#!/usr/bin/env bash

HOME=${1:-/etc/skel}
LOCAL_USER_EMAIL=cyteen@ring-zero.co.uk
KEY_SCRIPTS_DIR="/tmp/gen_ssh_keys"

mkdir -p "${KEY_SCRIPTS_DIR}"


# Define an array of SSH key names
ssh_keys=("id_rsa" "devuan_rsa" "debian_rsa" "github_rsa" "gitlab_rsa" "gitea_rsa")


# conf_print_resolvconf() {
# 	cat <<-EOF
# 	EOF
# }
# conf_print_hostname | sudo tee $strapdir/etc/resolvconf >/dev/null

# Configure ohmyzsh to look for specific keys dynamically
cat <<-FOE | tee "${KEY_SCRIPTS_DIR}"/set-zstyle.sh >/dev/null
	#!/bin/bash
	cat <<-EOF | tee -a "${HOME}"/.zshrc.pre-plugins.d/001_ssh-agent >/dev/null
	    zstyle :omz:plugins:ssh-agent identities $(printf "%s " "${ssh_keys[@]}")
	EOF
FOE

# Generate SSH keys script
cat <<-EOF | tee "${KEY_SCRIPTS_DIR}"/generate-ssh-key.sh >/dev/null
	#!/bin/bash
	LOCAL_USER_EMAIL=${LOCAL_USER_EMAIL}
	HOME=${HOME}
	for key in ${ssh_keys[@]}; do
	    ssh-keygen -t rsa -b 4096 -N '' -C "\$LOCAL_USER_EMAIL" -f "\$HOME/.ssh/\$key"
	done
EOF

# Add keys to ssh-agent script
cat <<-EOF | tee "${KEY_SCRIPTS_DIR}"/ssh-key-add.sh >/dev/null
	#!/bin/bash
	HOME=${HOME}
	eval "\$(ssh-agent -s)"
	for key in ${ssh_keys[@]}; do
	    ssh-add "\$HOME/.ssh/\$key"
	done
EOF

# Set permissions for SSH keys and directories script
cat <<-EOF | tee "${KEY_SCRIPTS_DIR}"/ssh-key-permissions.sh >/dev/null
	#!/bin/bash
	HOME=${HOME}
	chmod 700 "\$HOME/.ssh"
	chmod 644 "\$HOME/.ssh/authorized_keys"
	chmod 644 "\$HOME/.ssh/known_hosts"
	chmod 644 "\$HOME/.ssh/config"

	for key in ${ssh_keys[@]}; do
	    chmod 600 "\$HOME/.ssh/\$key"
	    chmod 644 "\$HOME/.ssh/\${key}.pub"
	done
EOF

# Configure preferred keys for each host script
cat <<-EOF | tee "${KEY_SCRIPTS_DIR}"/ssh-config.sh >/dev/null
	#!/bin/bash
	HOME=${HOME}
	declare -A ssh_configs=(
	    ["git2.ring-zero.co.uk"]="gitea_rsa"
	    ["git.ring-zero.co.uk"]="gitlab_rsa"
	    ["gitlab.com"]="gitlab_rsa"
	    ["github.com"]="github_rsa"
	    ["git.devuan.org"]="devuan_rsa"
	    ["salsa.debian.org"]="debian_rsa"
		)
	for host in "\${!ssh_configs[@]}"; do
		cat <<-EOF2 | sudo tee -a "\$HOME/.ssh/config" >/dev/null

				Host \$host
				User git
				Preferredauthentications publickey
				IdentityFile "\$HOME/.ssh/\${ssh_configs[\$host]}"
		EOF2
	done
EOF

# Make scripts executable
# chmod +x /tmp/generate-ssh-key.sh /tmp/ssh-key-add.sh /tmp/ssh-key-permissions.sh /tmp/ssh-config.sh
chmod +x ${KEY_SCRIPTS_DIR}/*.sh

# Execute scripts
# "${KEY_SCRIPTS_DIR}"/set-zstyle.sh
# "${KEY_SCRIPTS_DIR}"/generate-ssh-key.sh
# "${KEY_SCRIPTS_DIR}"/ssh-key-add.sh
# "${KEY_SCRIPTS_DIR}"/ssh-key-permissions.sh
# "${KEY_SCRIPTS_DIR}"/ssh-config.sh

# Generate system keys
ssh-keygen -A

# Generate root user keys if not present
if [ ! -f "${HOME}"/.ssh/id_rsa.pub ]; then
    ssh-keygen -q -t rsa -N '' -f "${HOME}"/.ssh/id_rsa 2>/dev/null <<< y >/dev/null
    chmod 644 "${HOME}"/.ssh/id_rsa.pub
fi