linux下的開源open v p n的自動化新建用戶併發送郵件的shell腳本

PS: 所有v p n的字樣全部屏蔽成了***了，真噁心

由於商業版的ssl***等設備價格較貴，不如開源的來的方便，且能自己能通過腳本來減輕自己的工作，只需要在企業內部搭建好服務器後，在出口防火牆做外網映射即可，具體的安裝步驟不介紹了。

本腳本包含自動新建賬號、證書併發送到用戶的郵箱中，用戶名以郵箱的前綴命名

daily=`date +%Y%m%d-%H%M`   
confdir="/etc/open***/config"   

#open***的配置目錄，該下面有server.crt ca.crt ca.key psw-file server.conf等文件

workdir="/home/appadm/open***-2.4.4"    #open***解壓後的目錄，主要會用到easy-rsa/2.0下的目錄
userdir="/home/appadm/×××User"     #將生成的用戶信息拷貝到該目錄下
adduser() {
##################賬號密碼創建#############
####if賬號不存在則新建，else返回已存在#####
read -p "Please input username need to be added: " acc
[email protected]
userchallpass=$usermail
if [[ ! -e $workdir/easy-rsa/2.0/keys/${acc}.crt ]];then
   cd $workdir/easy-rsa/2.0/
   ./vars
   sleep 2
   source ./vars
   sleep 2
############以下爲證書生成###############
expect -c "
spawn $workdir/easy-rsa/2.0/build-key $acc
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"$usermail\r\"}
        }
expect {
        \"*\" {send \"$userchallpass\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"y\r\"}
        }
expect {
        \"*\" {send \"y\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }

expect eof "
##########################################
     mkdir -p $userdir/$acc
     cd $workdir/easy-rsa/2.0/keys
     cp ${acc}.crt ${acc}.key ta.key ca.crt $userdir/$acc
     cp ${acc}.* $userdir/keys
     cd $userdir
     cp client.conf ./$acc/${acc}.o***
     cd ./$acc
     sed -i "s/cert client.crt/cert ${acc}.crt/g" ./$acc.o***
     sed -i "s/key client.key/key ${acc}.key/g" ./$acc.o***
 
     tar -zcvf ./${acc}.tar.gz ${acc}.crt ${acc}.key ${acc}.o*** ta.key ca.crt
     echo -e "\033[32m Cert user $acc has been created \033[0m"
     cp $confdir/psw-file $confdir/psw-file.bak
     if [[ `cat $confdir/psw-file | grep "$acc"` == "" ]];then
        accpass=`</dev/urandom tr -dc '!@#$%&'A-Za-z0-9 | head -c${1:-10};echo`
        echo "$acc  $accpass" >> $confdir/psw-file
     fi
     echo -e "\033[32m Now $acc userid and password has been generated \033[0m"
else
   echo -e "\033[33m User $acc exists\033[0m"
fi
   echo -e "Here is user's certificate:$userdir/$acc\n"
   sleep 1
   echo -e "Here is user's account and password:$confdir/psw-file\n"
##############以下爲open***賬號密碼證書以及客戶端自動發送##################################################
   userpass=`more $confdir/psw-file  | grep $acc | awk '{print $2}'`
   to=$usermail
   #to="[email protected]"
   secr="[email protected]"
   subject="$acc's open*** information"
   body="Hello,your open*** account is:  $acc,<br>and your password is:  $userpass"
   /app/comm/sendEmail-v1.56/sendEmail -f [email protected] -t "$to"  -bcc "$secr" -s smtp.exmail.qq.com -u "$subject" \
  -a "$userdir/$acc/$acc.tar.gz" "$userdir/open***-install-2.4.4-I601.exe" "$userdir/open***-readme.docx"\
  -o message-content-type=html -o message-charset=utf8 -xu [email protected] -xp "Sg5d_JE9xVDtPkdz" -m "$body" &>>/tmp/open***mail.log
########################################################################################################################
cd /home/appadm
./useforopen***.sh
}
#############################以下爲刪除用戶######################################################################################
deluser() {
   read -p "Input the username want to delete: " deluser
   cd $workdir/easy-rsa/2.0/
   ./vars
   sleep 1
   source ./vars
   sleep 1
   ./revoke-full $deluser &>> /tmp/open***log.txt
   sleep 2
   if [[ `more /tmp/open***log.txt|grep "Already revoked"` != "" ]];then
       echo -e "\033[31m Do nothing,user $deluser has been eliminated before\033[0m"
   elif [[ `more /tmp/open***log.txt|grep "Error opening "$deluser".crt "$deluser".crt"` != "" ]];then
       echo -e "\033[31m User $deluser not exist \033[0m"
   else
       cp $confdir/psw-file $confdir/psw-file.bak"$daily"
       echo -e "\033[44;37m Now backup the lastest user account \033[0m"
       sleep 1
       sed -i "/^$deluser.*/d" $confdir/psw-file
       echo -e "\033[44;37m Now delete use $deluser and password \033[0m"
       sleep 1
       cd $userdir
       mv $deluser ./deleteuser
#       cd $workdir/easy-rsa/2.0/keys
#       mv "$deluser".* $workdir/user/deleteuser
       echo -e "\033[44;37m User $deluser disappeared now\033[0m"
       cd $confdir
       ./restartopen***.sh
  fi
cd /home/appadm
./useforopen***.sh
}
################################################################
echo -e "
        ##########################################
        ### 1. create a new user                                            ###
        ### 2. delete an unused  user                                   ###
        ### 3. exit                                                                  ###
        ##########################################"
 
read -p "Input your choice: " choice
case $choice in
    "1")
        adduser
        ;;
    "2")
        deluser
        ;;
    "3")
        exit 0
        ;;
     *)
        echo "Usage $0 {1|2|3}"
        ;;
esac