#!/bin/bash -e

fatal() { echo "FATAL: $@" 1>&2; exit 1; }

usage() {
cat<<EOF
Syntax: $0 client-name
Create an obfuscated URL for downloading the client profile via HTTPS.

EOF
exit 1
}

if [[ "$#" != "1" ]]; then
    usage
fi

client_name=$1

EASY_RSA=/etc/openvpn/easy-rsa
TEMPLATE=/var/www/openvpn/template.html
PROFILES=/var/www/openvpn/htdocs/profiles

source $EASY_RSA/vars
OVPN_PATH=$KEY_DIR/$client_name.ovpn
[ -e $OVPN_PATH ] || fatal "$OVPN_PATH does not exist"

SERVER_ADDR=$(grep remote $OVPN_PATH | awk '{print $2}')
PROFILE_HASH=$(sha1sum $OVPN_PATH | cut -d " " -f 1)
PROFILE_PATH=$PROFILES/$PROFILE_HASH

mkdir -p $PROFILE_PATH
cp $OVPN_PATH $PROFILE_PATH/
sed "s|CLIENT_NAME|$client_name|" $TEMPLATE > $PROFILE_PATH/index.html
chown -R www-data:www-data $PROFILES
chmod 440 $PROFILE_PATH/$client_name.ovpn

echo "URL: https://$SERVER_ADDR/profiles/$PROFILE_HASH/"

