#!/bin/bash
set -euo pipefail

# hardcoded constants
wg_domain="wg.alemor.org"
wg_dev="wg0"

# check for arguments
if [[ $# -lt 1 || $# -gt 1 ]]; then
   echo "Usage: $(basename $0) ssh_destination"
   exit 1
fi
dest="$1"

# script expects ssh-persist to be either in the same directory, or in the path
cd $(dirname $0)
. ssh-persist $dest

# gather host info
host_name=$(hostname)
host_fqdn=$(hostname --fqdn)
host_wgip=$(ip -4 addr show $wg_dev | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
host_port=$(sudo wg show $wg_dev listen-port)
host_key=$(sudo wg show $wg_dev public-key)

# gather dest info
sudo -v -p '[sudo] password for %u@%h'
dest_name=$(sshp hostname)
dest_fqdn=$(sshp hostname --fqdn)
dest_wgip=$(sshp ip -4 addr show $wg_dev | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
dest_port=$(sshp sudo wg show $wg_dev listen-port)
dest_key=$(sshp sudo wg show $wg_dev public-key)

# add peer on host
sudo wg set $wg_dev peer "${dest_key}" endpoint $dest_fqdn:$dest_port allowed-ips $dest_wgip/32
echo -e "$dest_wgip\t$dest_name.$wg_domain" | sudo tee -a /etc/hosts >/dev/null

# add peer on dest
sshp sudo wg set $wg_dev peer "'${host_key}'" endpoint $host_fqdn:$host_port allowed-ips $host_wgip/32
sshp echo -e "$host_wgip\t$host_name.$wg_domain" | sudo tee -a /etc/hosts >/dev/null