captaincore/app/site/key-generate

#!/usr/bin/env bash

#
#   Generates rclone configs based on site credentials
#
#   `captaincore site rclone-configs <site>`
#

while read config; do
  if [[ "$config" == "Error:"* ]]; then
    continue
  fi
  declare "$config"
done <<< "$(php ${CAPTAINCORE_PATH}/lib/local-scripts/configs.php fetch)"

run_command() {

  site=$1

  # Load site vars
  IFS=$'\n'$'\r'; for line in $(captaincore site get $site --bash --captain-id=$CAPTAIN_ID); do declare "$line"; done

  # Domain not found
  if [[ $domain == "" ]]; then
    echo -e "${COLOR_RED}Error:${COLOR_NORMAL} Domain not found."
    return
  fi

  rclone_config_file="$path/${site}_${site_id}/rclone.conf"
  mkdir -p "$path/${site}_${site_id}/"
  echo "" > "$rclone_config_file"

  unset IFS
  environments=($( captaincore environment list $site --captain-id=$CAPTAIN_ID ))

  for environment in ${environments[@]}; do

    while read site_configs; do if [[ $site_configs == "" ]]; then continue; fi; declare "$site_configs"; done <<< "$(captaincore site get $site-$environment --bash --captain-id=$CAPTAIN_ID)"

    if [[ $address == "" || username == "" ]]; then
      continue
    fi

    # Add vault file
    vault_file="$path/${site}_${site_id}/$environment/vault.txt"
    if [ ! -f "$vault_file" ]; then
      mkdir -p "$path/${site}_${site_id}/$environment"
      b2_path="$b2_folder/${CAPTAIN_ID}/${site}_${site_id}/$environment/restic-repo"
      b2_key_pair=($( b2 key create --bucket="$b2_bucket" --name-prefix="$b2_path" "restic-${site}-${site_id}-$environment" "deleteFiles,listBuckets,listFiles,readBucketEncryption,readBucketLogging,readBucketNotifications,readBucketReplications,readBuckets,readFiles,shareFiles,writeBucketEncryption,writeBucketLogging,writeBucketNotifications,writeBucketReplications,writeFiles" ))
      echo "$b2_bucket" > "$vault_file"
      echo "$b2_path" >> "$vault_file"
      echo "${b2_key_pair[0]}" >> "$vault_file"
      echo "${b2_key_pair[1]}" >> "$vault_file"
      cat ${CAPTAINCORE_PATH}/data/restic.key >> "$vault_file"
      echo "Generating $vault_file"
    fi

    if [[ "$key" != "use_password" ]]; then
      if [[ $key == "" ]]; then
        key=$( captaincore configuration get --field=default_key )
      fi
      ssh_file="$path_keys/${CAPTAIN_ID}/${key}"
      echo "Generating rclone configs for ${site}-${environment} with SSH key"
      quiet=$( rclone config create $environment $protocol host $address user $username port $port key_file $ssh_file --config="$rclone_config_file" )
    fi

    if [[ "$key" == "use_password" ]]; then
      password=$( captaincore site get ${site}-${environment} --field=password --captain-id=$CAPTAIN_ID )
      rclone_pass=$( rclone obscure "$password" )
      echo "Generating rclone configs for ${site}-${environment} with password"
      quiet=$( rclone config create $environment $protocol host $address user $username port $port pass --config="$rclone_config_file" -- $rclone_pass )
    fi

  done

  # Add backup remote
  backup_remote=$( rclone config show ${rclone_backup%:*} )
  echo "[backup]" >> "$rclone_config_file"
  echo "${backup_remote#*$'\n'}" >> "$rclone_config_file"

}

run_command $1