#!/bin/sh

# usage: genconfig.sh <template> <apikeydir> <logpublickeyfile> <cacertfile> <logadminkey> <destination>

BINDIR=$(dirname $0)

template=$1
apikeydir=$2
logpublickeyfile=$3
cacertfile=$4
logadminkey=$5
destination=$6

nodenames=$($BINDIR/compileconfig.py --config=${template} --getnodenames)

cat ${template} > ${destination}

echo "apikeys:" >> ${destination}

for node in ${nodenames}; do \
    apipk=$(grep -v '^-----' ${apikeydir}/${node}.pem | tr '\n' ' ')
    echo "        - nodename: ${node}" >> ${destination}
    echo "          publickey: ${apipk}" >> ${destination}
done

if [ -f ${destination}.version ]; then
    oldversion=$(cat ${destination}.version)
    version=$(expr $oldversion + 1)
else
    version=1
fi

echo ${version} > ${destination}.version

cafingerprint=$(openssl x509 -in ${cacertfile} -noout -sha256 -fingerprint | sed -e 's/.*=//' -e 's/://g')

logpk=$(grep -v '^-----' ${logpublickeyfile} | tr '\n' ' ')
echo "logpublickey: ${logpk}" >> ${destination}
echo "cafingerprint: ${cafingerprint}" >> ${destination}
echo "version: ${version}" >> ${destination}

openssl dgst -sha256 -sign ${logadminkey} -out ${destination}.sig ${destination}