#!/bin/sh
#
# $NetBSD: ec2_init,v 1.2 2021/07/01 18:05:45 jmcneill Exp $
#
# PROVIDE: ec2_init
# REQUIRE: NETWORKING
# BEFORE:  LOGIN

$_rc_subr_loaded . /etc/rc.subr

name="ec2_init"
rcvar=${name}
start_cmd="ec2_init"
stop_cmd=":"

EC2_USER="ec2-user"
METADATA_URL="http://169.254.169.254/latest/meta-data/"
SSH_KEY_URL="public-keys/0/openssh-key"
HOSTNAME_URL="hostname"

SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"

ec2_newuser()
{
	echo "Creating EC2 user account ${EC2_USER}"
	useradd -g users -G wheel,operator -m "${EC2_USER}"
}

ec2_init()
{
	(
	umask 022

	# create EC2 user
	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser

	# fetch the key pair from Amazon Web Services
	EC2_SSH_KEY=$(ftp -o - "${METADATA_URL}${SSH_KEY_URL}")

	if [ -n "$EC2_SSH_KEY" ]; then
		# A key pair is associated with this instance, add it
		# to EC2_USER's 'authorized_keys' file
		mkdir -p $(dirname "$SSH_KEY_FILE")
		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
		touch "$SSH_KEY_FILE"
		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
		cd $(dirname "$SSH_KEY_FILE")

		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
		if [ $? -ne 0 ]; then
			echo "Setting EC2 SSH key pair: ${EC2_SSH_KEY##* }"
			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
		fi
	fi

	# set hostname
	HOSTNAME=$(ftp -o - "${METADATA_URL}${HOSTNAME_URL}")
	echo "Setting EC2 hostname: ${HOSTNAME}"
	echo "$HOSTNAME" > /etc/myname
	hostname "$HOSTNAME"
	)
}

load_rc_config $name
run_rc_command "$1"