Update the whole project

bin/start_openvpn

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+if [ -z "$( ls -A '/opt/data/openvpn' )" ] || [ "${EASY_RSA_REGEN}" == "true" ]; then
+    rm -rf /opt/data/openvpn/*
+    # -- It should prepare certs with easy-rsa
+    /usr/share/easy-rsa/easyrsa init-pki
+    # -- Currently only no password
+    /usr/share/easy-rsa/easyrsa build-ca nopass
+    /usr/share/easy-rsa/easyrsa gen-dh
+    `unset EASYRSA_REQ_CN && /usr/share/easy-rsa/easyrsa build-server-full server nopass`
+    # -- Generate the CRL for client/server certificates revocation.
+    /usr/share/easy-rsa/easyrsa gen-crl
+    openvpn --genkey tls-crypt-v2-server "pki/private/${EASYRSA_REQ_CN}.pem"
+    openvpn --genkey secret > "ta.key"
+
+else
+   echo "Easy RSA config is already prepared, skipping"
+fi
+
+cp /opt/data/openvpn/ta.key /etc/openvpn/server
+openvpn --config /opt/config/server.conf