From 89dca39f896aec52d092a362266bd06d681c8d45 Mon Sep 17 00:00:00 2001
From: "root@culturestrings" <root@culturestrings>
Date: Wed, 3 Jun 2020 13:42:01 +0000
Subject: openvpn: make the configuration file site-agnostic.

---
 public/fs/etc/openvpn/culturestrings-conf.sh |  7 -----
 public/fs/etc/openvpn/culturestrings.conf.in | 40 ----------------------------
 public/fs/etc/openvpn/hostvpn-conf.sh        | 10 +++++++
 public/fs/etc/openvpn/hostvpn.conf.in        | 40 ++++++++++++++++++++++++++++
 4 files changed, 50 insertions(+), 47 deletions(-)
 delete mode 100644 public/fs/etc/openvpn/culturestrings-conf.sh
 delete mode 100644 public/fs/etc/openvpn/culturestrings.conf.in
 create mode 100755 public/fs/etc/openvpn/hostvpn-conf.sh
 create mode 100644 public/fs/etc/openvpn/hostvpn.conf.in

diff --git a/public/fs/etc/openvpn/culturestrings-conf.sh b/public/fs/etc/openvpn/culturestrings-conf.sh
deleted file mode 100644
index c085a3e..0000000
--- a/public/fs/etc/openvpn/culturestrings-conf.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-source /root/config/private/config/server.ports
-
-sed -e 's/@vpn_port@/'${vpn_port}'/g' "$1"
diff --git a/public/fs/etc/openvpn/culturestrings.conf.in b/public/fs/etc/openvpn/culturestrings.conf.in
deleted file mode 100644
index eaea36b..0000000
--- a/public/fs/etc/openvpn/culturestrings.conf.in
+++ /dev/null
@@ -1,40 +0,0 @@
-port         @vpn_port@
-proto        udp
-
-dev          tun0
-topology     subnet
-
-cipher       AES-256-CBC
-
-ca           /etc/easy-rsa/pki/ca.crt
-cert         /etc/easy-rsa/pki/issued/culturestrings.crt
-
-askpass      /srv/webroot/openvpn/culturestrings.pass
-key          /etc/easy-rsa/pki/private/culturestrings.key
-dh           /etc/easy-rsa/pki/dh.pem
-
-status        /var/log/openvpn/openvpn-status.log
-log-append    /var/log/openvpn/openvpn.log
-
-server       10.8.0.0 255.255.255.0
-server-ipv6  2a01:4f9:2b:20f0:8000::/65
-
-push         "route-ipv6 2000::/3"
-push         "route-ipv6 2a01:4f9:2b:20f0::/64"
-
-push         "block-outside-dns"
-push         "redirect-gateway def1"
-push         "route 192.168.0.0 255.255.255.0"
-push         "dhcp-option DNS 10.8.0.1"
-
-duplicate-cn
-client-to-client
-
-daemon
-auth-nocache
-
-persist-key
-persist-tun
-
-verb          3
-keepalive     20    60
diff --git a/public/fs/etc/openvpn/hostvpn-conf.sh b/public/fs/etc/openvpn/hostvpn-conf.sh
new file mode 100755
index 0000000..1abfb1f
--- /dev/null
+++ b/public/fs/etc/openvpn/hostvpn-conf.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+set -eu
+
+source /root/config/private/config/server.ports
+source /root/config/private/config/hostname
+
+sed -e 's/@vpn_port@/'${vpn_port}'/g'    \
+	-e 's/@hostname@/'${hostname}'/g' \
+	"$1"
diff --git a/public/fs/etc/openvpn/hostvpn.conf.in b/public/fs/etc/openvpn/hostvpn.conf.in
new file mode 100644
index 0000000..a285e12
--- /dev/null
+++ b/public/fs/etc/openvpn/hostvpn.conf.in
@@ -0,0 +1,40 @@
+port         @vpn_port@
+proto        udp
+
+dev          tun0
+topology     subnet
+
+cipher       AES-256-CBC
+
+ca           /etc/easy-rsa/pki/ca.crt
+cert         /etc/easy-rsa/pki/issued/@hostname@.crt
+
+askpass      /srv/webroot/openvpn/@hostname@.pass
+key          /etc/easy-rsa/pki/private/@hostname@.key
+dh           /etc/easy-rsa/pki/dh.pem
+
+status        /var/log/openvpn/openvpn-status.log
+log-append    /var/log/openvpn/openvpn.log
+
+server       10.8.0.0 255.255.255.0
+server-ipv6  2a01:4f9:2b:20f0:8000::/65
+
+push         "route-ipv6 2000::/3"
+push         "route-ipv6 2a01:4f9:2b:20f0::/64"
+
+push         "block-outside-dns"
+push         "redirect-gateway def1"
+push         "route 192.168.0.0 255.255.255.0"
+push         "dhcp-option DNS 10.8.0.1"
+
+duplicate-cn
+client-to-client
+
+daemon
+auth-nocache
+
+persist-key
+persist-tun
+
+verb          3
+keepalive     20    60
-- 
cgit v1.2.3