* Do not autogenerate a key if it does not exist. Instead fail.
* Requires users to explicitly generate keys and prevents generating
erroneous keys in the event of a typo.
* Convert to an array to simplify the code.
* This breaks running `ovpn_genconfig` multiple times with the same
route argument as the array will just grow. This needs to be fixed in
the future.
* Recommended way to work around this is to remove ovpn_env.sh.
* Pass public server URL via -u argument instead of $1
* Add ability to specify multiple alternative routes
* Add ability to specify override default server internal subnet
* Add ability to write configs without a default route out, not
implemented in other configs yet
* Instead of storing just a server_url which was necessary to
regenerate the OpenVPN configs, instead store an env file.
* Move all the env parsing to `ovpn_genconfig` so that it can be re-run
from genconfig instead of from `ovpn_init`.
* Remove all the parsing and env defaults except for genconfig.
NOTE: This breaks the older config method, uesrs will need to re-run
genconfig with an arg[1] as the previous server_url, this will create
the necessary env file the rest of the tools expect.
Example recovery for legacy users:
host$ docker run --rm -it kylemanna/openvpn bash -l
container# ovpn_genconfig $(cat /etc/openvpn/server_url)
* Previously the server name cached the common name generated during
init and assumed always 1194/udp.
* The new configuration allows for users to pass in a url in a new form
that allows the protocol to be specified as well as the port.
* Example: udp://vpn.example.com:1194
* Try to be backwards compatible.
* Protect the CA key with a passphrase by default to protect it from a
filsystem compromise. An attacker could still steal the other keys
stored (ie the server's cert key), but not issue new keys.
* This is a good compromise for now.
* Disable auto guessing the external IP in favor of the user explicitly
specifying the server name. Save the servername for client cert
generation later.
* Remove dnsutils from build since dig is no longer necessary. Favor
learn and mean images.
* Add ENV configuration options to Dockerfile as opposed to keeping in
the wrapper script.
* First step to splitting up openvpn.sh in to smaller scripts.
* Provide a way to invoke easyrsa form the wrapper
* Add ability to set the EasyRSA vars file which manages the default
settings for the EasyRSA PKI CA.
