#!/bin/sh

set -eu

get_image_server() {
  local cert_version puavo_domain

  cert_version=$1
  puavo_domain=$2

  host -t SRV -W 5 "_imageserver_${cert_version}._tcp.${puavo_domain}" \
    | awk -v puavo_domain="$puavo_domain" '
        $2 == "has" && $3 == "SRV" && $4 == "record" {
          sub(/\.$/, "", $8)

          # check that $8 has puavo_domain-suffix
          i = index($8, puavo_domain)
          if (i == 0) { next }
          if ($8 == (substr($8, 0, i-1) puavo_domain)) {
            printf "%s:%s\n", $8, $7
            exit(0)
          }
      }'
}

get_puavo_domain_from_dns() {
  host -t TXT -W 5 _puavo \
    | awk '$2 == "descriptive" && $3 == "text" {
             sub(/^"/, "", $4); sub(/"$/, "", $4); print $4
           }'
}

image_server=''

cert_version=$(puavo-conf puavo.admin.certs.versions | awk '{ print $1 }')

puavo_domain=$(cat /etc/puavo/domain 2>/dev/null) || true
if [ -n "$puavo_domain" ]; then
  image_server=$(get_image_server "$cert_version" "$puavo_domain")
fi

if [ -z "$image_server" ]; then
  # In case image server was not found from DNS (or this host does not have
  # puavo domain set yet (which can be the case with preinstalled hosts)),
  # we try to look up puavo domain from DNS.  This is because image updates
  # could also work from bootservers that belong to other organisations.
  # Preinstalled hosts could also use image servers for fetching an
  # installation preseed and image updates.

  puavo_domain=$(get_puavo_domain_from_dns)
  if [ -n "$puavo_domain" ]; then
    image_server=$(get_image_server "$cert_version" "$puavo_domain")
  fi
fi

if [ -z "$image_server" ]; then
  exit 1
fi

printf "%s\n" "$image_server"
