ENDOFORGE_BACKUPS = y
ifneq (,$(ENDOFORGE_BACKUPS))
SUFFIX := ~$(shell date -Ins | tr -d :)
INSTALL := install -b --suffix=$(SUFFIX)
MV := mv -b --suffix=$(SUFFIX)
else
INSTALL = install
MV = mv
endif

ifeq ($(shell id -u),0)
SUDO =
else
SUDO = sudo
endif

HAVE_ROOT != $(SUDO) true && echo y || true

ROOT_INSTALL = $(SUDO) $(INSTALL)
USER != echo "$${SUDO_USER:-$$(id -un)}"
SSH_CONFIG_DIR = /etc/ssh
SSHD_CONFIG_DIR = $(SSH_CONFIG_DIR)/sshd_config.d
SSH_LIB_DIR = /usr/lib/ssh
USER_SSH_CONFIG_DIR = ~$(USER)/.ssh

BROWSER != 2>/dev/null which xdg-open || which w3m || which links || which elinks

.PHONY: install install-user install-user-config install-root shared doc test

doc: README.html
	$(BROWSER) $<

shared: install
	git config core.self-forge true

SRC = src
SOURCE_NAMES = AnonymousAccessCommand anonymous-access.conf AuthorizedKeysCommand sshd_config
SOURCES = $(addprefix $(SRC), $(SOURCE_NAMES))

KEYTYPE = ed25519
define EDIT_SSHD
sed \
		-e 's?ForceCommand=$$?&$(HOME)/.ssh/AnonymousAccessCommand?' \
		-e 's?AuthorizedKeysCommandUser=$$?&$(USER)?' \
		-e 's?HostKey=$$?&$(HOME)/.ssh/id_$(KEYTYPE)?' \
		-e 's?PidFile=$$?&$(HOME)/.ssh/sshd.pid?'
endef

install: $(if $(HAVE_ROOT), install-root, install-user)

install-user-config:
	$(INSTALL) -d ~/.ssh
	$(INSTALL) -t ~/.ssh $(SRC)/AnonymousAccessCommand


~/.ssh/id_ed25519:
	ssh-keygen -t ed25519 -P '' -f $@

install-user: install-user-config ~/.ssh/id_ed25519
	$(EDIT_SSHD) < $(SRC)/sshd_config > ~/.ssh/sshd_config.tmp
	$(MV) ~/.ssh/sshd_config.tmp ~/.ssh/sshd_config
	$(INSTALL) -m0644 -t ~/.config/systemd/user $(SRC)/sshd.service
	systemctl --user daemon-reload
	systemctl --user enable sshd
	systemctl --user restart sshd

install-root: install-user-config
	$(ROOT_INSTALL)        -d "$(SSH_CONFIG_DIR)" "$(SSHD_CONFIG_DIR)" "$(SSH_LIB_DIR)" || true
	$(ROOT_INSTALL) -m0644 -t "$(SSHD_CONFIG_DIR)" $(SRC)/anonymous-access.conf || true
	$(ROOT_INSTALL)        -t "$(SSH_LIB_DIR)" $(SRC)/AuthorizedKeysCommand || true
	[ -e /etc/ssh/AuthorizedKeysCommand ] || $(SUDO) ln -s -t /etc/ssh "$(SSH_LIB_DIR)"/AuthorizedKeysCommand
	$(SUDO) systemctl reload sshd

README.html: README.md
	pandoc -s --css "$(SRC)"/style.css -t html $< -o $@

test:
	make -C test