#!/bin/bash

## Init is run on host
## For now it is run every time the script is launched, but
## it should be launched only once after build.

## Accessible variables are:
## - SERVICE_NAME        Name of current service
## - DOCKER_BASE_IMAGE   Base image from which this service might be built if any
## - SERVICE_DATASTORE           Location on host of the DATASTORE of this service
## - SERVICE_CONFIGSTORE         Location on host of the CONFIGSTORE of this service


set -e

service_def=$(get_compose_service_def "$SERVICE_NAME")

admin_keys=$(echo "$service_def" | shyaml -y get-value options.admin 2>/dev/null) || {
    err "You must specify a ${WHITE}admin${NORMAL} struct to use this service"
    exit 1
}

[ "$(echo "$admin_keys" | shyaml -y get-type 2>/dev/null)" == "struct" ] || {
    err "Invalid value type for ${WHITE}admin${NORMAL}, please provide a struct"
    exit 1
}


rebuild-config() {

    rm -rf "$SERVICE_CONFIGSTORE/etc/rsync/keys/admin"
    mkdir -p "$host_path_key"

    while read-0 ident keys; do
        ident=$(e "$ident" | shyaml get-value)
        if ! [[ "$ident" =~ ^[a-zA-Z0-9._-]+$ ]]; then
            err "Invalid identifier '$ident'," \
                "please use only alphanumerical char, dots, dash or underscores."
            exit 1
        fi
        debug "Setting access keys for ${ident}"
        [ "$(echo "$keys" | shyaml -y get-type 2>/dev/null)" == "sequence" ] || {
            err "Invalid value type for ${WHITE}admin.$ident${NORMAL}, please provide a sequence"
            echo "  Received: '$keys'" >&2
            exit 1
        }

        while read-0 key; do
            echo "command=\"/usr/local/sbin/ssh-admin-cmd-validate \\\"$ident\\\"\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $key"
        done < <(echo "$keys" | shyaml get-values-0) | file_put "$host_path_key/$ident/.ssh/authorized_keys"
    done < <(echo "$admin_keys" | shyaml -y key-values-0)

    e "$control_users" > "$CONTROL_USERS_FILE"

}

local_path_key=/etc/rsync/keys/admin
host_path_key="$SERVICE_CONFIGSTORE${local_path_key}"


CONTROL_USERS_FILE="$SERVICE_DATASTORE/.control-pass"
## Was it already properly propagated to database ?
control_users=$(H "${admin_keys}" "$(declare -f "rebuild-config")")

init-config-add "\
$SERVICE_NAME:
  volumes:
    - $host_path_key:$local_path_key
  labels:
    - compose.config_hash=$control_users
"

if [ -e "$CONTROL_USERS_FILE" ] && [ "$control_users" == "$(cat "$CONTROL_USERS_FILE")" ]; then
    exit 0
fi


rebuild-config