#!/bin/bash

set -e

if [ "$1" = "configure" ]
then
    echo -n "Copying public keys… "
    if test -r /etc/ssh/sshd_config
    then
        ROOT_HOME="`getent passwd  root | cut -d: -f6`"
        if [ -n "$ROOT_HOME" ]
        then
            KEY_FILE=`sshd -T | grep -i ^AuthorizedKeysFile | awk '{print $2}'`
            # Default for OpenSSH
            [ -z "$KEY_FILE" ] && KEY_FILE=".ssh/authorized_keys"
            KEY_FILE=${KEY_FILE/\%u/root}
            KEY_FILE=${KEY_FILE/\%h/${ROOT_HOME}}
            # If relative, it's relative to HOME
            [ "${KEY_FILE:0:1}" != "/" ] && KEY_FILE="${ROOT_HOME}/${KEY_FILE}"

            if [ -r "$KEY_FILE" ]
            then
                KEY_SOURCE=`mktemp`
                grep -Ev 'backuppc@tulipe|backuppc@bkp-pa[23]-[0-9]{2}' $KEY_FILE > $KEY_SOURCE || true
                cat /usr/share/eehosting-backup/authorized_keys >> $KEY_SOURCE
                sort -u $KEY_SOURCE > $KEY_FILE
                rm -f $KEY_SOURCE
                echo done.
            else
                OWNER=root
                if [ "${KEY_FILE:0:4}" = "/etc" ]
                then
                    OWNER=root
                fi

                KEY_DIR="`dirname ${KEY_FILE}`"
                if [ ! -d "${KEY_DIR}" ]
                then
                    mkdir -p "${KEY_DIR}"
                    chown ${OWNER}: "${KEY_DIR}"
                fi
                if mv /usr/share/eehosting-backup/authorized_keys ${KEY_FILE}
                then
                    chown ${OWNER}: "${KEY_FILE}"
                    echo done.
                else
                    echo failed.
                fi
            fi
        else
            echo "no home for root, failed."
        fi
        echo "You still may have to:"
        echo "   allow backups servers in firewall rules"
        echo "   allow ssh login as root from backups servers"
        echo "See /usr/share/doc/eehosting-backup/README for details"
    fi
    echo -n "Removing old logrotate file… "
    rm /etc/logrotate.d/eehosting-backup 2>/dev/null && echo "done." || echo "not found, ignore."
fi

#DEBHELPER#

