From 55502b0cde4ef1cd16730d9f96b17c6133fa8a98 Mon Sep 17 00:00:00 2001
From: charleswrayjr <charleswrayjr@gmail.com>
Date: Mon, 8 Sep 2025 20:04:16 -0500
Subject: [PATCH] Cleaning up the revoke client function and starting on the
 create client function in the vpn controller.

---
 src/controllers/vpn.controller.js | 33 +++++++++++++++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/src/controllers/vpn.controller.js b/src/controllers/vpn.controller.js
index a2d4643..25d0127 100644
--- a/src/controllers/vpn.controller.js
+++ b/src/controllers/vpn.controller.js
@@ -56,7 +56,29 @@ module.exports = {
 
     const conn = new Client();
     conn.on( 'ready', () => {
-      const commands = [`cd /etc/openvpn/easy-rsa`, `./easyrsa build-client-full ${ clientName } nopass`, `mkdir -p /etc/openvpn/client-configs`, staticIp ? `echo "ifconfig-push ${ staticIp } 255.255.255.0" > /etc/openvpn/client-configs/${ clientName }.ccd` : 'true', `/usr/share/easy-rsa/pkitool ${ clientName }`, `openssl pkcs12 -export -in pki/issued/${ clientName }.crt -inkey pki/private/${ clientName }.key -certfile pki/ca.crt -out /etc/openvpn/client-configs/${ clientName }.p12 -passout pass:`, `openvpn --genkey --secret /etc/openvpn/client-configs/${ clientName }.tls-auth`, `cat /etc/openvpn/client-template.txt | sed "s/CLIENT_NAME/${ clientName }/" > /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "<ca>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `cat pki/ca.crt >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "</ca>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "<cert>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `cat pki/issued/${ clientName }.crt >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "</cert>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "<key>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `cat pki/private/${ clientName }.key >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "</key>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "<tls-auth>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `cat /etc/openvpn/client-configs/${ clientName }.tls-auth >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `echo "</tls-auth>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`, `cat /etc/openvpn/client-configs/${ clientName }.ovpn`,];
+      const commands = [
+        `cd /etc/openvpn/easy-rsa`,
+        `./easyrsa build-client-full ${ clientName } nopass`,
+        `mkdir -p /etc/openvpn/client-configs`,
+        staticIp ? `echo "ifconfig-push ${ staticIp } 255.255.255.0" > /etc/openvpn/client-configs/${ clientName }.ccd` :
+          'true', `/usr/share/easy-rsa/pkitool ${ clientName }`,
+        `openssl pkcs12 -export -in pki/issued/${ clientName }.crt -inkey pki/private/${ clientName }.key -certfile pki/ca.crt -out /etc/openvpn/client-configs/${ clientName }.p12 -passout pass:`,
+        `openvpn --genkey --secret /etc/openvpn/client-configs/${ clientName }.tls-auth`,
+        `cat /etc/openvpn/client-template.txt | sed "s/CLIENT_NAME/${ clientName }/" > /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "<ca>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `cat pki/ca.crt >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "</ca>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "<cert>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `cat pki/issued/${ clientName }.crt >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "</cert>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "<key>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `cat pki/private/${ clientName }.key >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "</key>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "<tls-auth>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `cat /etc/openvpn/client-configs/${ clientName }.tls-auth >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `echo "</tls-auth>" >> /etc/openvpn/client-configs/${ clientName }.ovpn`,
+        `cat /etc/openvpn/client-configs/${ clientName }.ovpn`,
+      ];
 
       console.log( commands );
       console.log( [...commands].join( ' && ' ) );
@@ -97,7 +119,14 @@ module.exports = {
     const conn = new Client();
     conn.on( 'ready', () => {
       logger.warn('ready')
-      const commands = [`cd /etc/openvpn/easy-rsa`, `./easyrsa revoke ${ clientName }`, `./easyrsa gen-crl`, `cp pki/crl.pem /etc/openvpn/crl.pem`, `rm -f /etc/openvpn/client-configs/${ clientName }.ccd`, `systemctl restart openvpn@server`,];
+      const commands = [
+        `cd /etc/openvpn/easy-rsa`,
+        `./easyrsa --batch revoke ${ clientName }`,
+        `./easyrsa gen-crl`,
+        `cp pki/crl.pem /etc/openvpn/crl.pem`,
+        `rm -rf /home/charles/clients/${ clientName }.ovpn`,
+        `rm -f /etc/openvpn/ccd/${ clientName }`,
+        `sudo systemctl restart openvpn@server`,];
 
       logger.warn( commands );
       logger.warn( [...commands].join( ' && ' ) );
-- 
2.43.0