#!/usr/bin/env sh
set -e
#
# This script is based on the work of Solomon <ssbothwell@gmail.com>.
#   https://github.com/solomon-b/nixos-config/blob/ca047bdbb95859ee902e4750a3b0e018f2396bfe/installer/install-server.sh
#

cleanup() {
  printf '%s\n' 'Deleting local copy of SSH ed25519 key ...'
  rm -rf "${temp}"
}

gen_ssh_key() {
  # Create a temporary directory.
  temp="$(mktemp -d)"
  # Cleanup temporary directory on exit.
  trap cleanup EXIT

  # Create the directory where sshd expects to find the host keys.
  install -d -m755 "${temp}/etc/ssh"
  # Generate host key.
  ssh-keygen -t ed25519 -f "${temp}/etc/ssh/ssh_host_ed25519_key" -q -N ""
}

main(){
  num_args=2
  if [ "$#" -ne "${num_args}" ]; then
    printf '%s%s%s\n' 'ERROR: ' "${num_args}" ' arguments required'
    return 1
  fi
  for i in "$@"; do
    if [ -z "${i}" ]; then
      printf '%s\n' 'ERROR: All given args must not be empty'
      return 1
    fi
  done
  ssh_port="${1}"
  ssh_target="${2}"

  printf '%s\n' 'Generating SSH ed25519 key ...'
  gen_ssh_key
  printf '%s\n' 'SSH ed25519 fingerprint:'
  ssh-keygen -lf "${temp}/etc/ssh/ssh_host_ed25519_key"

  # Install NixOS to the target machine with our secrets.
  nix --extra-experimental-features nix-command --extra-experimental-features flakes \
    run github:numtide/nixos-anywhere -- --extra-files "${temp}" --flake '.#mysystem' -p "${ssh_port}" "${ssh_target}"
}
main "$@"