#!/usr/bin/env miaou-recipe

# CONSTANTS

JUMP_HOST=51.75.85.81 # public ip of listes.artcode.re
LDAP_SERVER=192.168.1.254
LOCAL_PORT=3890

# FUNCTIONS

function tweak_sympa_auth {
	if grep -q ".*host $LDAP_SERVER.*" /etc/sympa/auth.conf; then
		/opt/miaou-bash/tools/append_or_replace ".*host $LDAP_SERVER:389.*" "\thost 127.0.0.1:$LOCAL_PORT" /etc/sympa/auth.conf
		systemctl restart wwsympa.socket
		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT is now active"
	else
		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT already enabled"
	fi
}

function ssh_port_translation {
	if ! ss -tln | grep -q 127.0.0.1:$LOCAL_PORT; then
		ssh -o StrictHostKeyChecking=accept-new -fN $JUMP_HOST -L $LOCAL_PORT:$LDAP_SERVER:389
		echo "SSH port translation $LOCAL_PORT is now listening!"
	else
		echo 'SSH listener already enabled!'
	fi
}

# MAIN

set -Eue
tweak_sympa_auth
ssh_port_translation