#!/bin/sh

if [ "$1" != "" ] ; then
    openssl req -new -keyout $1.key -out $1.req -days 3650 -nodes -subj /C=CH/ST=Zurich/L=Zurich/O=ETH\ Zurich/OU=TIQI/CN=$1
    openssl ca -days 3650 -policy policy_anything -out $1.cert -infiles $1.req
    openssl rsa -in $1.key -out $1.key
    
cat <<EOM > $1.ovpn
client
dev tun
proto udp
remote `hostname`.dhcp.phys.ethz.ch 1194
dhcp-option DNS `ip addr show eth1 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1`
float
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
keepalive 10 900
inactive 3600
auth-user-pass
<ca>
EOM
    
    cat ./demoCA/cacert.pem >> $1.ovpn
    echo '</ca>' >> $1.ovpn
    echo '<cert>' >> $1.ovpn
    cat $1.cert >> $1.ovpn
    echo '</cert>' >> $1.ovpn
    echo '<key>' >> $1.ovpn
    cat $1.key >> $1.ovpn
    echo '</key>' >> $1.ovpn
    
    rm $1.key
    rm $1.cert
    rm $1.req
else
    echo "Please supply an argument"
fi