mastier/Simple script for embedding OpenVPN certificates

## Simple script for embedding OpenVPN certificates
#!/bin/bash

set +e

backup() {
  if [[ -e "$1.backup" ]]; then
    echo "Backup file already exists! Remove if necessary."
    exit 10
  fi
  echo "Creating backup of $1 in $1.backup" >&2
  cp "$1"{,.backup}
}

embed_credential() {
  config_path="$1"
  file_type="$2"
  file_path="$3"
  { echo "###############" ;
    echo "<$file_type>" ;
    grep -zoP '(-----BEGIN)(?s).*(-----END).*(-----)' "$file_path" | tr -d '\0';
    #tr -d '\0' < "$file_path" ;
    echo ;
    echo "</$file_type>" ;} >> "$config_path"
}

embed() {
  config_path="$1"
  if ! grep -E "^(tls-auth|ca|cert|key) " "$config_path" >/dev/null; then
    echo "No certificates to embed!"
    exit 2
  fi

  key_direction="$(grep -E "^tls-auth " "$config_path" | awk '{ print $3;}')"
  echo "key-direction $key_direction" >> "$config_path"

  for ftype in tls-auth ca cert key; do
    file_path="$(grep -E "^$ftype " "$config_path" | awk '{ print $2;}')"
    embed_credential "$config_path" "$ftype" "$file_path"
    sed -i -e "/^$ftype .*$/d" "$config_path"
  done
  echo "Certificates successfully embedded!"
}

remove_default_route() {
  config_path="$1"
  { echo "pull-filter ignore \"redirect-gateway\"";
    echo "pull-filter ignore \"route 0.0.0.0 0.0.0.0\""; } >> "$config_path"
}

main() {
  if [[ ! -f "$1" ]]; then
    echo "ERROR! No such file $1"
    exit 1
  fi
  backup "$1"
  remove_default_route "$1"
  embed "$1"
}

main "$1"
	#!/bin/bash

	set +e

	backup() {
	if [[ -e "$1.backup" ]]; then
	echo "Backup file already exists! Remove if necessary."
	exit 10
	fi
	echo "Creating backup of $1 in $1.backup" >&2
	cp "$1"{,.backup}
	}

	embed_credential() {
	config_path="$1"
	file_type="$2"
	file_path="$3"
	{ echo "###############" ;
	echo "<$file_type>" ;
	grep -zoP '(-----BEGIN)(?s).(-----END).(-----)' "$file_path" \| tr -d '\0';
	#tr -d '\0' < "$file_path" ;
	echo ;
	echo "</$file_type>" ;} >> "$config_path"
	}

	embed() {
	config_path="$1"
	if ! grep -E "^(tls-auth\|ca\|cert\|key) " "$config_path" >/dev/null; then
	echo "No certificates to embed!"
	exit 2
	fi

	key_direction="$(grep -E "^tls-auth " "$config_path" \| awk '{ print $3;}')"
	echo "key-direction $key_direction" >> "$config_path"

	for ftype in tls-auth ca cert key; do
	file_path="$(grep -E "^$ftype " "$config_path" \| awk '{ print $2;}')"
	embed_credential "$config_path" "$ftype" "$file_path"
	sed -i -e "/^$ftype .*$/d" "$config_path"
	done
	echo "Certificates successfully embedded!"
	}

	remove_default_route() {
	config_path="$1"
	{ echo "pull-filter ignore \"redirect-gateway\"";
	echo "pull-filter ignore \"route 0.0.0.0 0.0.0.0\""; } >> "$config_path"
	}

	main() {
	if [[ ! -f "$1" ]]; then
	echo "ERROR! No such file $1"
	exit 1
	fi
	backup "$1"
	remove_default_route "$1"
	embed "$1"
	}

	main "$1"