From b4b9b936e0977e7fa63da7d65108c28dfcaf4e65 Mon Sep 17 00:00:00 2001
From: Kris Lamoureux <kris@lamoureux.io>
Date: Mon, 9 Mar 2026 20:21:53 -0400
Subject: [PATCH] testing

---
 piawg.sh | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/piawg.sh b/piawg.sh
index 9004e42..d69b6b8 100755
--- a/piawg.sh
+++ b/piawg.sh
@@ -421,3 +421,21 @@ else
 		fi
 	fi
 fi
+
+# Optional: port forward
+if conf_reply="$(bao_curl "$BAO_KV_MOUNT/data/$BAO_PATH_CONFIG")"; then
+	debug -f "Check for port_forward value in OpenBao ($BAO_PATH_CONFIG)\n%s" \
+		"$(printf '%s' "$conf_reply" | jq .)"
+	port_forward="$(printf '%s' "$conf_reply" | jq -r '.data.data.port_forward')"
+	if [ "$port_forward" = "true" ]; then
+		server_cn="$(printf '%s' "$conf_reply" | jq -r '.data.data.server_cn')"
+		server_vip="$(printf '%s' "$conf_reply" | jq -r '.data.data.server_vip')"
+		if ! pf_sig_reply="$(_curl -G --cacert ./ca.rsa.4096.crt \
+			--resolve "$server_cn:19999:$server_vip" \
+			--data-urlencode "token=$pia_token" \
+			"https://$server_cn:19999/getSignature")"; then
+			err "Failed to connect to https://$server_cn:19999/getSignature"
+		fi
+		debug -f "getSignature\n%s" "$(printf '%s' "$pf_sig_reply" | jq .)"
+	fi
+fi