From 809f96ff0ebe32756878d545b7a7cde12c76fa04 Mon Sep 17 00:00:00 2001 From: Vasco Date: Wed, 22 Apr 2026 16:57:21 +0100 Subject: [PATCH] wisdom of the shadows --- VM_CONFIG.sh | 12 ++++++++++++ VM_VPN_GATEWAY.sh | 11 ----------- user2.p12 | Bin 0 -> 3531 bytes 3 files changed, 12 insertions(+), 11 deletions(-) create mode 100644 user2.p12 diff --git a/VM_CONFIG.sh b/VM_CONFIG.sh index f84e2d8..86be8e7 100755 --- a/VM_CONFIG.sh +++ b/VM_CONFIG.sh @@ -22,3 +22,15 @@ cp ca/serial "${CA_DIR}/serial" mkdir -p /etc/openvpn/server mkdir -p /etc/openvpn/client + +# NOTE(vasco): tive problemas com a sincronização de tempo +# se nao tiver sincronizado, o TOTP nao funciona +systemctl stop chronyd +ntpdate pool.ntp.org +systemctl start chronyd + +# NOTE(vasco): o openvpn não consegui aceder ao home e ler os secrets +# do google authenticator, por isso fiz isto: +mkdir -p /etc/systemd/system/openvpn-server@.service.d +echo -e "[Service]\nProtectHome=false" > /etc/systemd/system/openvpn-server@.service.d/override.conf +systemctl daemon-reload diff --git a/VM_VPN_GATEWAY.sh b/VM_VPN_GATEWAY.sh index 461db38..0f3aa88 100644 --- a/VM_VPN_GATEWAY.sh +++ b/VM_VPN_GATEWAY.sh @@ -8,17 +8,6 @@ source VM_CONFIG.sh yum install -y google-authenticator qrencode ntpsec -# NOTE(vasco): tive problemas com a sincronização de tempo -# se nao tiver sincronizado, o TOTP nao funciona -systemctl stop chronyd -ntpdate pool.ntp.org -systemctl start chronyd - -# NOTE(vasco): o openvpn não consegui aceder ao home e ler os secrets -# do google authenticator, por isso fiz isto: -mkdir -p /etc/systemd/system/openvpn-server@.service.d -echo -e "[Service]\nProtectHome=false" > /etc/systemd/system/openvpn-server@.service.d/override.conf -systemctl daemon-reload # --- forwarding --- # if_fora="enp0s8" diff --git a/user2.p12 b/user2.p12 new file mode 100644 index 0000000000000000000000000000000000000000..2e76dfe0f031a721cc03d1679191038d0af6fa2d GIT binary patch literal 3531 zcmai%XE+-S_r@h9X6(IpZ9!41YKPj?s6C6?qqS1R)*^P)s7hOErc|h%svT;pT^h8u zTA{_;_xk^@=lS@4IM=!E-~HiyJNG#dIJh4OxB-EK!$9O>NzkM-Fn|3q?|? zt>bBcKr$i-6^QKrrUJ=Hh#*`ba_1x{z~crnK#Z97dC%j-)x3gsJGN z@x1{TIbOV`jl1r5OISE&0@Lm2X*18*0~c2bXPck02RSF(7nIT+hZN;>5?zePGk9WZ zWjBjQ?4dwdBNU#2@N#eCKRE{w9)dB|G-;5jqcJ7(fx1o^7d`d@4DL>&*CDpkK<3JwHvop$148bC7{dW?_>cl=>x^guBW8@q0K z(!%j_7qkaF`JBdXz==N4c_dQLYGy{M49)pDikcXAIgVg&uf@cFydia;!Xlg8=FCdC z0*moSj1N1{+*I+RW^$$R4vdsQxB)uUtjOA&N1lq!R{-iomZ<40vNbA8%MH_c=Fs(S z3#Ohu&rYe6zs}_nw1%3ph4$6>_7HSW>M8^rHPltVU$?