#!/bin/sh -e
#
# 2020 Joachim Desroches (joachim.desroches@epfl.ch)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#

cat <<- EOF

# Length of generated password.
LENGTH=

# Keep password strictly alphanumeric.
NOSYMB=

# Check pass is installed.
command -v pass >/dev/null 2>&1 ||
	{
		cat <<- EOF >&2
		__pass: this type requires pass installed.
		See https://www.passwordstore.org/.
		EOFF
		exit 1;
	}

# Check for optional length parameter.
if [ -f "${__object:?}/parameter/length" ];
then
	LENGTH="$(cat "${__object:?}/parameter/length")"
	export LENGTH
fi

# Check for optional no symbols parameter.
if [ -f "${__object:?}/parameter/no-symbols" ];
then
	NOSYMB="-n"
	export NOSYMB
fi

# Load required password store location parameter.
PASSWORD_STORE_DIR="$(cat "${__object:?}/parameter/storedir")"
export PASSWORD_STORE_DIR

# Check if the password store is initialized.
if ! pass ls >/dev/null 2>&1;
then
	cat <<- EOFF >&2
	__pass: this type requires the password store to be initialized.
	See cdist-type__pass_init(7) and pass(1) for more information.
	EOFF
	exit 1;
fi

# Generate a password if it does not already exist.
if [ ! -f "\${PASSWORD_STORE_DIR}/${__object_id:?}.gpg" ];
then
	# shellcheck disable=SC2086
	pass generate \$NOSYMB "${__object_id:?}" $LENGTH >/dev/null
fi

# Send it out to the messages.
pass "${__object_id:?}" >> "${__messages_out:?}"

EOF