From aed4ec684bed1e8b1983aad78e39f2523b9379b2 Mon Sep 17 00:00:00 2001
From: binhex <megalith01@gmail.com>
Date: Tue, 4 Jun 2024 12:06:25 +0100
Subject: [PATCH] fix for crl

---
 run/root/start.sh | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/run/root/start.sh b/run/root/start.sh
index 345da6c..56acd60 100755
--- a/run/root/start.sh
+++ b/run/root/start.sh
@@ -92,18 +92,6 @@ else
 
 		if [[ "${VPN_CLIENT}" == "openvpn" ]]; then
 
-			if [[ "${VPN_PROV}" == "pia" ]]; then
-
-				# turn off compression, required to bypass pia crl-verify issue with pia
-				# see https://github.com/binhex/arch-qbittorrentvpn/issues/233
-				sed -i -e 's~^compress~comp-lzo no~g' "${VPN_CONFIG}"
-
-				# remove crl-verify as pia verification has invalid date
-				# see https://github.com/binhex/arch-qbittorrentvpn/issues/233
-				sed -i '/<crl-verify>/,/<\/crl-verify>/d' "${VPN_CONFIG}"
-
-			fi
-
 			echo "[debug] Directory listing of files in /config/openvpn/ as follows" ; ls -al '/config/openvpn'
 			echo "[debug] Contents of OpenVPN config file '${VPN_CONFIG}' as follows..." ; cat "${VPN_CONFIG}"
 
@@ -121,6 +109,23 @@ else
 
 	fi
 
+	# workaround for pia CRL issue
+	if [[ "${VPN_CLIENT}" == "openvpn" ]]; then
+
+		if [[ "${VPN_PROV}" == "pia" ]]; then
+
+			# turn off compression, required to bypass pia crl-verify issue with pia
+			# see https://github.com/binhex/arch-qbittorrentvpn/issues/233
+			sed -i -e 's~^compress~comp-lzo no~g' "${VPN_CONFIG}"
+
+			# remove crl-verify as pia verification has invalid date
+			# see https://github.com/binhex/arch-qbittorrentvpn/issues/233
+			sed -i '/<crl-verify>/,/<\/crl-verify>/d' "${VPN_CONFIG}"
+
+		fi
+
+	fi
+
 	# split comma separated string into list from NAME_SERVERS env variable
 	IFS=',' read -ra name_server_list <<< "${NAME_SERVERS}"