#!/usr/bin/env bash

if [[ "$#" -ne 2 ]]; then
  echo "Usage: $0 <user> <sops-master-key>"
  exit 1
fi

USER="$1"

mkdir -p "./users/${USER}/secrets"

nix shell nixpkgs#age --command age-keygen -o "./users/${USER}/secrets/key.txt"

AGE_KEY=$(grep "^# public key: " "./users/${USER}/secrets/key.txt" | sed "s/# public key: //")

for SOPS_FILE in $(find . -type f -name "sops.yaml"); do
  sed -i "/- users:/a\    - &${USER} ${AGE_KEY}" "${SOPS_FILE}"
  sed -i "/- age:/a\        - *${USER}" "${SOPS_FILE}"
done

"$(dirname "$0")/update-keys.sh" "$2"

echo "User ${USER} has been successfully added."