#!/usr/bin/env bash

# klevstul :: 24.04

this_file_name=`basename "$0"`
echo "$this_file_name"

# location of ssh keys
syncdir_env_var=SYNCDIR_${HOSTNAME}
src_ssh_dir=${!syncdir_env_var}/secrets/.ssh
trg_ssh_dir=~/.ssh

echo "\$SYNCDIR_${HOSTNAME}=${!syncdir_env_var}"
echo "src_ssh_dir: ${src_ssh_dir}"

if ! [[ -d ${src_ssh_dir} ]]; then
    echo "error: non-existing directory '${src_ssh_dir}'" >&2; exit 1
fi

if ! [[ -d "$trg_ssh_dir" ]]; then
    echo "creating non-existing target dir '${trg_ssh_dir}'."
    mkdir -p ${trg_ssh_dir}
    chmod 0700 ${trg_ssh_dir}
fi

files=$(shopt -s nullglob dotglob; echo ${trg_ssh_dir}/*.pub)
if (( ${#files} ))
then
    echo "*.pub file(s) already exist in ${trg_ssh_dir}"
else
    echo "deploy .pub file(s)"
    cp ${src_ssh_dir}/*.pub ${trg_ssh_dir}
fi

files=$(shopt -s nullglob dotglob; echo ${trg_ssh_dir}/*.gpg)
if (( ${#files} ))
then
    echo "*.gpg file(s) already exist in ${trg_ssh_dir}"
else
    echo "deploy .gpg file(s)"
    cp ${src_ssh_dir}/*.gpg ${trg_ssh_dir}
fi

echo "do you want to decrypt *.gpg? (y/n)"
read user_input
 
if [[ ${user_input} == "y" ]]; then
     echo "yes"
     echo "please, remember the hint: poq.l2"

    for file in ${src_ssh_dir}/*.gpg; do
        echo "processing '${file}'"

        filename="${file##*/}"                          # get basename
        filename="${filename%.*}"                       # remove extension

        gpg -d ${trg_ssh_dir}/${filename}.gpg > ${trg_ssh_dir}/${filename}
        chmod 0600 ${trg_ssh_dir}/${filename}           # id_rsa can not be accessible by other users
        trash-put ${trg_ssh_dir}/${filename}.gpg
    done

 else
     echo "no worries. you can manually decrypt the file, if needed. example command:"
     echo "gpg -d id_rsa.gpg > id_rsa"
 fi
 
echo "${trg_ssh_dir}:"
ls -al ${trg_ssh_dir}