From cb7297eb881f3b05cb203cf241294142cd279520 Mon Sep 17 00:00:00 2001
From: Tim Bazuin <krageon@gmail.com>
Date: Sat, 3 Aug 2019 13:11:24 +0200
Subject: [PATCH] added a twig template for a server config with an embedded
 certificate and associated code to make it work

---
 src/Handler/Panel/ConfigBuilder/Action.php  | 29 ++++++++++++++++++
 views/etc/openvpn-client-embedded.conf.twig | 34 +++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 views/etc/openvpn-client-embedded.conf.twig

diff --git a/src/Handler/Panel/ConfigBuilder/Action.php b/src/Handler/Panel/ConfigBuilder/Action.php
index 8eaa816..dcd37a3 100644
--- a/src/Handler/Panel/ConfigBuilder/Action.php
+++ b/src/Handler/Panel/ConfigBuilder/Action.php
@@ -26,6 +26,7 @@ class Action extends Session
         if ($cert !== null) {
             $certModel = CertificateQuery::create()->findOneByUserAndName($this->getUser(), $cert);
             $this->addClientCertificateData($zip, $certModel);
+            $this->fillZipWithEmbeddedConfig($zip, $server, $certModel);
 
             $name .= '-' . $certModel->getName() . '.' . $certModel->getSerial();
         }
@@ -52,6 +53,34 @@ class Action extends Session
         $zip->addFromString('ca.crt', file_get_contents($this->getCore()->getBaseDir() . '/storage/ca/ca.crt'));
     }
 
+    /**
+     * @param \ZipArchive $zip
+     * @param Server $server
+     * @param Certificate $cert
+     * @throws \Twig_Error_Loader
+     * @throws \Twig_Error_Runtime
+     * @throws \Twig_Error_Syntax
+     */
+    public function fillZipWithEmbeddedConfig($zip, $server, $cert)
+    {
+        /** @var \Twig_Environment $twig */
+        $twig = $this->get('twig');
+
+        $parameters = [
+            'server' => $server,
+            'crt' => $cert->getCertificate(),
+            'key' => '',
+        ];
+
+        if ($cert->hasPrivateKey()) {
+            $parameters['key'] = $cert->getPrivateKey();
+        }
+
+        $config = $twig->render('etc/openvpn-client-embedded.conf.twig', $parameters);
+
+        $zip->addFromString('server-embedded.conf', $config);
+    }
+
     /**
      * @param Server $server
      * @return string
diff --git a/views/etc/openvpn-client-embedded.conf.twig b/views/etc/openvpn-client-embedded.conf.twig
new file mode 100644
index 0000000..b90deb5
--- /dev/null
+++ b/views/etc/openvpn-client-embedded.conf.twig
@@ -0,0 +1,34 @@
+client
+
+dev zerooo
+dev-type tun
+
+proto {{ server.getProtocol() }}
+
+remote {{ server.getExternalIp() }} {{ server.getPort() }}
+resolv-retry infinite
+nobind
+
+user nobody
+group nogroup
+
+persist-key
+persist-tun
+
+remote-cert-tls server
+
+cipher AES-256-CBC
+
+comp-lzo
+
+<ca>
+{{ ca }}
+</ca>
+
+<cert>
+{{ cert }}
+</cert>
+
+<key>
+{{ key }}
+</key>
\ No newline at end of file