From 2eda8a8f21608d59bfc8125664e06c9f3346a0c2 Mon Sep 17 00:00:00 2001
From: Bill Monkman <bmonkman@gmail.com>
Date: Mon, 21 Sep 2020 15:01:00 -0700
Subject: [PATCH 1/3] Small fix to vpn output - carriage return was messing up
 the formatting

---
 templates/scripts/add-vpn-user.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/scripts/add-vpn-user.sh b/templates/scripts/add-vpn-user.sh
index e23d9dd..bb4ae81 100755
--- a/templates/scripts/add-vpn-user.sh
+++ b/templates/scripts/add-vpn-user.sh
@@ -21,7 +21,7 @@ read name
 # collect keys
 server_public_key=$($EXEC "cat /etc/wireguard/privatekey | wg pubkey")
 client_private_key=$($EXEC "wg genkey")
-client_public_key=$($EXEC "echo -n $client_private_key | wg pubkey")
+client_public_key=$($EXEC "echo -n $client_private_key | wg pubkey | tr -d \"\r\n\f\"")
 
 # get next available IP
 existing_ips=$($EXEC "cat /etc/wireguard/wg0.conf | grep AllowedIPs| cut -d\" \" -f3 | cut -d\"/\" -f1 | sort")
@@ -45,7 +45,7 @@ echo
 echo "Please modify kubernetes/terraform/environments/<env>/main.tf and append the following line to var.vpn_client_publickeys."
 echo "Then apply the terraform, or ask an administrator to."
 echo
-printf '    ["%s", "%s", "%s"]' "$name" "$next_ip/32" "$client_public_key"
+printf '    ["%s", "%s", "%s"],' "$name" "$next_ip/32" "$client_public_key"
 echo
 echo "After this is done you should be able to open the wireguard client and activate the tunnel."
 echo "You can download the client at https://www.wireguard.com/install/"

From 6540d392d967c9ff9ac7fac962d1057b798664c3 Mon Sep 17 00:00:00 2001
From: Bill Monkman <bmonkman@gmail.com>
Date: Tue, 22 Sep 2020 15:05:08 -0700
Subject: [PATCH 2/3] Don't strip newlines from ip list

---
 templates/scripts/add-vpn-user.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/scripts/add-vpn-user.sh b/templates/scripts/add-vpn-user.sh
index bb4ae81..c98a507 100755
--- a/templates/scripts/add-vpn-user.sh
+++ b/templates/scripts/add-vpn-user.sh
@@ -25,7 +25,7 @@ client_public_key=$($EXEC "echo -n $client_private_key | wg pubkey | tr -d \"\r\
 
 # get next available IP
 existing_ips=$($EXEC "cat /etc/wireguard/wg0.conf | grep AllowedIPs| cut -d\" \" -f3 | cut -d\"/\" -f1 | sort")
-last_ip=$(echo "$existing_ips" | tr -cd "[:alnum:]." | tail -1)
+last_ip=$(echo "$existing_ips" | tr -cd "[:alnum:].\n" | tail -1)
 next_ip=$last_ip
 while [[ "$existing_ips" =~ "$next_ip" ]]; do
   next_ip=${next_ip%.*}.$((${next_ip##*.}+1))

From d447261aa53e2b23aaee1746792d15d0bf30f6ec Mon Sep 17 00:00:00 2001
From: David Cheung <davidcheung@live.ca>
Date: Tue, 22 Sep 2020 18:09:31 -0400
Subject: [PATCH 3/3] hashing vpn server_conf as deployment version

---
 templates/kubernetes/terraform/modules/kubernetes/vpn.tf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/kubernetes/terraform/modules/kubernetes/vpn.tf b/templates/kubernetes/terraform/modules/kubernetes/vpn.tf
index 079547b..11adef7 100644
--- a/templates/kubernetes/terraform/modules/kubernetes/vpn.tf
+++ b/templates/kubernetes/terraform/modules/kubernetes/vpn.tf
@@ -137,6 +137,8 @@ resource "kubernetes_deployment" "wireguard" {
       metadata {
         labels = {
           app = "wireguard"
+          # this hash is to update the deployment whenever configmap is updated with new users
+          configmap_version = sha1(data.template_file.vpn_server_conf.rendered)
         }
       }