-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #17 from Ant0wan/Ant0wan-patch-1
Update strongswan.install.sh
- Loading branch information
Showing
1 changed file
with
49 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,15 +1,51 @@ | ||
| #!/bin/sh | ||
| set -xe | ||
| network_name='' | ||
| VPN_Gateway='' | ||
| VPN_Username='' | ||
| VPN_Password='' | ||
| cacerts='/etc/strongswan/ipsec.d/cacerts/cacert.pem' | ||
| dnf install -y NetworkManager-strongswan NetworkManager-strongswan-gnome strongswan-charon-nm strongswan strongswan-sqlite | ||
| # libtnc strongswan-tnc-imcvs | ||
| wget https://curl.se/ca/cacert.pem -O "$cacerts" | ||
| sudo nmcli connection add type vpn con-name "$network_name" ifname "*" vpn-type strongswan \ | ||
| vpn.data "address=$VPN_Gateway, method=eap, user=$VPN_Username, virtual=yes, encap=yes" \ | ||
| vpn.secrets "password=$VPN_Password" \ | ||
| ipv4.method "auto" \ | ||
| ipv6.method "auto" | ||
| network_name='your_netowrk_here' | ||
| VPN_Gateway='your_gateway_here' | ||
| VPN_Username='your_username_here' | ||
| VPN_Password='your_password_here' | ||
|
|
||
| # Check if /etc/os-release exists | ||
| if [ -f /etc/os-release ]; then | ||
| # Source the /etc/os-release file to get the ID variable | ||
| . /etc/os-release | ||
|
|
||
| # Check the distribution ID and use the appropriate package manager | ||
| case "$ID" in | ||
| fedora|centos|rhel) | ||
| # Use dnf if the distribution is Fedora, CentOS, or RHEL | ||
| package_manager="dnf" | ||
| packages="NetworkManager-strongswan NetworkManager-strongswan-gnome strongswan-charon-nm strongswan strongswan-sqlite" | ||
| cacerts='/etc/strongswan/ipsec.d/cacerts/cacert.pem' | ||
| ;; | ||
| debian|ubuntu) | ||
| # Use apt-get if the distribution is Debian or Ubuntu | ||
| package_manager="apt-get" | ||
| packages="strongswan strongswan-nm network-manager-strongswan" | ||
| cacerts='/etc/ipsec.d/cacerts/cacerts.pem' | ||
| ;; | ||
| *) | ||
| # If the distribution is not recognized, exit with an error | ||
| echo "Unsupported distribution: $ID" | ||
| exit 1 | ||
| ;; | ||
| esac | ||
|
|
||
| # Install packages using the identified package manager | ||
| sudo "$package_manager" install -y $packages | ||
|
|
||
| # Download the CA certificate from a trusted source | ||
| sudo wget https://curl.se/ca/cacert.pem -O "$cacerts" | ||
|
|
||
| # Create a new VPN connection with NetworkManager using strongSwan plugin | ||
| sudo nmcli connection add type vpn con-name "$network_name" ifname "*" vpn-type strongswan \ | ||
| vpn.data "address=$VPN_Gateway, method=eap, user=$VPN_Username, virtual=yes, encap=yes" \ | ||
| vpn.secrets "password=$VPN_Password" \ | ||
| ipv4.method "auto" \ | ||
| ipv6.method "auto" | ||
|
|
||
| else | ||
| # If /etc/os-release is not found, exit with an error | ||
| echo "Unable to identify the Linux distribution." | ||
| exit 1 | ||
| fi |