#!/bin/sh

set -e
#set -x

FILE="make-ssl-cert2"

. /usr/share/ssl-cert2/ssl-cert2-lib

version() {

  message "This is $FILE, vesion $VERSION."
  message $COPYRIGHT

}

usage() {

  version
  message "Usage:  $FILE [ -r ] [ -o owner ] [ -g group ] [ -p permissions ]
              [ -c cert-file ] [ -k key-file ] package "
}

remove=false
while [ $# -gt 0 ]; do
  case "$1" in
  -r) remove=true;;
  -c) shift
      if [ -z "$1" ]; then 
        message "-c must have an argument"
        exit 1
      fi
      cert="$1"
      cert_spec="true"
      ;;
  -k) shift
      if [ -z "$1" ]; then
        message "-k must have an argument"
        exit 1
      fi
      key="$1"
      key_spec="true"
      ;;
  -o) shift
      if [ -z "$1" ]; then
        message "-o must have an argument"
        exit 1
      fi
      owner="$1"
      ;;
  -g) shift
      if [ -z "$1" ]; then
        message "-g must have an argument"
        exit 1
      fi
      group="$1"
      ;;
  -p) shift
      if [ -z "$1" ]; then
        message "-p must have an argument"
        exit 1
      fi
      perms="$1"
      ;;
  -h) usage; exit 0;;
  -V) version; exit 0;;
  -*) message "Unknown option $1"; exit 1;;
  *) package="$1"
  esac
  shift
done

if [ -z "$package" ]; then
  message "Package must be specified"
  exit 1
fi

packagedir="${PACKAGES_DIR}${package}/"
[ -z "$cert" ] && cert="${CERTS_DIR}${package}.pem"
[ -z "$key" ] && key="${KEYS_DIR}${package}.pem"
certlink_file="${packagedir}cert_link"
keylink_file="${packagedir}key_link"

if [ "$remove" != "true" ]; then
  
  add_package "$package"

  set_package_cert_file "$package" "$cert"
  set_package_key_file "$package" "$key"
  set_package_key_owner "$package" "$owner"
  set_package_key_group "$package" "$group"
  set_package_key_perms "$package" "$perms"

  if [ "$(manage_certs)" = "true" ]; then
    if [ -n "$cert_spec" ];then 
      dir="$(basename "$cert")"
      mkdir -p "$dir"
    fi
    if [ -n "$key_spec" ];then 
      dir="$(basename "$key")"
      mkdir -p "$dir"
    fi
    update_links "$cert" "$certlink_file" "$key" "$keylink_file" "$SITEWIDE_PEM" "$SITEWIDE_KEY_PEM"
  else
    #Inform the user they must create their own cert
    message "As ssl-cert2 is not handling the configuration of SSL certificates
you must create $cert and $key yourself. dpkg-reconfigure ssl-cert2
if you wish for ssl-cert2 to take over this responsibility."
    #echo "nocert" > "$certlink_file"
    #echo "nocert" > "$keylink_file"
  fi

else
  if [ "$(manage_certs)" = "true" ]; then
    remove_links "$cert" "$certlink_file" "$key" "$keylink_file"
  else
    message "The certificates for $package were not removed as ssl-cert2 is no
managing the certificates. You can dpkg-reconfigure ssl-cert2 to change this"
  fi 
  purge_package $package
fi