#!/usr/bin/env bash
PROJECT_PATH=$(dirname $0)

# Always copy newest version to bin
mkdir -p $HOME/bin
cp $PROJECT_PATH/script/myssh $HOME/bin/myssh

# Detect Shell Init Path
if [[ $SHELL =~ bin/bash$ ]]
then
    RC_FILE=.bashrc
elif [[ $SHELL =~ bin/zsh$ ]]
then
    RC_FILE=.zshrc
fi

grep -qe '^PATH=$PATH:$HOME/bin$' $HOME/$RC_FILE 2> /dev/null
if [ ! -z $HOME/$RC_FILE ] && [[ ! $PATH =~ $HOME/bin ]] && [ $? -ne 0 ]
then
        echo -e 'PATH=$PATH:$HOME/bin' >> $HOME/$RC_FILE
fi

if [ ! -f $PROJECT_PATH/etc/ssh/ssh_host_ed25519_key ]
then
    echo "Generating sqlproxy SSHD keys"
    ssh-keygen -f $PROJECT_PATH -A
fi

read -r -p "Auto generate client keys+config? [Y/n] " GEN_KEYS
case $GEN_KEYS in
    [yY]*)
        mkdir -p $HOME/.ssh
        read -r -p "Key Name (will not be overridden if it already exists in ~/.ssh): " KEY_NAME
        # Only add key if it does not already exist
        if [ ! -f $HOME/.ssh/$KEY_NAME.key ]
        then
            ssh-keygen -t ed25519 -f $HOME/.ssh/$KEY_NAME.key -C "$(date --iso-8601)_$(whoami)@$HOSTNAME"
        fi
        read -r -p "Target Host: " HOST_NAME
        # Check if there is an entry for $HOST_NAME in the users ssh config
        grep -qe "^Host $HOST_NAME$" $HOME/.ssh/config
        if [ $? -ne 0 ]
        then
            echo -ne "\nHost $HOST_NAME\n  Port 3022\n  User sqlproxy\n  IdentityFile ~/.ssh/$KEY_NAME.key" >> $HOME/.ssh/config
        fi
        # Fix permssions if necessary
        if [[ ! -w $PROJECT_PATH/etc/ssh/.ssh ]] || [[ ! $PROJECT_PATH/etc/ssh/.ssh/authorized_keys ]]
        then
            WHOAMI=$(id -un)
            echo -e "Missing file permissions for authorized key file\nrunning: 'sudo chown -R $WHOAMI:$WHOAMI $PROJECT_PATH'"
            sudo chown -R $WHOAMI:$WHOAMI $PROJECT_PATH
        fi
        # Check if public key is already in the containers authorized_keys file
        grep -qe "$(cat $HOME/.ssh/$KEY_NAME.key.pub)$" $PROJECT_PATH/etc/ssh/.ssh/authorized_keys
        if [ $? -ne 0 ]
        then
            echo -e command=\"/sqlproxy_cli.sh\" $(cat $HOME/.ssh/$KEY_NAME.key.pub) >> $PROJECT_PATH/etc/ssh/.ssh/authorized_keys
        fi
        # Restart sshd if permissions were changed
        if [ ! -z $WHOAMI ]
        then
            docker compose --project-directory $PROJECT_PATH -f $PROJECT_PATH/docker-compose.yml -f $PROJECT_PATH/docker-compose-sqlproxy.yml restart sshd
        fi;;
       *) echo -e "Not generating client ssh key.\nPlease put your desired public keys into $PROJECT_PATH/etc/ssh/.ssh/authorized_keys\nAlso add 'command=\"/sqlproxy_cli.sh\" ' in front of your key";;
esac