#!/bin/bash
# ------------------------------------- USAGE ----------
function USAGE {
cat<<ENDUSAGE
        ssl-helper deploy-cert --cert=<cert-file> --key=<key-file>
        ssl-helper https <on|off|status>

    deploy-cert   - Deploy certificate and key from flat files to 'Secret' object
    create-cert   - Create certficate and key with LetsEncrypt and deploy it
    https         - enable/disable/check https in Ingress

ENDUSAGE
}

SCRIPTDIR=$(dirname $0)
DEBUG=0

. $SCRIPTDIR/_environment
. $SCRIPTDIR/_functions


# ------------------------------------------------ deploy-cert -------------
function deploy-cert {
    [ -z "$CERT_FILE" ] && die 10 "Certificate file was not specified"
    [ -z "$KEY_FILE" ] && die 10 "Key file was not specified"
    [ -f "$CERT_FILE" ] || die 12 "Invalid path to certificate file"
    [ -f "$KEY_FILE" ] || die 12 "Invalid path to key file"
    
    local tmpdir=/tmp/overcast-ingress-tls
    rm -rf $tmpdir
    mkdir -p $tmpdir
    cp $KEY_FILE $tmpdir/tls.key
    cp $CERT_FILE $tmpdir/tls.crt
    # Find if 'overcast-ingress-tls' secret exists
    kubectl get secret | grep overcast-ingress-tls &>/dev/null
    if [ $? != 0 ]; then
        kubectl create secret tls overcast-ingress-tls --cert=$tmpdir/tls.crt --key=$tmpdir/tls.key
    else
        kubectl create secret tls overcast-ingress-tls --cert=$tmpdir/tls.crt --key=$tmpdir/tls.key --dry-run -o yaml | kubectl replace -f -
    fi
    
    rm -rf $tmpdir
}

function https {
    echo ok
}

# --------------------------------------------------------------------------
# ---------------------------------= MAIN =---------------------------------
# --------------------------------------------------------------------------

BASE_DIR="$SCRIPTDIR/.."
IMG_SRC_DIR=$BASE_DIR/images/service
IMAGES=''
export QUIET=0
export COMMAND=$1

[ -z "$COMMAND" ] && USAGE && die 1 "Need at least one argument"

for ARG in "$@"; do
    case $ARG in
        --debug)
            export DEBUG=1
            ;;
        -q|--quiet)
            export QUIET=1
            ;;
        --cert=*)
            CERT_FILE="${ARG#*=}"
            ;;
        --key=*)
            KEY_FILE="${ARG#*=}"
            ;;
    esac
done

(( DEBUG == 0 )) || cat <<EOF
========== Processing command ==========
  COMMAND  => $COMMAND
  QUIET    => $QUIET
========================================
EOF

case $COMMAND in
    deploy-cert)
        deploy-cert
        ;;
    https)
        https $2
        ;;
    *)
        USAGE
        die 1 "COMMAND not recognized"
esac
