#!/bin/sh

client=$1

if [ x$client = x ]; then
    echo "Usage: $0 clientname"
    exit 1
fi

easyrsa_dir="/etc/openvpn/easy-rsa"

cd $easyrsa_dir

. ./vars
./clean-all

cp ca.key keys
cp ca.crt keys

./pkitool $client

# copy template .ovpn
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "keys/$client.ovpn"
# make changes
sed -i.bak s/my-server-1/hulk.dinohensen.nl/g "keys/$client.ovpn"

# TODO: this is not needed for windows clients
sed -i.bak 's/;user nobody/user nobody/g' "keys/$client.ovpn"
sed -i.bak 's/;group nogroup/group nobody/g' "keys/$client.ovpn"

sed -i.bak "s/ca ca.crt/#ca ca.crt/g" "keys/$client.ovpn"
sed -i.bak "s/cert client.crt/#cert client.crt/g" "keys/$client.ovpn"
sed -i.bak "s/key client.key/#key client.key/g" "keys/$client.ovpn"

echo "<ca>" >> "keys/$client.ovpn"
cat "keys/ca.crt" >> "keys/$client.ovpn"
echo "</ca>" >> "keys/$client.ovpn"

echo "<cert>" >> "keys/$client.ovpn"
cat "keys/$client.crt" >> "keys/$client.ovpn"
echo "</cert>" >> "keys/$client.ovpn"

echo "<key>" >> "keys/$client.ovpn"
cat "keys/$client.key" >> "keys/$client.ovpn"
echo "</key>" >> "keys/$client.ovpn"

#cat "keys/$client.ovpn"

# put in archive together with ca.crt
tar -zcvf "$client.tar.gz" "keys/$client.crt" "keys/$client.key" keys/ca.crt "keys/$client.ovpn"
# move to my home dir and own it
mv "$client.tar.gz" /home/dhensen/vpn
chown dhensen:dhensen "/home/dhensen/vpn/$client.tar.gz"