* Systemd service currently marks the mount as read-only, and this is
regarded as good practice for server/daemon only operation.
* Don't create /etc/openvpn/ccd as the mount may be read-only.
* Append the client-config-dir command line argument if it is found to
avoid mkdir operation.
* Mount can easily be modified using a different docker run line with
":ro" on the volume mount.
* Empty CRLs don't work.
* Avoids confusing easyrsa during the init step where it thinks an
existing PKI configuration exists.
* Add to ovpn_run to help users that are upgrading and ran genconfig
which now depends on the file being present.
* Use a hardlink to tip toe around permissions issues.
* Convert to an array to simplify the code.
* This breaks running `ovpn_genconfig` multiple times with the same
route argument as the array will just grow. This needs to be fixed in
the future.
* Recommended way to work around this is to remove ovpn_env.sh.
* Pass public server URL via -u argument instead of $1
* Add ability to specify multiple alternative routes
* Add ability to specify override default server internal subnet
* Add ability to write configs without a default route out, not
implemented in other configs yet
* Instead of storing just a server_url which was necessary to
regenerate the OpenVPN configs, instead store an env file.
* Move all the env parsing to `ovpn_genconfig` so that it can be re-run
from genconfig instead of from `ovpn_init`.
* Remove all the parsing and env defaults except for genconfig.
NOTE: This breaks the older config method, uesrs will need to re-run
genconfig with an arg[1] as the previous server_url, this will create
the necessary env file the rest of the tools expect.
Example recovery for legacy users:
host$ docker run --rm -it kylemanna/openvpn bash -l
container# ovpn_genconfig $(cat /etc/openvpn/server_url)
* Previously the server name cached the common name generated during
init and assumed always 1194/udp.
* The new configuration allows for users to pass in a url in a new form
that allows the protocol to be specified as well as the port.
* Example: udp://vpn.example.com:1194
* Try to be backwards compatible.
