infra-docs-fpo/modules/howtos/pages/generate_openvpn_keys.adoc

= How to generate private key and certificate for OpenVPN client

Doing this requires membership in `sysadmin-main` FAS group.

All the following commands should be ran on one of batcave hosts.

Clone `ansible-private` repo:

----
git clone /srv/git/ansible-private
----

Change into `files/vpn` subdirectory in cloned repo:

----
cd ansible-private/files/vpn
----

Run `addhost.sh` script to generate keys and cert, eg.:

----
./addhost.sh proxy33.fedoraproject.org
----

Add generated files to git index, commit, push:

----
git status
git add .
git commit -a -m "Add VPN key/cert for proxy33.fedoraproject.org"
git show
git push
----
Migrate howto repository to infra docs It doesn't make much sense to have separate guides outside infra documentation. So let's migrate https://pagure.io/fedora-infra/howtos to infra docs. Signed-off-by: Michal Konecny <mkonecny@redhat.com> 2023-09-05 17:09:58 +02:00			`= How to generate private key and certificate for OpenVPN client`

			Doing this requires membership in `sysadmin-main` FAS group.

			`All the following commands should be ran on one of batcave hosts.`

			Clone `ansible-private` repo:

			`----`
			`git clone /srv/git/ansible-private`
			`----`

			Change into `files/vpn` subdirectory in cloned repo:

			`----`
			`cd ansible-private/files/vpn`
			`----`

			Run `addhost.sh` script to generate keys and cert, eg.:

			`----`
			`./addhost.sh proxy33.fedoraproject.org`
			`----`

			`Add generated files to git index, commit, push:`

			`----`
			`git status`
			`git add .`
			`git commit -a -m "Add VPN key/cert for proxy33.fedoraproject.org"`
			`git show`
			`git push`
			`----`