From 75e7859f65c99aa04810ac978a19a2541dbd780d Mon Sep 17 00:00:00 2001
From: Brian Zalewski <brian@megabyte.space>
Date: Fri, 31 Mar 2023 06:03:34 +0000
Subject: [PATCH] Update file run_onchange_after_24-vpn-darwin.tmpl

---
 .../run_onchange_after_24-vpn-darwin.tmpl     | 30 +++++++++++++++----
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/home/.chezmoiscripts/universal/run_onchange_after_24-vpn-darwin.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_24-vpn-darwin.tmpl
index 9c43e407..fa1ccb69 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_24-vpn-darwin.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_24-vpn-darwin.tmpl
@@ -1,13 +1,31 @@
 {{- if (eq .host.distro.family "darwin") -}}
 #!/usr/bin/env bash
+# @file home/.chezmoiscripts/universal/run_onchange_after_26-vpn-darwin.sh.tmpl
+# @brief Installs WireGuard VPN profiles on macOS devices
+# @description
+#     This script installs WireGuard VPN profiles on macOS. It scans `${XDG_CONFIG_HOME:-$HOME/.config}/vpn` for all the `*.conf` files
+#     and then copies those profiles to `/etc/wireguard`. It also performs a couple preparation tasks like ensuring the target
+#     WireGuard system configuration file directory exists and is assigned the proper permissions.
+#
+#     ## Creating VPN Profiles
+#
+#     More details on embedding your VPN profiles into your Install Doctor fork can be found by reading the [Secrets documentation](https://install.doctor/docs/customization/secrets#vpn-profiles).
+#
+#     ## TODO
+#
+#     * Populate Tunnelblick on macOS using the VPN profiles located in `${XDG_CONFIG_HOME:-$HOME/.config}/vpn`
+#     * For the Tunnelblick integration, ensure the username / password is populated from the `OVPN_USERNAME` and `OVPN_PASSWORD` variables
+#
+#     ## Links
+#
+#     * [`run_onchange_after_24-vpn-darwin.sh.tmpl`](https://github.com/megabyte-labs/install.doctor/blob/master/home/.chezmoiscripts/universal/run_onchange_after_24-vpn-darwin.sh.tmpl)
+#     * [VPN profile folder](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_config/vpn)
+#     * [VPN profile documentation](https://install.doctor/docs/customization/secrets#vpn-profiles)
 
 {{ includeTemplate "universal/profile" }}
 {{ includeTemplate "universal/logg" }}
 
-# TODO - Populate Tunnelblick on macOS using the .ovpn profiles located in $HOME/.config/vpn
-# along with the secrets for the protonVPN OpenVPN (check vpn-linux.tmpl)
-
-### Backup previous network settings
+# @description Backs up previous network settings to `/Library/Preferences/com.apple.networkextension.plist.old` before applying new VPN profiles
 if [ -f /Library/Preferences/com.apple.networkextension.plist ]; then
     logg info 'Backing up /Library/Preferences/com.apple.networkextension.plist to /Library/Preferences/com.apple.networkextension.plist.old'
     sudo cp -f /Library/Preferences/com.apple.networkextension.plist /Library/Preferences/com.apple.networkextension.plist.old
@@ -15,14 +33,14 @@ else
     logg info 'The /Library/Preferences/com.apple.networkextension.plist file does not exist yet'
 fi
 
-### Ensure /etc/wireguard exists
+# @description Ensures the `/etc/wireguard` directory exists and has the lowest possible permission-level
 if [ ! -d /etc/wireguard ]; then
     logg info 'Creating `/etc/wireguard` since it does not exist yet'
     sudo mkdir -p /etc/wireguard
     sudo chmod 600 /etc/wireguard
 fi
 
-### Add the WireGuard configurations
+# @description Cycles through the `*.conf` files in `${XDG_CONFIG_HOME:-$HOME/.config}/vpn` and adds them to the `/etc/wireguard` folder
 find "${XDG_CONFIG_HOME:-$HOME/.config}/vpn" -mindepth 1 -maxdepth 1 -type f -name "*.conf" | while read WG_CONF; do
     WG_FILE="$(basename "$WG_CONF")"
     logg info 'Adding `'"$WG_FILE"'` to /etc/wireguard'