#!/bin/sh

# ayu(1) - an actually boring password manager, which uses age(1) as backend.

# Path to the program's directory
ayu_dir="${ayu_dir:-$HOME/.config/ayu}"

# Path to the password store
ayu_store="${ayu_store:-$HOME/.ayu}"

# Path to the age(1) keys
ayu_key="${ayu_key:-${ayu_dir}/sec.age}"
ayu_pub="${ayu_pub:-${ayu_dir}/pub.age}"

EDITOR=${EDITOR:-vi}

# Run some tests
test -d $ayu_dir || mkdir -p $ayu_dir
test -d $ayu_store || mkdir -p $ayu_store

test -f $ayu_key || printf "$0: Generate your own age(1) key with age-keygen(1) and place it as a $ayu_key. \n"
test -f $ayu_pub || printf "$0: Public key needs to be placed on $ayu_pub (Hint: it's the visible output of age-keygen(1)) \n"

# Switch directory to the password store, otherwise bail out.
cd $ayu_store || exit 1

# Edit an entry if it exists
edit() {
	age --decrypt --identity=$ayu_key --output=${1%%.age} ${1%%.age}.age
	${EDITOR} ${1%%.age}
	age --encrypt -R $ayu_pub --output=${1%%.age}.age ${1%%.age}
	rm ${1%%.age}
}

# List contents of the store
list() {
	tree $ayu_store
}

# Create a new entry
new() {
	test -d "$1" && usage && exit

	tmpfile="$(mktemp)"
	${EDITOR} "$tmpfile"

	mkdir -p "$(dirname "$1")"
	age --encrypt -R $ayu_pub -o $tmpfile.age $tmpfile

	mv $tmpfile.age "${1%%.age}".age
	rm $tmpfile
}

# Remove
re() {
	rm -v ${1}${2}.age
}
# Remove-recursive
rr() {
	test -d "$@" && usage && exit
	rm -r -v "$(dirname "$@")"
}

# Print usage
usage() {
	printf "$0 [ ed | ls | new | re | rr | vi ] \n"
}

# View an entry, otherwise list the contents of the directory specified.
view() {
	if [ -f "${1%%.age}".age ];then
		age --decrypt --identity=$ayu_key "${1%%.age}".age
	elif [ -d "${1:-.}" ];then
		tree "${1:-.}"
	else
		usage
		exit
	fi
}

case $1 in
	edit | ed)
		edit $2
		;;
	list | ls)
		list
		;;
	new)
		new $2
		;;
	remove | re)
		re $2 $3
		;;
	remove-recursive | rr)
		rr $2
		;;
	usage)
		usage
		;;
	view | vi)
		view $2
		;;
	*)
		list
		;;
esac