commit ac16941f098de6a86965f3e0322e62f9d57f8405
Author: Lauri Võsandi <lauri@pinecrypt.com>
Date:   Wed Jun 2 15:35:58 2021 +0300

    Initial commit

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..6bdfbc6
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,6 @@
+FROM python:3-alpine
+RUN apk add --update --no-cache openvpn curl bash
+RUN pip install requests
+ADD helpers /helpers
+ADD entrypoint.sh /entrypoint.sh
+ENTRYPOINT /entrypoint.sh
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..9c93827
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+set -x
+CONFIG=/server-secrets/openvpn-$1.conf
+while [ ! -e $CONFIG ]; do
+  sleep 1
+done
+curl -X DELETE http://127.0.0.1:2001/api/by-service/openvpn-$1
+openvpn --config $CONFIG
diff --git a/helpers/client-connect.py b/helpers/client-connect.py
new file mode 100755
index 0000000..c0ebb8e
--- /dev/null
+++ b/helpers/client-connect.py
@@ -0,0 +1,3 @@
+#!/bin/sh
+set -e
+curl -f http://127.0.0.1:2001/api/by-serial/$tls_serial_0
diff --git a/helpers/learn-address.py b/helpers/learn-address.py
new file mode 100755
index 0000000..9ad6437
--- /dev/null
+++ b/helpers/learn-address.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+import os
+import sys
+import requests
+
+# TODO: Replace with curl based script
+
+operation, addr = sys.argv[1:3]
+if operation == "delete":
+    pass
+else:
+    common_name = sys.argv[3]
+    requests.post("http://127.0.0.1:2001/api/by-serial/%d" %
+      int(os.environ["tls_serial_0"]),
+      data={
+        "service": os.environ["service"],
+        "internal_addr": addr,
+        "remote_addr": os.environ["untrusted_ip"],
+        "remote_port": os.environ["untrusted_port"]
+    })