$FewHjK8zwBrKWT2+WYnz= z{ro&0GWMkliq;@ah%&SA5Mp3eMnbGd{oFN(LHIY4;zefuO{N$eyOF~}_E2Dn_n2vl z1nc|7g=DW=kUafziUe#NQrJt<0R~4U0X7Q7>b6%g|;4I#f9KsfeX`D<&U_R9{1-vUib`= z9*BPRfkik;aq5H<9!}efl1-A3?WN0wG@CJ7?XuLwGCvyRZs_^;pev`H0z$IG-PnB) zKam{#z(5>h3eH49ULS7vXm{>HWq7I|?NLRS+<{P3b0RKS?l*h&h>h9T`VBXm>#F+I zQn;5$o$_J6$neqHW3Nwe$W;TOiU*C%*X%bPz5fW7mv^eR^T8bN8BviEQJv64$=TjZ z*!bv~lXl_Z6O<0s_dX?Z`68kqu4#o39<5&ZiSy!M+vdL13O454P9@lJWwlvH7QQRC zp0m&zI=2yM@nC07JRci4CfkW{O(=4tabaJXUiZpZF~o@Wx#`hge|u7Ls3U4;qg;4> zIA>Zt!!M6b=$P2qr(%I4vbR;>FZx%J#CcV7jt z#=J(U+?H7XV7z495u%nWFAc7)=5^LDle^lyw22&zU5zKXz`1b+9FDTj>G7*|SJqGU z+7*om1q|fKmqYNAW8nlB?C!xnzAJQlbfcJo-#GHTHa_kz@{8pO*)~jI2K+fh?(84N}M_SYp@3sN_`1|wT?cvruewqQ9 zj9p3Pbxl-UyR4h$wuW5j`wCU&%JM9F$;1cMXjZ1JuO-}z^WoGR%}lrAo};?1mE;^h zFymzkH?(GZII+dKck&qyeaV+aB8Mm$_=O}WklV*%G20rxI59G0A)_R$j>E?6SB~)( zS6)nuKDLBw!&0~Og@<4n%6wLJsC|3vJIA84$c2|(^dM&m20`n6x)3k+W~TU3E<_pQ-3E`nl57WcEn^blFZE`TjP*L(ZIb+(ZD;{ss(-x_7nDxD5o> zSMf45<}v|1Mqffp_zed2I^l5$dt}1`hCivB?FdJ{X*49iLIXkFYdRdMl94GuqTe6z z)hUtDUk8JQ*A267r8oa($sMV+jt?qvnz`RJqWLbO1Ax(++%#RytpJi}r8>u3!Ph43 ztmWY40YYy|SKQ^+qA)ve@mw&_9ZQcGgX{H^<3|O1@+2RYsdK`3@cd|=EY|}1HRuJl zpkBEYiT*K=@r2&IP7l) zfhhm~2B4w<0RNgwf1&*U3icZiT{;nUP;!fGZ+G;)op=8;*!{i&nQaBMMX1<-L|T1E zZp3inG46*n(bv&U=DG_{&N60WvgahU?Ji8#=mTSrnsh78X|LiIhf5Wun@Oo?_;p-q zf82QL8D78XpStc8!K^KvOY?Xm?RdE_R1Y&-M-IG{i8}2vEmLCrk<`)_sYww_da>xk zZZXv}=|Hqmdf^8s(C9$C+G3Z}nblQqR#CYGy@73qhG;-Nzl7b|R26dK@}b8b4Cgug zaptAV9zWW9WBehP`ASkK58V5}9D(YbEx|4(3MkAs6G=>wUjuQXzaCqaD9ju@qD8lJ zy#>uz1`hM1#_^zycgE;|KWA|@?#qmfToMkLlsg34q?{3Id%?kuetguP3D-6iYa!bxYhMuB#_op8 zpx;)ql^y6wuID~wL&a+7P2wn!%z`M<87!0`sSR?!=>Y9GtW|TAoi!GcNz2rTR+G}{ z|BXn|26~Au_gsOh7&nt%>gHpFc%w~J#QJG1w8dXe_XXru86F5?)}t#2E}tUO9({{5 zH4SF!EY*FsOQghNO%?>KL)gwF0M)+iypuo+AULlJ_a2jQZfzN|h;5__SjHaP-KAhl zszZ(e9vycltY&{7#LUHv>M9bn_GszqR4j4^k_DR3Y@PhtE#FF|P2$cIUCj%mbesxp zQVXK{HNTYos%CZQE>3=BROKdnkdF8U)`xxi)@S%f@WpD+Z&^wOL?^KtURPLtF{%b( z`X@xry~D-Caeb=hvZANzjw2(8UbLm~JiV9tsrkM!%)r0VC30(EJT4-ZW}zYwH6oc? zHsRmWp6U-9bkbj(tE0H7Nm5?v!ybbwNJ+IP3Lh+$z5aM2_%?|s74_l!!E(y8@O)+; z@Ba911{;QaSHQYG>2TXg{=$UCtH68POu=gI8Ad)AmM+SOZlo`d=z5CG0xgA#mD80P z9iKjJQ4W*7gmq|X_NK4aXKs~+TWhm<$*>b|f>Y;MY{d*zN^VQWE-YBHj$6xN!V*=a zSQdjoM6f9F2htc?C_3FVCUnqkOcX@fG(Jisz!j$*pAQ$x+!L3f{ z5&lI@U8R?+q*=x))F#gCzx;KAT3x!y%1{M^X~P^YaI&R1I!@8q^UszOK6h$)(^ph8 zBpN7qPj^2pRkN@$*Ad3vcNgxydV$-OzALevX0VSi)q;?PAhoj9USd0Qi>F7H+;qdMqe=UK6pVDzoC<}sM9pG_# z>vj3JI@?946dBuDgAjL~{M+H6wQWDY^ zIx>&kAg1r^(=-A;enBRa9La1q%?jJ*V*T%VX7H(#Uo#A&T8hMAZV zh?vIO1q7RXQfd6@WfB+IAV%|I*9kPxs*?w`mBoj8|dQ@Tb nhM_JX9oKsML`cq3O@x@1f@n*)ih+lc+fwolL^I^%zbp4YVuFMx literal 0 HcmV?d00001