#!/bin/bash
set -e

if [[ $EUID -ne 0 ]]; then
  echo "Run as root"
  exit 1
fi

SERVER_CONF="/etc/openvpn/server/server.conf"

read -p "New VPN subnet (e.g. 10.9.0.0): " NEW_SUBNET
read -p "New VPN mask (e.g. 255.255.255.0): " NEW_MASK

sed -i "s/^server .*/server $NEW_SUBNET $NEW_MASK/" $SERVER_CONF

#iptables -t nat -F
#iptables -t nat -A POSTROUTING -s $NEW_SUBNET/24 -o eth0 -j MASQUERADE
#iptables-save > /etc/iptables/rules.v4

systemctl restart openvpn-server@server

echo "[+] VPN subnet updated to $NEW_SUBNET $NEW_MASK"
