#!/bin/bash -e

fatal() { echo "FATAL: $*" >&2; exit 1; }

usage() {
cat<<EOF
Syntax: $0 client-name
Create an obfuscated URL for downloading the client profile via HTTPS.

EOF
exit 1
}

if [[ "$#" != "1" ]]; then
    usage
fi

client_name=$1

export EASYRSA='/etc/openvpn/easy-rsa'
export EASYRSA_PKI='/etc/openvpn/easy-rsa/keys'

TEMPLATE='/var/www/openvpn/template.html'
PROFILES='/var/www/openvpn/htdocs/profiles'

OVPN_PATH="$EASYRSA_PKI/$client_name.ovpn"
[ -e "$OVPN_PATH" ] || fatal "$OVPN_PATH does not exist"

SERVER_ADDR="$(grep remote "$OVPN_PATH" | awk '{print $2;exit}')"
PROFILE_HASH="$(sha1sum "$OVPN_PATH" | cut -d " " -f 1)"
PROFILE_PATH="$PROFILES/$PROFILE_HASH"

mkdir -p "$PROFILE_PATH"
cp "$OVPN_PATH" "$PROFILE_PATH/"
sed "s|CLIENT_NAME|$client_name|" "$TEMPLATE" > "$PROFILE_PATH/index.html"
chown -R www-data:www-data "$PROFILES"
chmod 440 "$PROFILE_PATH/$client_name.ovpn"

echo "https://$SERVER_ADDR/profiles/$PROFILE_HASH/"

