#!/bin/bash
set -e

read -p "➤ Raumnummer (z.B. 225): " RAUM
read -p "➤ PC-Nummer (z.B. 1XX): " PCNUMMER
read -p "➤ Server-IP (z.B. 10.16.225.2XX): " SERVERIP

IP="10.16.$RAUM.$PCNUMMER"
NETMASK="255.0.0.0"
GATEWAY="10.16.1.245"
DNS="10.16.1.253"
INTERFACE="enp0s3"

echo "[+] Setze statische IP-Adresse: $IP"
cp /etc/network/interfaces /etc/network/interfaces.bak

cat <<EOT > /etc/network/interfaces
auto lo
iface lo inet loopback

auto $INTERFACE
iface $INTERFACE inet static
  address $IP/8
  gateway $GATEWAY
EOT

echo "nameserver $DNS" > /etc/resolv.conf

echo "🔁 Jetzt bitte in VirtualBox auf 'Netzwerkbrücke' umstellen!"
read -p "Drücke [Enter], wenn bereit..."

systemctl restart networking

echo "[+] Installiere OpenVPN..."
apt update && apt install -y openvpn

echo "[+] OpenVPN-Verzeichnis anlegen..."
mkdir -p /etc/openvpn

echo "[+] Lade Zertifikate vom Server ($SERVERIP)..."
scp root@$SERVERIP:/etc/openvpn/ca.crt /etc/openvpn/
scp root@$SERVERIP:/root/my_ca/pki/issued/client01.crt /etc/openvpn/
scp root@$SERVERIP:/root/my_ca/pki/private/client01.key /etc/openvpn/

echo "[+] Erstelle OpenVPN-Clientkonfiguration..."
cat > /etc/openvpn/client.conf <<EOF
client
remote $SERVERIP 1194
cipher AES-256-CBC
dev tun
proto udp
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client01.crt
key /etc/openvpn/client01.key
remote-cert-tls server
ping 10
ping-restart 180
ping-timer-rem
EOF

cd /etc/openvpn

echo "[+] Starte OpenVPN-Client..."
openvpn --config /etc/openvpn/client.conf