#!/bin/bash

SYS_DIR=/etc/ssh
USER_DIR=/data/etc/ssh
RUN_DIR=/var/run/ssh

SYS_CONF="${SYS_DIR}/sshd_config"
USER_CONF="${USER_DIR}/sshd_config"
CONF="${RUN_DIR}/sshd_config"

PROG="/usr/sbin/sshd"
PROG_KG="/usr/bin/ssh-keygen"


test -x ${PROG} || exit 0

test -n "${OS_VERSION}" || source /etc/init.d/base

test -s ${SYS_CONF} || exit 0


start() {
    # merge user and sys conf files; options in first file take precedence
    mkdir -p $(dirname ${CONF})
    if [[ -s ${USER_CONF} ]]; then
        cat ${USER_CONF} ${SYS_CONF} > ${CONF}
    else
        cp ${SYS_CONF} ${CONF}
    fi

    # ensure various dirs existence
    mkdir -p ${USER_DIR}
    mkdir -p ${RUN_DIR}

    # create any missing keys
    if ! [[ -s ${USER_DIR}/ssh_host_rsa_key ]]; then
        msg_begin "Generating ssh host keys"
        for type in rsa dsa ecdsa ed25519; do
            ssh-keygen -f ${USER_DIR}/ssh_host_${type}_key -N '' -t ${type} >/dev/null
        done
        test $? == 0 && msg_done || msg_fail
    fi
    
    # adjust any existing client keys permissions
    chmod go-rwx ${USER_DIR}/id_rsa* 2>/dev/null

    # copy system authorized keys, if present
    if [[ -f /etc/ssh/authorized_keys ]] && ! [[ -e ${USER_DIR}/authorized_keys ]]; then
        cp /etc/ssh/authorized_keys ${USER_DIR}
    fi

    msg_begin "Starting sshd"
    
    umask 077
    hostname=$(hostname)
    echo "Welcome to ${hostname}!" > ${RUN_DIR}/sshd_banner
    sync

    ${PROG} -f ${CONF}
    test $? == 0 && msg_done || msg_fail
}

stop() {
    msg_begin "Stopping sshd"
    killall -q $(basename ${PROG}) 
    test $? == 0 && msg_done || msg_fail
}

case "$1" in
    start)
        start
        ;;

    stop)
        stop
        ;;

    restart)
        stop
        start
        ;;

    *)
        echo "Usage: $0 {start|stop|restart}"
        exit 1
esac
