~fkooman/vpn-documentation

ref: 13ed958d65981a2744683ffbffae1c0d2c51e36d vpn-documentation/convert_to_controller.sh -rwxr-xr-x 695 bytes
13ed958dFrançois Kooman make clear that "the only difference" now refers only to OAuth 4 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/sh

#
# Convert a full VPN install to just a controller
#

yum remove -y vpn-server-node
rm -rf /etc/vpn-server-node

semanage port -d -t openvpn_port_t -p tcp 11940-16036
semanage port -d -t openvpn_port_t -p tcp 1195-5290
semanage port -d -t openvpn_port_t -p udp 1195-5290

rm /etc/sysctl.d/70-vpn.conf
sysctl --system

for i in $(systemctl -a --no-legend | grep openvpn-server@ | awk {'print $1'})
do
    systemctl disable --now "${i}"
done
rm -rf /etc/openvpn/server/*

yum remove -y openvpn

cp resources/firewall/controller/iptables /etc/sysconfig/iptables
cp resources/firewall/controller/ip6tables /etc/sysconfig/ip6tables

systemctl restart iptables
systemctl restart ip6tables