#!/bin/sh
#
openvpn_enable="YES"
openvpn_server="10.254.0.0 255.255.0.0"
openvpn_dev="tun"
openvpn_proto="udp"
openvpn_user="root"
openvpn_group="wheel"
openvpn_route="10.0.0.0 255.0.0.0"
#
#
openvpn_dh="${openvpn_x_root}/dh1024.pem"
openvpn_x_dh="-----BEGIN DH PARAMETERS-----
MIGHAoGBAO3VbaHmuwAc0LOUrUiM4wOI5VZJ7A5tUY6wke+IiYBcZnwgHzHzkaSw
7bVnbRXoz2Ua3g0JMWpqyaoiI+C1610sDtWFWOM4aGuXn7sMj1/Vz36XCv90VL+v
8YRoLVnAE//lNxAEek067/M+SMckhGeTIDBtl0eutFvXEIDoxMv7AgEC
-----END DH PARAMETERS-----"
#
#
openvpn_ca="${openvpn_x_root}/ca.crt"
openvpn_x_ca="-----BEGIN CERTIFICATE-----
MIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQQFADCBjjELMAkGA1UEBhMCQ1ox
FzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxGjAYBgNV
BAoTEUlEQy1zb2Z0d2FyZWhvdXNlMRwwGgYDVQQDExNyMi5jb2wucHJnLm15bmV0
LmN6MRswGQYJKoZIhvcNAQkBFgxwYXNla0BpZGMuY3owHhcNMDUwNjIyMTYzMjUz
WhcNMTUwNjIwMTYzMjUzWjCBjjELMAkGA1UEBhMCQ1oxFzAVBgNVBAgTDkN6ZWNo
IFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxGjAYBgNVBAoTEUlEQy1zb2Z0d2Fy
ZWhvdXNlMRwwGgYDVQQDExNyMi5jb2wucHJnLm15bmV0LmN6MRswGQYJKoZIhvcN
AQkBFgxwYXNla0BpZGMuY3owgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMu4
EChSEdBwc5ntEQ2zJAgSXDYGdd79/PM1qejFmUieevCEmQiqTfhGtVDQKfSE2IGR
Vj90lhKowXNSw5kOdwpa1lYGLH+wX+Q7ITZmw6vQPgTApl5hwkTUpQWu/AO9/ms+
0w9+h2SmsBBswuLPlk0MElvJlLJFe3FsZ2q6QLMfAgMBAAGjge4wgeswHQYDVR0O
BBYEFK8A2OjWYBoZdy4kkRsaqDB46v4XMIG7BgNVHSMEgbMwgbCAFK8A2OjWYBoZ
dy4kkRsaqDB46v4XoYGUpIGRMIGOMQswCQYDVQQGEwJDWjEXMBUGA1UECBMOQ3pl
Y2ggUmVwdWJsaWMxDzANBgNVBAcTBlByYWd1ZTEaMBgGA1UEChMRSURDLXNvZnR3
YXJlaG91c2UxHDAaBgNVBAMTE3IyLmNvbC5wcmcubXluZXQuY3oxGzAZBgkqhkiG
9w0BCQEWDHBhc2VrQGlkYy5jeoIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
BAUAA4GBADKdM5mPq7cVh4Xn11V2G1bboAOqABLmw62JfGMRPQczxa6WFtyebva4
ZsspFVLWyxS6RF1mncJJhU11dg1lIRI0oqh/VP9Z6UtDIOlbHKHVANvHswOgN+IK
hqmsQiwfS7kXJsfrZVYQNdU0rAT1zDeIjRGmwdBj83a7wQalfPTT
-----END CERTIFICATE-----"
#
#
openvpn_x_ca_key_path="${openvpn_x_root}/ca.key"
openvpn_x_ca_key="-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDLuBAoUhHQcHOZ7RENsyQIElw2BnXe/fzzNanoxZlInnrwhJkI
qk34RrVQ0Cn0hNiBkVY/dJYSqMFzUsOZDncKWtZWBix/sF/kOyE2ZsOr0D4EwKZe
YcJE1KUFrvwDvf5rPtMPfodkprAQbMLiz5ZNDBJbyZSyRXtxbGdqukCzHwIDAQAB
AoGAQNepbOwSd4ITiZ8HmpC2m0scxqVvxzaY2ODv4ANlMtQe1YefHj726lu3Qq2/
bPEL6NHV3gTB79Z/HLHvSDxubu/pW6ufY8DGf2TCAE4v2wHpVWmuawGfbd2m6sj2
bHGODDnrVdtBoCqclSIIXC+d6BQ1c7awzRqke7JsNqIYrKECQQDpVvzewh6HtbXg
FVwNypKF2kX035nhqsxzqhaw7NW4RYpliSDoUymM2JmgxPFDZ1Oc/BWG0JEFVub+
