linux下的开源open v p n的自动化新建用户并发送邮件的shell脚本

cixiren

　　PS: 所有v p n的字样全部屏蔽成了***了，真恶心

　　由于商业版的ssl***等设备价格较贵，不如开源的来的方便，且能自己能通过脚本来减轻自己的工作，只需要在企业内部搭建好服务器后，在出口防火墙做外网映射即可，具体的安装步骤不介绍了。

　　本脚本包含自动新建账号、证书并发送到用户的邮箱中，用户名以邮箱的前缀命名

　　daily=`date +%Y%m%d-%H%M`   
confdir="/etc/open***/config"   

　　#open***的配置目录，该下面有server.crt ca.crt ca.key psw-file server.conf等文件

　　workdir="/home/appadm/open***-2.4.4"    #open***解压后的目录，主要会用到easy-rsa/2.0下的目录
userdir="/home/appadm/×××User"     #将生成的用户信息拷贝到该目录下
adduser() {
##################账号密码创建#############
####if账号不存在则新建，else返回已存在#####
read -p "Please input username need to be added: " acc
usermail=$acc@qq.cn
userchallpass=$usermail
if [[ ! -e $workdir/easy-rsa/2.0/keys/${acc}.crt ]];then
   cd $workdir/easy-rsa/2.0/
   ./vars
   sleep 2
   source ./vars
   sleep 2
############以下为证书生成###############
expect -c "
spawn $workdir/easy-rsa/2.0/build-key $acc
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"$usermail\r\"}
        }
expect {
        \"*\" {send \"$userchallpass\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }
expect {
        \"*\" {send \"y\r\"}
        }
expect {
        \"*\" {send \"y\r\"}
        }
expect {
        \"*\" {send \"\r\"}
        }

expect eof "
##########################################
     mkdir -p $userdir/$acc
     cd $workdir/easy-rsa/2.0/keys
     cp ${acc}.crt ${acc}.key ta.key ca.crt $userdir/$acc
     cp ${acc}.* $userdir/keys
     cd $userdir
     cp client.conf ./$acc/${acc}.o***
     cd ./$acc
     sed -i "s/cert client.crt/cert ${acc}.crt/g" ./$acc.o***
     sed -i "s/key client.key/key ${acc}.key/g" ./$acc.o***
  
     tar -zcvf ./${acc}.tar.gz ${acc}.crt ${acc}.key ${acc}.o*** ta.key ca.crt
     echo -e "\033[32m Cert user $acc has been created \033[0m"
     cp $confdir/psw-file $confdir/psw-file.bak
     if [[ `cat $confdir/psw-file | grep "$acc"` == "" ]];then
        accpass=`> $confdir/psw-file
     fi
     echo -e "\033[32m Now $acc userid and password has been generated \033[0m"
else
   echo -e "\033[33m User $acc exists\033[0m"
fi
   echo -e "Here is user's certificate:$userdir/$acc\n"
   sleep 1
   echo -e "Here is user's account and password:$confdir/psw-file\n"
##############以下为open***账号密码证书以及客户端自动发送##################################################
   userpass=`more $confdir/psw-file  | grep $acc | awk '{print $2}'`
   to=$usermail
   #to="xxxxxx@qq.cn"
   secr="xxxxx@qq.cn"
   subject="$acc's open*** information"
   body="Hello,your open*** account is:  $acc,and your password is:  $userpass"
   /app/comm/sendEmail-v1.56/sendEmail -f xx@xx.cn -t "$to"  -bcc "$secr" -s smtp.exmail.qq.com -u "$subject" \
  -a "$userdir/$acc/$acc.tar.gz" "$userdir/open***-install-2.4.4-I601.exe" "$userdir/open***-readme.docx"\
-o message-content-type=html -o message-charset=utf8 -xu xxwxx@xxxxx.cn-xp "Sg5d_JE9xVDtPkdz" -m "$body" &>>/tmp/open***mail.log
########################################################################################################################
cd /home/appadm
./useforopen***.sh
}
#############################以下为删除用户######################################################################################
deluser() {
   read -p "Input the username want to delete: " deluser
   cd $workdir/easy-rsa/2.0/
   ./vars
   sleep 1
   source ./vars
   sleep 1
   ./revoke-full $deluser &>> /tmp/open***log.txt
   sleep 2
   if [[ `more /tmp/open***log.txt|grep "Already revoked"` != "" ]];then
       echo -e "\033[31m Do nothing,user $deluser has been eliminated before\033[0m"
   elif [[ `more /tmp/open***log.txt|grep "Error opening "$deluser".crt "$deluser".crt"` != "" ]];then
       echo -e "\033[31m User $deluser not exist \033[0m"
   else
       cp $confdir/psw-file $confdir/psw-file.bak"$daily"
       echo -e "\033[44;37m Now backup the lastest user account \033[0m"
       sleep 1
       sed -i "/^$deluser.*/d" $confdir/psw-file
       echo -e "\033[44;37m Now delete use $deluser and password \033[0m"
       sleep 1
       cd $userdir
       mv $deluser ./deleteuser
#       cd $workdir/easy-rsa/2.0/keys
#       mv "$deluser".* $workdir/user/deleteuser
       echo -e "\033[44;37m User $deluser disappeared now\033[0m"
       cd $confdir
       ./restartopen***.sh
  fi
cd /home/appadm
./useforopen***.sh
}
################################################################
echo -e "
        ##########################################
        ### 1. create a new user                                            ###
        ### 2. delete an unused  user                                   ###
        ### 3. exit                                                                  ###
        ##########################################"
  
read -p "Input your choice: " choice
case $choice in
    "1")
        adduser
        ;;
    "2")
        deluser
        ;;
    "3")
        exit 0
        ;;
     *)
        echo "Usage $0 {1|2|3}"
        ;;
esac