#!/bin/bash

SCRIPT_NAME=`basename $0`
OPENVPN_CLIENT=$1

if [ -z "$OPENVPN_CLIENT" ]; then
  echo "Usage : $SCRIPT_NAME client_name"
  exit 1
fi

source /etc/openvpn/easy-rsa/vars

CLIENT_KNOWN="0"

for KNOWN_CLIENT in $OPENVPN_CLIENTS; do
  [[ $KNOWN_CLIENT = $OPENVPN_CLIENT ]] && CLIENT_KNOWN="1"
done

if [[ $CLIENT_KNOWN = "0" ]]; then
  # OPENVPN_CLIENT is not known. We add it to the list
  sed -i -e "s/^export OPENVPN_CLIENTS=\"\(.*\)\"/export OPENVPN_CLIENTS=\"\1 $OPENVPN_CLIENT\"/" \
      /etc/openvpn/easy-rsa/vars

  # We create the key for the new client.
  export KEY_COMMONNAME="$OPENVPN_CLIENT.client.$OPENVPN_SERVER";
  /etc/openvpn/easy-rsa/build-key $OPENVPN_CLIENT;
else
  echo "Error : client '$OPENVPN_CLIENT' is already known."
fi