repo.libs.tools.require_bundle(node, 'zfs')

from os.path import join
from bundlewrap.metadata import metadata_to_json

dataset = node.metadata.get('backup-server/zfs-base')

files = {
    '/etc/backup-server/config.json': {
        'content': metadata_to_json({
            'zfs-base': dataset,
        }),
    },
    '/usr/local/bin/rotate-single-backup-client': {
        'mode': '0755',
    },
}

directories['/etc/backup-server/clients'] = {
    'purge': True,
}

sudoers = {}

for nodename, config in node.metadata.get('backup-server/clients', {}).items():
    with open(join(repo.path, 'data', 'backup', 'keys', f'{nodename}.pub'), 'r') as f:
        pubkey = f.read().strip()

    sudoers[config['user']] = nodename

    users[config['user']] = {
        'home': f'/srv/backups/{nodename}',
    }

    files[f'/etc/backup-server/clients/{nodename}'] = {
        'content': metadata_to_json(config['retain']),
    }

    files[f'/srv/backups/{nodename}/.ssh/authorized_keys'] = {
        'content': pubkey,
        'owner': config['user'],
        'mode': '0400',
        'needs': {
            f'zfs_dataset:{dataset}/{nodename}',
        },
    }

    directories[f'/srv/backups/{nodename}/backups'] = {
        'owner': config['user'],
        'mode': '0700',
        'needs': {
            f'zfs_dataset:{dataset}/{nodename}',
        },
    }

files['/etc/sudoers.d/backup-server'] = {
    'source': 'sudoers',
    'content_type': 'mako',
    'context': {
        'clients': sudoers,
    },
}