#!/usr/bin/with-contenv sh
#shellcheck shell=sh

if [ -s "$TASKDDATA/$TASKD_USERNAME.cert.pem" ]; then
  printf "User certificate for %s found, not generating again\n" "$TASKD_USERNAME"
else
  # Now we generate the user certificate that will go on the client machine
  printf "No certificate found for %s, generating user certificate...\n" "$TASKD_USERNAME"
  cd /opt/src/taskd/pki || exit 1
  ./generate.client "$TASKD_USERNAME"
  # move cert and key to a volume so they're not lost when the container is 
  # removed and so that they're accessible outside the taskd container
  cp "$TASKD_USERNAME".cert.pem /client_certs/"$TASKD_USERNAME".cert.pem
  cp "$TASKD_USERNAME".key.pem /client_certs/"$TASKD_USERNAME".key.pem
fi