#!/bin/bash

set -e

user="${1}"
base_dir="/var/lib/machines"
base_subvol="bip.f28.ro"

if [ -z "${user}" ] ; then
	echo Please provide the username to create
	exit 1
fi

adduser -G ctr-only "${user}"
su - "${user}" -c "ssh-keygen -f ~/.ssh/id_rsa -N ''; echo -n 'command=\"sudo /usr/local/bin/ctr-wrapper.sh\",no-port-forwarding,no-agent-forwarding,no-x11-forwarding ' > ~/.ssh/authorized_keys; cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys; chmod 0600 ~/.ssh/authorized_keys; cat ~/.ssh/id_rsa"
new_subvol="$(echo ${base_subvol} | cut -d . -f 1)"."${user}"
btrfs sub snap "${base_dir}"/"${base_subvol}" "${base_dir}"/"${new_subvol}"
machinectl enable "${new_subvol}"

mkdir -p /etc/systemd/nspawn
cur_port="$(grep '^Port=' /etc/ctr-port.conf | tail -1 | cut -d = -f 2 )"
nex_port="$(expr ${cur_port} + 1)"
cat > /etc/systemd/nspawn/"${new_subvol}".nspawn <<EOF
[Exec]
Boot=yes

[Network]
Private=yes
VirtualEthernet=yes
Port=${nex_port}

[Files]
#BindReadOnly=/etc/resolv.conf
EOF
echo -e "# ${new_subvol}\nPort=${nex_port}" >> /etc/ctr-port.conf

sed -i "s/CHANGE_PORT/${nex_port}/g" "${base_dir}"/"${new_subvol}"/etc/bip.conf
sed -i "s/CHANGE_USER/${user}/g" "${base_dir}"/"${new_subvol}"/etc/bip.conf

machinectl start "${new_subvol}"