--- /dev/null
+#!/bin/bash
+
+# usage: I run this script on a timer to correct the dns on wrt for
+# clients where dns is updated dynamically by openvpn, in the case that
+# openvpn crashes or the computer running openvpn crashes.
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*} # directory of this file
+
+while read -r ip host; do
+ found=false
+ is_connected="grep -q "^CLIENT_LIST,$host," /run/openvpn-server/status-server.log"
+ if $is_connected; then continue; fi
+ if ! grep -q "^CLIENT_LIST,$host," /run/openvpn-server/status-server.log; then
+ cd $(mktemp -d); dir=$PWD
+ ssh wrt tar -C /etc -c hosts | tar -x
+ if grep -qFx "$ip $host" hosts; then continue; fi
+ # openvpn udpates its status file every 60 seconds by default
+ if (( $(stat -c%Y hosts) > EPOCHSECONDS + 60 )); then
+ sleep 60
+ if $is_connected; then continue; fi
+ fi
+ ssh root@wrt.b8.nz cedit ovpn-$host <<<"$ip $host" || [[ $? == 1 ]]
+ fi
+done <lan-dns