#!/usr/bin/env bash

# Scope: Create wireguard keys for all monitoringVPN hosts
# Parameters:
#   file: path to grid.nix of morph deployment
# Output: Key files for all monitoring VPN hosts _in_the_current_directory_
# Convention: the IP ending in ".1" will be symlinked to server.{key,pub}

set -euo pipefail

umask 077

if [[ $# -ne 1 ]]; then
    echo "Illegal number of parameters. Expected: file (path of grid.nix)"
    exit 2
fi

MONITORING_IPS=$(fgrep monitoringvpnIPv4 ${1} | egrep -o "[0-9\.]{7,15}")
VPNSERVER_IP=$(fgrep monitoringvpnIPv4 ${1} | egrep -o -m1 "[0-9\.]{5,13}\.1")

for i in $MONITORING_IPS; do
  wg genkey | tee ${i}.key | wg pubkey > ${i}.pub
done

ln -fs $VPNSERVER_IP.key server.key
ln -fs $VPNSERVER_IP.pub server.pub

wg genpsk > preshared.key

# EOF