Yzuc2zZ9AkEA34CtxYsUoHa7ymmZpU4CJdz0adh69tuJ4/DESUxT3tAf7cOtBVkn
Kvbu713vSi6V2urIS9dgF22nprcmcmDWywJBAIFuqCvkX80FhZJ8JqjbwjUPY5i2
Y4RjGq/aHGYdqVti76bszt0wLC8dgvJD7FRoP2AoEMTMcnUUxGM9pjaW/n0CQBSe
bGmTAR4klgKAZ3pGjhAsKCgznnRzoG704UbZ0cr2bFuk96tMpD5kdXqDsfWoAo8l
pcDJZ8YBibvpnZRjtq0CQHnxdvRqWnY8Nn1jr3GSl38tl+NLshC++zdI0bRqE/i5
A2y4QM7FwpEhbsFMmbMPRBn+jbO8mVHN48aA1e+mPCo=
-----END RSA PRIVATE KEY-----"
#
#
openvpn_cert="${openvpn_x_root}/server.crt"
openvpn_x_cert="Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=CZ, ST=Czech Republic, L=Prague, O=TSGCom, CN=server.site.prg.wibsd.cz/emailAddress=jp@devnull.cz
        Validity
            Not Before: Jun 15 14:10:44 2005 GMT
            Not After : Jun 13 14:10:44 2015 GMT
        Subject: C=CZ, ST=Czech Republic, O=TSGCom, CN=server.site.prg.wibsd.cz/emailAddress=jp@devnull.cz
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:c2:b5:89:21:07:8c:51:84:14:c3:6d:8a:d7:8e:
                    f8:99:98:66:40:9e:97:f9:cb:c1:20:b7:cb:78:de:
                    14:56:c0:c5:39:ea:14:f7:fe:c0:83:d5:58:30:57:
                    b3:61:93:be:44:4f:db:a2:1f:34:92:26:47:77:ae:
                    bd:7d:88:b1:b5:f9:71:42:9b:1d:f0:55:12:e7:65:
                    62:22:9e:7a:ef:32:d2:d2:e0:47:bf:6a:9e:a0:db:
                    f3:b5:f4:1f:d9:38:07:07:90:8a:27:08:cd:ce:f4:
                    85:21:1c:61:a0:66:cd:67:77:ab:f8:71:b0:ad:c1:
                    80:7e:51:c0:eb:bd:e6:f6:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Cert Type: 
                SSL Server
            Netscape Comment: 
                OpenSSL Generated Server Certificate
            X509v3 Subject Key Identifier: 
                C6:A6:C4:C5:2E:8F:55:52:F7:C6:A4:44:51:23:C4:2D:88:00:06:F8
            X509v3 Authority Key Identifier: 
                keyid:6C:6C:6E:91:F1:5C:B4:70:A5:55:5D:8E:8D:B2:84:4E:8A:CF:08:E5
                DirName:/C=CZ/ST=Czech Republic/L=Prague/O=TSGCom/CN=server.site.prg.wibsd.cz/emailAddress=jp@devnull.cz
                serial:00

    Signature Algorithm: md5WithRSAEncryption
        3f:7f:a0:bf:58:00:dc:20:3f:73:9b:60:52:3c:0c:9c:ad:24:
        1b:5d:3b:56:ce:aa:1d:28:8c:0c:9a:9a:ee:27:80:a5:bd:a9:
        ed:fb:c4:44:19:d1:01:47:e7:00:1d:e7:0b:60:59:93:25:00:
        2a:8f:4c:a1:3f:ab:03:68:fc:d8:5a:af:33:53:75:d7:d4:f2:
        d7:be:8f:2f:4b:97:17:8f:fd:c9:05:51:cb:ad:aa:2a:8b:7e:
        81:12:30:3b:de:bb:3e:0e:86:1c:e3:38:20:88:e8:fc:c8:a5:
        a3:3e:ad:7a:4d:f8:08:a0:cd:ec:0c:fe:7e:b0:33:34:a9:8d:
