howtos/generate_openvpn_keys.md

# How to generate private key and certificate for OpenVPN client

Doing this requires membership in sysadmin-main FAS group.

All the following commands should be ran on one of batcave hosts.

Clone `ansible-private` repo:

    git clone /srv/git/ansible-private

Change into `files/vpn` subdirectory in cloned repo:

    cd ansible-private/files/vpn

Run `addhost.sh` script to generate keys and cert, eg.:

    ./addhost.sh proxy33.fedoraproject.org

Add generated files to git index, commit, push:

    git status
    git add .
    git commit -a -m "Add VPN key/cert for proxy33.fedoraproject.org"
    git show
    git push
Document generating VPN keys 2020-07-31 13:44:25 +02:00			`# How to generate private key and certificate for OpenVPN client`

			`Doing this requires membership in sysadmin-main FAS group.`

			`All the following commands should be ran on one of batcave hosts.`

			Clone `ansible-private` repo:

			`git clone /srv/git/ansible-private`

			Change into `files/vpn` subdirectory in cloned repo:

			`cd ansible-private/files/vpn`

			Run `addhost.sh` script to generate keys and cert, eg.:

			`./addhost.sh proxy33.fedoraproject.org`

			`Add generated files to git index, commit, push:`

			`git status`
Simplify how to add vpn key/cert: commit all the files to git Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr> 2020-08-04 16:12:31 +02:00			`git add .`
Document generating VPN keys 2020-07-31 13:44:25 +02:00			`git commit -a -m "Add VPN key/cert for proxy33.fedoraproject.org"`
			`git show`
			`git push`