#!/bin/sh
set -e

DEFAULT_AUTH_TYPE=ed25519

in_group()
{
    local g
    for g in $(groups)
    do
        [ "$g" = "$1" ] && return
    done
    false
}

ssh_keytag_to_path_fragment()
{
    case "$1" in
        ssh-dss) echo dsa ;;
        ecdsa-sha2-nistp256) echo ecdsa ;;
        ssh-rsa|ssh-ed25519) echo ${1#ssh-} ;;
        *) return 1 ;;
    esac
}

path_fragment_to_ssh_keytag()
{
    case "$1" in
        ssh-dss|ecdsa-sha2-nistp256|ssh-rsa|ssh-ed25519) echo $1;;
        dss|rsa|ed25519) echo ssh-$1 ;;
        dsa) echo ssh-dss ;;
        ecdsa) echo ecdsa-sha2-nistp256 ;;
        *) return 1 ;;
    esac
}

get_dyndns_domain()
{
        fragment=$(ssh_keytag_to_path_fragment "$1") || return

        host_keyfile=/etc/ssh/ssh_host_${fragment}_key
        user_keyfile=$HOME/.ssh/id_${fragment}

        set -- -q dyndns@cryptonomic.net

        if [ -r "$host_keyfile" ]
        then
                set -- ssh -i "$host_keyfile" "$@"

        elif in_group sudo
        then
                set -- sudo ssh -i "$host_keyfile" "$@"

        elif [ -r "$user_keyfile" ]
        then
                set -- ssh -i "$user_keyfile" "$@"

        else
                set -- ssh "$@"
        fi

        "$@"
}

AUTH_TYPE=${1:-$DEFAULT_AUTH_TYPE}
AUTH_KEYTAG=$(path_fragment_to_ssh_keytag "$AUTH_TYPE")
get_dyndns_domain "$AUTH_KEYTAG"