Added ability to specify multiple usernames/passwords.

JTpantheon · Jun 14, 2016 · 561f585 · 561f585
1 parent 09452c6
commit 561f585
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -26,17 +26,15 @@ Mix and match published ports:
 All optional:
 
 - `-e PSK`: Pre-Shared Key (PSK), if not set: "notasecret" (without quotes) by default.
-- `-e USERNAME`: if not set a random username ("user[nnnn]") is created.
-- `-e PASSWORD`: if not set a random weak password is created.
+- `-e USERS`: Multiple usernames and passwords may be set with the following pattern: `username:password;user2:pass2;user3:pass3`. Username and passwords are separated by `:`. Each pair of `username:password` should be separated by `;`. If not set a random username ("user[nnnn]") and a random weak password is created.
 
-It only creates a single user account with the above credentials in DEFAULT hub.
-See the docker log for username and password (unless `-e PASSWORD` is set), which *would look like*:
+See the docker log for username and password (unless `-e USERS` is set), which *would look like*:
 
     # ========================
     # user6301
     # 2329.2890.3101.2451.9875
     # ========================
-Dots (.) are part of the password. Password will not be logged if specified via `-e PASSWORD`; use `docker inspect` in case you need to see it.
+Dots (.) are part of the password. Password will not be logged if specified via `-e USERS`; use `docker inspect` in case you need to see it.
 
 Hub & server are locked down; they are given stronger random passwords which are not logged or displayed.
 
@@ -58,7 +56,7 @@ Examples (assuming bash; note the double-quotes `"` and backticks `` ` ``):
 
 `docker run --rm siomiz/softethervpn gencert > /path/to/envlist`
 
-The output will have `CERT` and `KEY` already filled in. Modify `PSK`/`USERNAME`/`PASSWORD`.
+The output will have `CERT` and `KEY` already filled in. Modify `PSK`/`USERS`.
 
 Certificate volumes support (like `-v` or `--volumes-from`) will be added at some point...
 

diff --git a/copyables/entrypoint.sh b/copyables/entrypoint.sh
@@ -11,19 +11,21 @@ fi
 if [ ! -f /opt/vpn_server.config ]; then
 
 : ${PSK:='notasecret'}
-: ${USERNAME:=user$(cat /dev/urandom | tr -dc '0-9' | fold -w 4 | head -n 1)}
 
-printf '# '
-printf '=%.0s' {1..24}
-echo
-echo \# ${USERNAME}
-
-if [[ $PASSWORD ]]
+if [[ $USERS ]]
 then
-  echo '# <use the password specified at -e PASSWORD>'
+  echo '# <use the password specified at -e USERS>'
 else
+  : ${USERNAME:=user$(cat /dev/urandom | tr -dc '0-9' | fold -w 4 | head -n 1)}
+  printf '# '
+  printf '=%.0s' {1..24}
+  echo
+  echo \# ${USERNAME}
+
   PASSWORD=$(cat /dev/urandom | tr -dc '0-9' | fold -w 20 | head -n 1 | sed 's/.\{4\}/&./g;s/.$//;')
   echo \# ${PASSWORD}
+
+  USERS="${USERNAME}:${PASSWORD}"
 fi  
 
 printf '# '
@@ -85,8 +87,15 @@ cat softether.ovpn
 /opt/vpncmd localhost /SERVER /CSV /HUB:DEFAULT /CMD LogDisable security
 
 # add user
-/opt/vpncmd localhost /SERVER /HUB:DEFAULT /CSV /CMD UserCreate ${USERNAME} /GROUP:none /REALNAME:none /NOTE:none
-/opt/vpncmd localhost /SERVER /HUB:DEFAULT /CSV /CMD UserPasswordSet ${USERNAME} /PASSWORD:${PASSWORD}
+
+while IFS=';' read -ra USER; do
+  for i in "${USER[@]}"; do
+    IFS=':' read username password <<< "$i"
+    echo "Creating user: ${username}"
+    /opt/vpncmd localhost /SERVER /HUB:DEFAULT /CSV /CMD UserCreate ${username} /GROUP:none /REALNAME:none /NOTE:none
+    /opt/vpncmd localhost /SERVER /HUB:DEFAULT /CSV /CMD UserPasswordSet ${username} /PASSWORD:${password}
+  done
+done <<< "$USERS"
 
 export PASSWORD='**'