#!/usr/bin/env bash
set -ex
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )

check_username() {
    ( echo $1 | grep -qxE "^[a-z][-a-z0-9_]*\$" ) || return 1
    return 0
}

touch_user() {
    test -n "$1"
    check_username $1 || { echo "Invalid user name $1 !"; exit -1; }
    if id -u $1 1>/dev/null 2>&1; then
        return
    fi
    if ! getent group nasp ; then
        echo "Group 'nasp' does not exist\!"
        exit 1
    fi

    useradd -m --groups nasp $1
    su - $1 -c "true"

    mkdir -p /home2/$1
    chown $1:nasp /home2/$1
}

update_key() {
    tmp_path="/tmp/authorized_keys_$1"
    dest_path="/home/$1/.ssh/authorized_keys"
    dest_dir=$(dirname "$dest_path")

    echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
    for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do
        (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
    done

    if [[ ! -d "$dest_dir" ]]; then
        mkdir -p "$dest_dir"
        chown $1:nasp "$dest_dir"
        chmod 700 "$dest_dir"
    fi
    cat "$tmp_path" > "$dest_path"
    rm "$tmp_path"
    chown $1:nasp "$dest_path"
    chmod 600 "$dest_path"
}

main() {
    if [ -f /etc/os-release ]; then
        . /etc/os-release
        test "$ID" = "nixos" || cp "$THIS_DIR/nasp" "/etc/sudoers.d/nasp"
    fi
    for file in "$THIS_DIR"/../authorized_keys/* ; do
        if [[ ! -d "$file" ]]; then
            continue
        fi
        username=$(basename $file)
        touch_user $username
        update_key $username
    done
}

main