWORD=b3secure # Leave this default as-is and update on first-run
+ PIVPN_CONF=server.conf # Filename for your OpenVPN server configuration
  COUNTRY=${COUNTRY} # Two character country code. Country, Province, City, Org and OU are used by EasyRSA
  PROVINCE=${PROVINCE} # Province or State
  CITY=${CITY}
  ORG=${ORG} # Organization - Use your company name here or make one up
  EMAIL=${EMAIL}
  OU=${OU} # Organizational Unit - Use your company department name or make one up
- PIVPN_SERVER=${PIVPN_SERVER} # The unique name used for your server's certificate and key. Found in the /etc/openvpn/server.conf file.
- PIVPN_CONF=${PIVPN_CONF} # Filename for your OpenVPN server configuration - usually server.conf
  TZ=${TZ} # Your OpenVPN server's timezone
+ ENABLEHTTPS=${ENABLEHTTPS} # Enable HTTPS protocol
+ HTTPSPORT=${HTTPSPORT} # Specify the HTTPS port number
+ HTTPSCERT=${HTTPSCERT} # The path to the SSL-certificate (for example: /etc/openvpn/server/ssl/openvpn-server.crt)
+ HTTPSKEY=${HTTPSKEY} # The path to the private key (for example: /etc/openvpn/server/ssl/openvpn-server.key)
 ```
 
 This fork uses a single docker container with the OpenVPNAdmin web application. Through a docker volume it creates following directory structure for the database, but otherwise links to /etc/openvpn in the host. The intention is for PiVPN to be able to operate as usual, with PiVPN commanline options still available:

diff --git a/build/assets/start.sh b/build/assets/start.sh
@@ -16,9 +16,8 @@ if [ ! -f $OVDIR/.provisioned ]; then
  touch $OVDIR/.provisioned
 fi
 
-export PIVPN_SERVER=$(awk -F= '/server/ {print $2}' \
- /etc/openvpn/easy-rsa/pki/index.txt \
- | awk -F/ '{print $1}')
+export PIVPN_SERVER=$(awk '$0 ~ /name=server/ && match($0, /CN=[^/]+/) { print substr($0, RSTART+3, RLENGTH-3); exit }' \
+ /etc/openvpn/easy-rsa/pki/index.txt)
 
 echo "PiVPN server set to:" $PIVPN_SERVER
 cd /opt/openvpn-gui-tap
@@ -27,27 +26,27 @@ echo "Working directory set to:" $PWD
 if [ ! -z $ENABLEHTTPS ]; then
  sed -i '/EnableHTTPS=/s/.*/EnableHTTPS='"$ENABLEHTTPS"'/' conf/app.conf
  echo "HTTPS enabled set to: \"$ENABLEHTTPS\""
-fi
-
-if [ ! -z $HTTPSPORT ]; then
- sed -i '/HTTPSPort=/s/.*/HTTPSPort='"$HTTPSPORT"'/' conf/app.conf
- echo "HTTPS port set to: \"$HTTPSPORT\""
-fi
-
-if [ ! -z $HTTPSCERT ]; then
- sed -i 's|.*HTTPSCertFile=.*|HTTPSCertFile='"$HTTPSCERT"'|' conf/app.conf
- echo "HTTPS certificate path set to: \"$HTTPSCERT\""
-else
- sed -i '/HTTPSCertFile=/s/.*/HTTPSCertFile=\/etc\/openvpn\/easy-rsa\/pki\/issued\/'"$PIVPN_SERVER"'.crt/' conf/app.conf
- echo "HTTPS certificate set to default: \"$PIVPN_SERVER\".crt"
-fi
 
-if [ ! -z $HTTPSKEY ]; then
- sed -i 's|.*HTTPSKeyFile=.*|HTTPSKeyFile='"$HTTPSKEY"'|' conf/app.conf
- echo "HTTPS private key path set to: \"$HTTPSKEY\""
-else
- sed -i '/HTTPSKeyFile=/s/.*/HTTPSKeyFile=\/etc\/openvpn\/easy-rsa\/pki\/private\/'"$PIVPN_SERVER"'.key/' conf/app.conf
- echo "HTTPS private key set to default: \"$PIVPN_SERVER\".key"
+ if [ ! -z $HTTPSPORT ]; then
+ sed -i '/HTTPSPort=/s/.*/HTTPSPort='"$HTTPSPORT"'/' conf/app.conf
+ echo "HTTPS port set to: \"$HTTPSPORT\""
+ fi
+
+ if [ ! -z $HTTPSCERT ]; then
+ sed -i 's|.*HTTPSCertFile=.*|HTTPSCertFile='"$HTTPSCERT"'|' conf/app.conf
+ echo "HTTPS certificate path set to: \"$HTTPSCERT\""
+ else
+ sed -i '/HTTPSCertFile=/s/.*/HTTPSCertFile=\/etc\/openvpn\/easy-rsa\/pki\/issued\/'"$PIVPN_SERVER"'.crt/' conf/app.conf
+ echo "HTTPS certificate set to default: \"$PIVPN_SERVER\".crt"
+ fi
+
+ if [ ! -z $HTTPSKEY ]; then
+ sed -i 's|.*HTTPSKeyFile=.*|HTTPSKeyFile='"$HTTPSKEY"'|' conf/app.conf
+ echo "HTTPS private key path set to: \"$HTTPSKEY\""
+ else
+ sed -i '/HTTPSKeyFile=/s/.*/HTTPSKeyFile=\/etc\/openvpn\/easy-rsa\/pki\/private\/'"$PIVPN_SERVER"'.key/' conf/app.conf
+ echo "HTTPS private key set to default: \"$PIVPN_SERVER\".key"
+ fi
 fi
 
 mkdir -p db

diff --git a/docs/docker-compose.yml b/docs/docker-compose.yml
@@ -10,14 +10,13 @@ services:
  environment:
  - OPENVPN_ADMIN_USERNAME=admin # Leave this default as-is and update on first-run
  - OPENVPN_ADMIN_PASSWORD=b3secure # Leave this default as-is and update on first-run
+ - PIVPN_CONF=server.conf # Filename for your OpenVPN server configuration
  - COUNTRY=${COUNTRY} # Country, Province, City, Org and OU are used by EasyRSA
  - PROVINCE=${PROVINCE} # Province or State
  - CITY=${CITY}
  - ORG=${ORG} # Organization - Use your company name here or make one up
  - EMAIL=${EMAIL}
  - OU=${OU} # Organizational Unit - Use your company department name or make one up
- - PIVPN_SERVER=${PIVPN_SERVER} # The unique name used for your server's certificate and key. Found in the /etc/openvpn/server.conf file.
- - PIVPN_CONF=${PIVPN_CONF} # Filename for your OpenVPN server configuration - usually server.conf
  - TZ=${TZ} # Your OpenVPN server's timezone
  - ENABLEHTTPS=${ENABLEHTTPS} # Enable HTTPS protocol
  - HTTPSPORT=${HTTPSPORT} # Specify the HTTPS port number

diff --git a/models/models.go b/models/models.go
@@ -73,7 +73,7 @@ func createDefaultUsers() {
 func createDefaultSettings() {
  s := Settings{
  Profile: "default",
- MIAddress: "openvpn:2080",
+ MIAddress: "172.17.0.1:2080",
  MINetwork: "tcp",
  ServerAddress: "myopenvpnserver.duckdns.org",
  OVConfigPath: "/etc/openvpn/",