#! /usr/bin/env sh
if [ $# -ne 1 ]
then
    echo "Usage: $0 vpnname" 1>&2
    exit 1
fi

vpn="vpn_$1"
ovpndir="/etc/openvpn"
ovpndirconf="${ovpndir}/${vpn}"
webdir="/var/vpn/${vpn}"
if [ -d "${ovpndirconf}" ] || [ -d "${webdir}" ]
then
    echo "VPN already exists" 1>&2
    exit 2
fi
echo "Creating OpenVPN configuration"
cd "${ovpndir}"
echo -n "VPN port: "
read vpnport
echo -n "VPN IP range: "
read vpniprange
sed "s/%%VPNNAME%%/${vpn}/g" sampleconf > "${vpn}.conf"
sed "s/%%VPNPORT%%/${vpnport}/g" -i "${vpn}.conf"
sed "s/%%VPNIPRANGE%%/${vpniprange}/g" -i "${vpn}.conf"
cp -r sampleconfdir "${ovpndirconf}"
cd "${ovpndirconf}"
sed "s/%%VPNNAME%%/${vpn}/g" -i clients/client.conf
sed "s/%%VPNPORT%%/${vpnport}/g" -i clients/client.conf
cd "easy-rsa"
editor vars
. ./vars
export KEY_OU="${KEY_ORG}"
export KEY_CN="${KEY_ORG}"
export KEY_NAME="${KEY_ORG}"
./clean-all
./build-ca
./build-key-server server
./build-dh
openssl ca -gencrl -keyfile keys/ca.key -cert keys/ca.crt -out keys/crl.pem -config openssl.cnf
unset KEY_OU
unset KEY_CN
unset KEY_NAME
chmod 710 keys
cd keys
openvpn --genkey --secret ta.key
cp dh*.pem ../../
cp ca.crt ../../
cp ta.key ../../
cp server.crt ../../
cp server.key ../../
cd "${ovpndir}"
chown -R root:ovpn-manager "${vpn}" "${vpn}.conf"

echo "Creating web configuration"
mkdir "${webdir}"
cd "${webdir}"
echo "AuthUserFile ${webdir}/.htpasswd" >> .htaccess
echo "AuthType Basic" >> .htaccess
echo "AuthName \"${vpn}\"" >> .htaccess
echo "Require user ovpn-root" >> .htaccess
cp ../.htpasswd .