#!/bin/bash
#
# Compile configuration.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License along with this program.  If not, see
# <http://www.gnu.org/licenses/>.

# Load
source $APP_BASE/lib/hydra/functions || exit 1
hydra_config_load

# Config
CONFIG="$HYDRA_FOLDER/puppet/config/compiled.yaml"
NODES="`hydra $HYDRA nodes`"
FACTS="$HYDRA_FOLDER/puppet/config/facts"
KEYS="$HYDRA_FOLDER/keyring/keys/nodes"

echo "Starting a fresh compiled config..."
mkdir -p "`dirname $CONFIG`"
echo "---"                                                           > $CONFIG
echo "#"                                                            >> $CONFIG
echo "# Compiled configuration."                                    >> $CONFIG
echo "# Do not edit this file. Use 'hydra $HYDRA compile' instead." >> $CONFIG
echo "#"                                                            >> $CONFIG

# Per-node configuration
for node in $NODES; do
  # SSH public keys
  if [ -e "$KEYS/$node/ssh/id_rsa.pub.asc" ]; then
    echo "Adding SSH public key for $node..."
    key="ssh_authorized_key::$node"
    value="$(keyringer $HYDRA decrypt nodes/$node/ssh/id_rsa.pub 2> /dev/null | cut -d ' ' -f 2)"
    echo "$key: '$value'" >> $CONFIG
  fi
done

echo "Compiling data from collected facts..."

# SSH known_hosts
echo "sshkeys:" >> $CONFIG

for node in $NODES; do
  if [ -e "$FACTS/${node}.yaml" ]; then
    rsakey="$(grep sshrsakey: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')"
    sshed25519key="$(grep sshed25519key: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')"
    sshecdsakey="$(grep sshecdsakey: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')"

    if [ ! -z "$rsakey" ]; then
      #echo "  $node-rsa:"                      >> $CONFIG
      echo "  $node:"                          >> $CONFIG
      #echo "    name  : '$node'"               >> $CONFIG
      echo "    ensure: 'present'"             >> $CONFIG
      echo "    type  : 'ssh-rsa'"             >> $CONFIG
      echo "    key   : '$rsakey'"             >> $CONFIG
    fi

    # See [PUP-6589] Resource Type sshkey doesn't allow the declaration of multiple SSH host keys for one host
    # https://tickets.puppetlabs.com/browse/PUP-6589
    #if [ ! -z "$sshed25519key" ]; then
    #  echo "  $node-sshed25519key:"            >> $CONFIG
    #  echo "    name  : '$node'"               >> $CONFIG
    #  echo "    ensure: 'present'"             >> $CONFIG
    #  echo "    type  : 'ssh-ed25519'"         >> $CONFIG
    #  echo "    key   : '$sshed25519key'"      >> $CONFIG
    #fi

    #if [ ! -z "$sshecdsakey" ]; then
    #  echo "  $node-sshecdsakey:"              >> $CONFIG
    #  echo "    name  : '$node'"               >> $CONFIG
    #  echo "    ensure: 'present'"             >> $CONFIG
    #  echo "    type  : 'ecdsa-sha2-nistp256'" >> $CONFIG
    #  echo "    key   : '$sshecdsakey'"        >> $CONFIG
    #fi
  fi
done