#!/bin/sh

set -xe

# Enter proper cluster subdirectory

cd $(dirname $0)

CLUSTER="$1"
if [ ! -d "cluster/$CLUSTER" ]; then
	echo "Usage: $0 <cluster name>"
	echo "The cluster name must be the name of a subdirectory of cluster/"
	exit 1
fi

PREFIX="deuxfleurs/cluster/$CLUSTER"

# Do actual stuff

YEAR=$(date +%Y)

CERTDIR=$(mktemp -d)

_int() {
  echo "Caught SIGINT signal!"
  rm -rv $CERTDIR
  kill -INT "$child1" 2>/dev/null
  kill -INT "$child2" 2>/dev/null
}

trap _int SIGINT

pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt
pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt
pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key
pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt
pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt
pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key

socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt,verify=0 &
child1=$!

socat -dd tcp4-listen:8500,reuseaddr,fork openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt,verify=0 &
child2=$!

wait "$child1"
wait "$child2"