#!/bin/bash
######################################################
#        Name: update-NebulaNodeCert
# Description: Creates a new cert for a node based
# on the node cert provided.
#
# Created By: HMSheets
######################################################


POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"

case $key in
    -n|--nodecertname)
    NODECERTNAME="$2"
    shift # past argument
    shift # past value
    ;;
    -r|--rootpath) # do not add a trailing '/'
    ROOTPATH="$2"
    shift # past argument
    shift # past value
    ;;
    -c|--cacertname)
    CACERTNAME="$2"
    shift # past argument
    shift # past value
    ;;
    -k|--cakeyname)
    CAKEYNAME="$2"
    shift # past argument
    shift # past value
    ;;
    *)    # unknown option
    POSITIONAL+=("$1") # save it in an array for later
    shift # past argument
    ;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters

if [[ -n $1 ]]; then
    echo "Invalid Parameter(s) Entered: $1"
    exit
fi

DATETIME=$(date '+%Y%m%d-%H%M%S')

NODENAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')
NODEIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')
NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))
CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.isCa)

# Create new file name variable
NEWFILENAME="${NODENAME}_${DATETIME}"

if [[ $CERTISCASTATUS == true ]]; then
    echo "Certificate is the root CA Certificate. Try again with a node certificate."
    exit
fi

if [[ $CERTISCASTATUS == false ]]; then
    echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
    echo "Node Name: ${NODENAME}"
    echo "Node IPs: ${NODEIPS}"
    echo "Node Groups: ${NODEGROUPS[@]}"
    echo "Certificate isCa Status: ${CERTISCASTATUS}"
    echo "DateTime: ${DATETIME}"
    echo "NEWFILENAME: ${NEWFILENAME}"
    echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
    ${ROOTPATH}/nebula-cert sign -groups ${NODEGROUPS[@]} -ip ${NODEIPS} -name ${NODENAME} -ca-crt ${ROOTPATH}/${CACERTNAME} -ca-key ${ROOTPATH}/${CAKEYNAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key
fi