#!/bin/bash
set -e

source ~/.config/workspace.conf
key_vol_path="/dev/disk/by-uuid/$BACKUP_KEY_VOL_UUID"
data_vol_path="/dev/disk/by-uuid/$BACKUP_DATA_VOL_UUID"

data_mnt=
remote_open() {
	data_mapper_name="$(lsblk "$data_vol_path" -no name --raw | awk 'NR==2')"
	key_mnt="$(lsblk "$key_vol_path" -no mountpoint)"
	if [ -z "$data_mapper_name" ]; then
		echo unlocking data luks vol..
		if [ -z "$key_mnt" ]; then
			echo mounting key vol..
			udisksctl mount -b "$key_vol_path"
			key_mnt="$(lsblk "$key_vol_path" -no mountpoint)"
		fi
		echo decrypting key..
		gpg --batch --yes --output /tmp/backup-keyfile --decrypt "$key_mnt/keyfile.gpg"
		udisksctl unlock -b "$data_vol_path" --key-file /tmp/backup-keyfile
		data_mapper_name="$(lsblk "$data_vol_path" -no name --raw | awk 'NR==2')"
		echo unlock ok, doing key cleanup
	fi
	rm -f /tmp/backup-keyfile
	[ -n "$key_mnt" ] && udisksctl unmount -b "$key_vol_path"
	data_mnt="$(lsblk "/dev/mapper/$data_mapper_name" -no mountpoint)"
	if [ -z "$data_mnt" ]; then
		echo mounting data vol..
		udisksctl mount -b "/dev/mapper/$data_mapper_name"
		data_mnt="$(lsblk "/dev/mapper/$data_mapper_name" -no mountpoint)"
	fi
	echo open done
}

remote_close() {
	data_mapper_name="$(lsblk "$data_vol_path" -no name --raw | awk 'NR==2')"
	if [ -n "$data_mapper_name" ]; then
		echo unmounting data vol..
		udisksctl unmount -b "/dev/mapper/$data_mapper_name"
	fi
	udisksctl lock -b "$data_vol_path"	# must be open here (fail if not)
	echo close done
}

push_homedir() {
	
}

remote_open

for g in $(groups); do

done

remote_close
echo ALL OK