31 lines
723 B
Bash
31 lines
723 B
Bash
#!/bin/bash
|
|
|
|
# NOTA(vasco): feito para correr como root
|
|
if [[ "$USER" != "root" ]]; then
|
|
echo "corre o script como root"
|
|
exit 1
|
|
fi
|
|
|
|
yum install -y epel-release
|
|
yum install -y openvpn iptables-services dhcp-client ntpsec
|
|
systemctl stop firewalld
|
|
systemctl disable firewalld
|
|
systemctl mask firewalld
|
|
systemctl enable iptables
|
|
iptables -F
|
|
|
|
CA_DIR="/etc/pki/CA"
|
|
mkdir -p "${CA_DIR}/newcerts"
|
|
mkdir -p "${CA_DIR}/private"
|
|
touch "${CA_DIR}/index.txt"
|
|
cp ca/serial "${CA_DIR}/serial"
|
|
|
|
mkdir -p /etc/openvpn/server
|
|
mkdir -p /etc/openvpn/client
|
|
|
|
# NOTE(vasco): tive problemas com a sincronização de tempo
|
|
# se nao tiver sincronizado, o TOTP nao funciona
|
|
systemctl stop chronyd
|
|
ntpdate pool.ntp.org
|
|
systemctl start chronyd
|