#!/usr/bin/env bash

set -ex -o pipefail

kv_get() {
  vault kv get -format json ${1}
}

simple_get() {
 kv_get ${1} | jq .data.data${2} -r
}

simple_get_obscure() {
 rclone obscure $(simple_get $@)
}

VAULT_USERNAME=$1
VAULT_PASSWORD_FILE=$2
TEMPLATE_FILE=$3
OUTPUT_FILE=$4

vault login -no-print -method=userpass username=${VAULT_USERNAME} password=$(cat ${VAULT_PASSWORD_FILE})

TMP_DIR="$(mktemp -d)"

cp ${TEMPLATE_FILE} "${TMP_DIR}/template"

pushd "${TMP_DIR}"
STORAGEBOX_PASSWORD=$(simple_get_obscure /api-keys/hetzner/storagebox .password)
sed -i "s/STORAGEBOX_PASSWORD/${STORAGEBOX_PASSWORD}/" ./template

B2_CHAOS_BACKUPS_ACCOUNT=$(simple_get /api-keys/backblaze/Chaos-Backups .keyID)
B2_CHAOS_BACKUPS_KEY=$(simple_get /api-keys/backblaze/Chaos-Backups .applicationKey | sed "s#/#\\\/#")
sed -i "s/B2_CHAOS_BACKUPS_ACCOUNT/${B2_CHAOS_BACKUPS_ACCOUNT}/" ./template
sed -i "s/B2_CHAOS_BACKUPS_KEY/${B2_CHAOS_BACKUPS_KEY}/" ./template

B2_CHAOS_PHOTOS_ACCOUNT=$(simple_get /api-keys/backblaze/Chaos-Photos .keyID)
B2_CHAOS_PHOTOS_KEY=$(simple_get /api-keys/backblaze/Chaos-Photos .applicationKey | sed "s#/#\\\/#")
sed -i "s/B2_CHAOS_PHOTOS_ACCOUNT/${B2_CHAOS_PHOTOS_ACCOUNT}/" ./template
sed -i "s/B2_CHAOS_PHOTOS_KEY/${B2_CHAOS_PHOTOS_KEY}/" ./template

B2_CASSIE_CRYPTIDZ_BACKUP_ACCOUNT=$(simple_get /api-keys/backblaze/Cryptidz-Backup .keyID)
B2_CASSIE_CRYPTIDZ_BACKUP_KEY=$(simple_get /api-keys/backblaze/Cryptidz-Backup .applicationKey | sed "s#/#\\\/#")
sed -i "s/B2_CASSIE_CRYPTIDZ_BACKUP_ACCOUNT/${B2_CASSIE_CRYPTIDZ_BACKUP_ACCOUNT}/" ./template
sed -i "s/B2_CASSIE_CRYPTIDZ_BACKUP_KEY/${B2_CASSIE_CRYPTIDZ_BACKUP_KEY}/" ./template
popd

cat "${TMP_DIR}/template" > "${OUTPUT_FILE}"
rm -rf "${TMP_DIR}"