#!/usr/bin/env bash


###
#
# Options Section
#
###

set -e
set -u
set -o pipefail


###
#
# Variables Section
#
###

ARGUMENT="${1:-2048 3072 4096 6144 7680 8192}"
TEMP='/var/tmp/openssh-moduli'


###
#
# Function Section
#
###

function generate () {
  local BITSIZE
  BITSIZE="${1}"
  /usr/bin/test -f "${TEMP}/.moduli-${BITSIZE}.candidates.step" && \
    continue
  /usr/bin/test -f "${TEMP}/.moduli-${BITSIZE}.candidates.lock" && \
    /usr/bin/rm --force "${TEMP}/moduli-${BITSIZE}.candidates" && \
    /usr/bin/rm --force "${TEMP}/.moduli-${BITSIZE}.candidates.lock"
  /usr/bin/test ! -f "${TEMP}/moduli-${BITSIZE}.candidates" && \
    /usr/bin/touch "${TEMP}/.moduli-${BITSIZE}.candidates.lock"
    /usr/bin/ssh-keygen -M 'generate' -O "bits=${BITSIZE}" "${TEMP}/moduli-${BITSIZE}.candidates"
    /usr/bin/touch "${TEMP}/.moduli-${BITSIZE}.candidates.step"
    /usr/bin/rm --force "${TEMP}/.moduli-${BITSIZE}.candidates.lock"
}

function screen () {
  local BITSIZE
  BITSIZE="${1}"
  /usr/bin/test -f "${TEMP}/.moduli-${BITSIZE}.step" && \
    continue
  /usr/bin/test -f "${TEMP}/.moduli-${BITSIZE}.lock" && \
    /usr/bin/rm --force "${TEMP}/moduli-${BITSIZE}" && \
    /usr/bin/rm --force "${TEMP}/.moduli-${BITSIZE}.lock"
  /usr/bin/test ! -f "${TEMP}/moduli-${BITSIZE}" && \
    /usr/bin/touch "${TEMP}/.moduli-${BITSIZE}.lock"
    /usr/bin/ssh-keygen -M 'screen' -f "${TEMP}/moduli-${BITSIZE}.candidates" "${TEMP}/moduli-${BITSIZE}"
    /usr/bin/touch "${TEMP}/.moduli-${BITSIZE}.step"
    /usr/bin/rm --force "${TEMP}/.moduli-${BITSIZE}.lock"
}

function merge () {
  local BITSIZE
  local MBITSIZE
  BITSIZE="${1}"
  MBITSIZE=$(("${BITSIZE}" - 1))
  /usr/bin/test -f '${TEMP}/moduli' && \
    /usr/bin/grep --extended-regexp "[0-9]{1,14} [0-9] [0-9] [0-9]{1,3} ${MBITSIZE} [0-9]" --quiet '${TEMP}/moduli' || \
      /usr/bin/cat "${TEMP}/moduli-${BITSIZE}" >> '${TEMP}/moduli'
}


###
#
# Runtime Environment
#
###

if [[ "${EUID}" -ne '0' ]]; then
  /usr/bin/echo 'Error: Permission Denied'
  exit 1
fi
if [[ ! -d "${TEMP}" ]]; then
  /usr/bin/install --directory "${TEMP}"
fi
for BITSIZE in ${ARGUMENT}; do
  generate "${BITSIZE}"
  screen "${BITSIZE}"
  merge "${BITSIZE}"
done
/usr/bin/install --directory /etc/ssh
/usr/bin/mv --force "${TEMP}/moduli" '/etc/ssh/moduli'
/usr/bin/rm --force --recursive "${TEMP}"
/usr/bin/systemctl --quiet is-active 'sshd'; then
  /usr/bin/systemctl--quiet restart 'ssh'
fi