#!/bin/bash
set -euo pipefail
IFS=$'\n\t'

host() {
	CAKEY="$2"
	PUBKEY="$3"
	HOST="$4"

	echo "$PUBKEY" > {{ ssh_ca_dir }}/"$HOST".pub
	ssh-keygen -h -s {{ ssh_ca_dir }}/keys/"$CAKEY" -I "$HOST" -n "$HOST" {{ ssh_ca_dir }}/"$HOST".pub
	cat {{ ssh_ca_dir }}/"$HOST"-cert.pub
	rm {{ ssh_ca_dir }}/"$HOST"*.pub
}

user() {
	CAKEY="$2"
	PUBKEY="$3"
	HOST="$4"
	PRINCIPALS="$5"

	echo "$PUBKEY" > {{ ssh_ca_dir }}/"$HOST".pub
	ssh-keygen -s {{ ssh_ca_dir }}/keys/"$CAKEY" -I "$HOST" -n "$HOST","$PRINCIPALS" {{ ssh_ca_dir }}/"$HOST".pub
	cat {{ ssh_ca_dir }}/"$HOST"-cert.pub
	rm {{ ssh_ca_dir }}/"$HOST"*.pub
}

"$1" "$@"