#!/bin/bash
if [ $# -ne 3 ]
then
    echo "Usage: mkclient clientname vpn" 1>&2
    exit 1
fi

vpn="${2}"
clientname="${1}-${vpn}"
vpn="vpn_${vpn}"
if [ ! -d "/etc/openvpn/${vpn}" ]
then
    echo "VPN does not exists" 1>&2
    exit 2
fi
if [ $(echo "${clientname}" | grep -c -E "^[a-zA-Z0-9\._\-]+$") != 1 ]
then
    echo "Invalid client name"
    exit 3
fi
cd "/etc/openvpn/${vpn}/easy-rsa/keys"
clientsdir="/etc/openvpn/${vpn}/clients/"
clientdir="$clientsdir${clientname}/"
clientslinkdir="/var/vpn/${vpn}/"
if [ -a "${clientname}.crt" ] || [ -a "${clientname}.csr" ] || [ -a "${clientname}.key" ] || [ -d $clientdir ]
then
    echo "Client ${clientname} already exists or is revoked"
    exit 4
fi

cd ..
source ./vars
KEY_CN="${clientname}" KEY_NAME="${clientname}" ./pkitool ${clientname}
ret=$?
if [ $ret != 0 ]
then
    echo "pkitool exited with code $ret"
    exit 5
fi
cd keys
echo "Copying generated files"
mkdir -p $clientdir
cp "${clientname}.crt" "$clientdir/${clientname}-${vpn}.crt"
cp "${clientname}.key" "$clientdir/${clientname}-${vpn}.key"
echo "Copying ca and ta"
cd "/etc/openvpn/${vpn}"
cp ca.crt "$clientdir/ca-${vpn}.crt"
cp ta.key "$clientdir/ta-${vpn}.key"
echo "Creating client-${vpn}.conf"
cd $clientsdir

sed "s/%%client%%/${clientname}/g" client.conf > "$clientdir/${clientname}.conf"
echo "Creating ${clientname}.tar.bz2"
tar cfj "${clientname}.tar.bz2" "${clientname}/"*
echo "mkclient completed"
exit 0