#!/bin/sh

set -e

if [ -z "$SSH_PASSWORD" -a -z "$SSH_PRIVATE_KEY" ]; then
  echo "No SSH_PASSWORD or SSH_PRIVATE_KEY provided. Exiting."
  exit 1
fi

echo "Setting up SSH configuration..."

mkdir -p /srv/.ssh
chmod 700 /srv/.ssh

if [ -n "$SSH_PASSWORD" ]; then
  echo "Setting up SSH password authentication..."
  echo "borg:$SSH_PASSWORD" | chpasswd
fi

if [ -n "$SSH_PRIVATE_KEY" ]; then
  echo "Setting up SSH private key authentication..."
  echo "$SSH_PRIVATE_KEY" > /srv/.ssh/authorized_keys
fi

if [ -e /srv/.ssh-host-keys/ssh_host_ecdsa_key ]; then
    for key in ssh_host_ecdsa_key ssh_host_rsa_key ssh_host_ed25519_key; do
        if [ -e /srv/.ssh-host-keys/$key ]; then
            cp /srv/.ssh-host-keys/$key /etc/ssh/
            cp /srv/.ssh-host-keys/${key}.pub /etc/ssh/
            chmod 600 /etc/ssh/$key
            chmod 644 /etc/ssh/${key}.pub
        fi
    done
fi

if [ ! -e /etc/ssh/ssh_host_ecdsa_key ] ; then
  ssh-keygen -A

fi

/usr/sbin/sshd -D -e