#!/bin/sh
set -ex

if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
    if [ -f "$ROOT_AUTHORIZED_KEYS" ]; then
        mkdir -p /root/.ssh
        cp "$ROOT_AUTHORIZED_KEYS" /root/.ssh/authorized_keys
        chmod 600 /root/.ssh/authorized_keys
    fi
fi

if [ -z "$BASE_DIR" ]; then
    BASE_DIR="/home"
fi

if [ ! -d "$BASE_DIR" ]; then
    echo "BASE_DIR $BASE_DIR does not exist, creating..."
    mkdir -p $BASE_DIR
fi

# GROUPADD="group1:1000;group2:1001;group3:1002"
i=""
while [ "$GROUPADD" != "$i" ] ;do
    i=${GROUPADD%%;*}
    GROUPADD="${GROUPADD#$i;}"

    GROUP_NAME=${i%%:*}
    GROUP_GID="${i#$GROUP_NAME:}"

    groupadd --gid "$GROUP_GID" "$GROUP_NAME"
done

# USERADD="user1:1000:1000:/bin/bash;user2:1001:1000:/bin/sh;user3:1002:1002:/bin/sh"
i=""
j=""
while [ "$USERADD" != "$i" ] ;do
    i=${USERADD%%;*}
    USERADD="${USERADD#$i;}"

    USER_NAME=${i%%:*}
    j="${i#$USER_NAME:}"
    USER_UID="${j%%:*}"
    j="${j#$USER_UID:}"
    USER_GID="${j%%:*}"
    j="${j#$USER_GID:}"
    USER_SHELL=$j

    useradd --home-dir "$BASE_DIR/$USER_NAME" --shell "$USER_SHELL" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
    echo "$USER_NAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/$USER_NAME"
done

# HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
i=""
if [ -n "$HOSTKEYS" ]; then
    while [ "$HOSTKEYS" != "$i" ]; do
        i=${HOSTKEYS%%;*}
        HOSTKEYS="${HOSTKEYS#$i;}"

        if [ ! -e "$i" ]; then
            echo "Could not read $i, file is missing"
            continue
        else
            echo "Configuring HostKey $i"
        fi

        FILENAME=$(basename "$i")
        if [ ! -e "/etc/ssh/$FILENAME" ]; then
            install -m 0600 "$i" "/etc/ssh/$FILENAME"
            ssh-keygen -y -f "$i" > "/etc/ssh/$FILENAME.pub"
            ssh-keygen -l -f "/etc/ssh/$FILENAME.pub"
        fi

        if ! grep "^HostKey /etc/ssh/$FILENAME" /etc/ssh/sshd_config; then
            echo "HostKey /etc/ssh/$FILENAME" >> /etc/ssh/sshd_config
        fi
    done
fi

if [ -z "$(find /etc/ssh/ -maxdepth 1 -name 'ssh_host_*_key' -print -quit)" ]; then
    echo "Creating SSH2 ED25519 key; this may take some time ..."
    ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
    ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub
    echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
fi

touch /var/tmp/jumpbox.done