#!/usr/bin/env python3

from os import environ
from sys import argv, exit
from uuid import uuid4

from bundlewrap.repo import Repository

try:
    username = argv[1]
except IndexError:
    print('Usage: {} <username>'.format(argv[0]))
    exit(1)

repo = Repository(environ.get('BW_REPO_PATH', '.'))

privkey = repo.libs.keys.gen_privkey(repo, f'wireguard {username} key {uuid4()}')
psk = repo.libs.keys.gen_privkey(repo, f'wireguard {username} psk {uuid4()}')
pubkey = repo.libs.keys.get_pubkey_from_privkey(repo, f'wireguard {username}', privkey)

enc_psk = repo.vault.encrypt(str(psk))
enc_pubkey = repo.vault.encrypt(str(pubkey))

# editorconfig-checker-disable
print(f"""Keys have been generated. Please take note of them:

  Private Key: {privkey}
          PSK: {psk}
   Public Key: {pubkey}

Put the following config into your desired wireguard server config:

        '{username}': {{
            'psk': vault.decrypt('{enc_psk}'),
            'pubkey': vault.decrypt('{enc_pubkey}'),
        }},""")