        c9:9e
-----BEGIN CERTIFICATE-----
MIIDnTCCAwagAwIBAgIBATANBgkqhkiG9w0BAQQFADCBhTELMAkGA1UEBhMCQ1ox
FzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxDzANBgNV
BAoTBlRTR0NvbTEdMBsGA1UEAxMUczEub3NhZC5wcmcubXluZXQuY3oxHDAaBgkq
hkiG9w0BCQEWDWpwQGRldm51bGwuY3owHhcNMDUwNjE1MTQxMDQ0WhcNMTUwNjEz
MTQxMDQ0WjB0MQswCQYDVQQGEwJDWjEXMBUGA1UECBMOQ3plY2ggUmVwdWJsaWMx
DzANBgNVBAoTBlRTR0NvbTEdMBsGA1UEAxMUczEub3NhZC5wcmcubXluZXQuY3ox
HDAaBgkqhkiG9w0BCQEWDWpwQGRldm51bGwuY3owgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBAMK1iSEHjFGEFMNtiteO+JmYZkCel/nLwSC3y3jeFFbAxTnqFPf+
wIPVWDBXs2GTvkRP26IfNJImR3euvX2IsbX5cUKbHfBVEudlYiKeeu8y0tLgR79q
nqDb87X0H9k4BweQiicIzc70hSEcYaBmzWd3q/hxsK3BgH5RwOu95vaxAgMBAAGj
ggErMIIBJzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhC
AQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1Ud
DgQWBBTGpsTFLo9VUvfGpERRI8QtiAAG+DCBsgYDVR0jBIGqMIGngBRsbG6R8Vy0
cKVVXY6NsoROis8I5aGBi6SBiDCBhTELMAkGA1UEBhMCQ1oxFzAVBgNVBAgTDkN6
ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxDzANBgNVBAoTBlRTR0NvbTEd
MBsGA1UEAxMUczEub3NhZC5wcmcubXluZXQuY3oxHDAaBgkqhkiG9w0BCQEWDWpw
QGRldm51bGwuY3qCAQAwDQYJKoZIhvcNAQEEBQADgYEAP3+gv1gA3CA/c5tgUjwM
nK0kG107Vs6qHSiMDJqa7ieApb2p7fvERBnRAUfnAB3nC2BZkyUAKo9MoT+rA2j8
2FqvM1N119Ty176PL0uXF4/9yQVRy62qKot+gRIwO967Pg6GHOM4IIjo/Miloz6t
ek34CKDN7Az+frAzNKmNyZ4=
-----END CERTIFICATE-----"
#
#
openvpn_key="${openvpn_x_root}/server.key"
openvpn_x_key="-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDCtYkhB4xRhBTDbYrXjviZmGZAnpf5y8Egt8t43hRWwMU56hT3
/sCD1VgwV7Nhk75ET9uiHzSSJkd3rr19iLG1+XFCmx3wVRLnZWIinnrvMtLS4Ee/
ap6g2/O19B/ZOAcHkIonCM3O9IUhHGGgZs1nd6v4cbCtwYB+UcDrveb2sQIDAQAB
AoGATn2F2RXE3/uBr0JSbREKcEh6N+R22VDk+r58vK2xv0MYfn85krtUehCf62T/
P/+h/MHAhTtVIvFhcAK2Cov3LvIFB2K/rtXKc65IGZ6z/1ULIrS+JCKgVW7PKsBz
TOa7xOCKdQzMaEa5cctU/qdV4Cq22Z2TGYRrhQYJfYeFEu0CQQD8/aY9GJaX8WI+
eG0+wVycdkfIb6lAG6e4UntVmxshS8QPw4yLEwDUltwLBrPNCd35BmJOYhz48xTT
tJ2DKOm/AkEAxQZrhav0ZW8GnOj+DQFOq3Y27VDw/1uGT7Qq4G3rT8oVXa9haiHR
nKJODXY7E6OzWYstlCjLBmJHEXAHj2rbjwJBAK0HcmZA5eZ/wljFlrogF44vW4Mb
0580Cu8HArGXBuQr5Kl/biVEVwIPN+oWqGyovfduxVekxPoDjxAIbN5i4hMCQF90
H82QJISsCJEmlEaqtnl9eVj6WPfuWKDu0cMPnex3JGjSGij4H3x6acQ93ptCORcN
xdQ8+zepj3LUSuVhyOMCQAt6Oiw+VhDWjLN/6so6iWzB4WxPjc4zGBUvwMAJ98Bc
FVqf5DaODqMylKc/LD9ELLYpJchS+0hgu/tRMcCWTWo=
-----END RSA PRIVATE KEY-----"
#
#
openvpn_x_ccd_clients="your_box"
openvpn_x_ccd_client_your_box="some_fully_qualified_hostname"
openvpn_x_ccd_client_your_box_iroute="10.10.12.0 255.255.255.0"