~fkooman/vpn-maint-scripts

Maintenance Scripts for VPN
prepare for release
more cleanups and removals

clone

read-only
https://git.sr.ht/~fkooman/vpn-maint-scripts
read/write
git@git.sr.ht:~fkooman/vpn-maint-scripts

You can also use your local clone with git send-email.

Summary: Collection of scripts to maintain your VPN server

Description: This is a collection of scripts for maintaining your VPN server(s). These SHOULD be used for handling day to day operation, like applying changes and installing updates.

License: AGPL-3.0-or-later

#Introduction

This is a collection of scripts for maintaining your VPN server(s). These SHOULD be used for handling day to day operation, like applying changes and installing updates. Feel free to take the content of these scripts and use them in something like Ansible.

NOTE: only use these scripts during maintenance windows as they will in most cases restart the OpenVPN and WireGuard processes!

#Scripts

#Verify Configuration Files

In order to make sure your VPN configuration files are without syntax errors:

$ sudo vpn-maint-verify-config

Run this after every configuration change!

#Apply Changes

Delete VPN client configurations no longer matching the configuration, regenerate the OpenVPN and WireGuard server configuration files and restart relevant processes:

$ sudo vpn-maint-apply-changes

#Update

Install OS and VPN (server) software updates:

$ sudo vpn-maint-update-system

NOTE you MAY need to restart your server as well in case (important) OS updates are installed, e.g. kernel or library updates!

#Reset

NOTE: only use this right before going to production to get rid of all user data! It will NOT modify your configuration.

$ sudo vpn-maint-reset-system

If you generated any additional keys, e.g. the HMAC key for "Guest Access", or the Admin API, you'll need to regenerate those keys as well!

#Contributing

Thank you for taking the time to contribute to eduVPN / Let's Connect!. In order for us to be able to accept your contributions, i.e. "Pull Requests" or "Merge Requests", we'd like you to sign our "CLA" and send it back to us.

You can find the CLA here. Pick the correct one, either for "legal entities" or "individuals" and mail it to legaldocuments@commonsconservancy.org as stated in the document. Please add eduvpn-support@lists.geant.org to the CC field.

Note, that signing the CLA will not automatically guarantee your contribution will be included in the software!

Thanks again for wanting to contribute to eduVPN / Let's Connect!