From 38c57fb3852b21947cfb4c4fbf181d2737f11e72 Mon Sep 17 00:00:00 2001
From: Andrew Klapp <andklapp@null.net>
Date: Mon, 7 May 2018 00:01:24 -0500
Subject: [PATCH] Initial commit.

---
 openvpn-rotate  | 27 +++++++++++++++++++++++++++
 openvpn.service |  9 +++++++++
 2 files changed, 36 insertions(+)
 create mode 100755 openvpn-rotate
 create mode 100644 openvpn.service

diff --git a/openvpn-rotate b/openvpn-rotate
new file mode 100755
index 0000000..499e378
--- /dev/null
+++ b/openvpn-rotate
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+OVPN_DIRECTORY="/etc/openvpn/client/ovpn"
+CURRENT_OVPN_PATH="/etc/openvpn/client/current.ovpn"
+
+# TODO: Investigate better ways to check for rootness. This is just a courtesy message, though.
+#   Non-root users will not be able to do anything with this anyway.
+if [ "$(whoami)" != "root" ]; then
+    echo "This script needs root privileges to interact with the openvpn service."
+    exit
+fi
+
+# TODO: Add the ability to pass arbitrary ovpn files.
+
+# Choose a random VPN configuration inside /etc/openvpn/ovpn
+ovpn_file=$(shuf -n1 -e ${OVPN_DIRECTORY}/*)
+
+# TODO: Check that ovpn_file exists.
+echo "Using OpenVPN configuration $(basename "${ovpn_file}" .ovpn)"
+
+rm "${CURRENT_OVPN_PATH}"
+ln -s "${ovpn_file}" "${CURRENT_OVPN_PATH}"
+
+echo "Restarting OpenVPN service."
+systemctl restart openvpn
+
+# TODO: Add a way to report any errors. Look at systemctl is-active and is-failed.
diff --git a/openvpn.service b/openvpn.service
new file mode 100644
index 0000000..860956c
--- /dev/null
+++ b/openvpn.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=OpenVPN client service
+After=network.target
+
+[Service]
+ExecStart=/bin/openvpn /etc/openvpn/client/current.ovpn
+
+[Install]
+WantedBy=multi-user.target