#!/bin/sh

#
# Generate OpenVPN configs
#

set -ex

servername=$(cat "$OPENVPN/servername" 2> /dev/null)
cn=${1-$servername}

if [ -z "$cn" ]; then
    echo "Common name not specified"
    exit 1
fi

conf=$OPENVPN/udp1194.conf
if [ -f "$conf" ]; then
    bak=$conf.$(date +%s).bak
    echo "Backing up $conf -> $bak"
    mv "$conf" "$bak"
fi

cat > "$conf" <<EOF
server 192.168.255.0 255.255.255.0
verb 3
#duplicate-cn
key $EASYRSA_PKI/private/$cn.key
ca $EASYRSA_PKI/ca.crt
cert $EASYRSA_PKI/issued/$cn.crt
dh $EASYRSA_PKI/dh.pem
tls-auth $EASYRSA_PKI/ta.key
key-direction 0
keepalive 10 60
persist-key
persist-tun
push "dhcp-option DNS 8.8.4.4"
push "dhcp-option DNS 8.8.8.8"
client-config-dir $OPENVPN/ccd

proto udp
port 1194
dev tun1194
status /tmp/openvpn-status-1194.log
EOF