#!/bin/sh

# Warning, problems can occur if the device restarts in the middle of this uci-default script

if [ -x /bin/sysrepoctl ]; then
	match=$(sysrepoctl -l | grep "ietf-keystore ")
	if [ ! "$match" ]; then
		sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore@2016-10-31.yang -o root:root -p 600
		if [ -x /bin/sysrepocfg ]; then
			sysrepocfg -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore
			rm /usr/share/netopeer2-keystored/stock_key_config.xml
		fi

		#generate ssh keys
		ssh-keygen -t rsa -f /tmp/ssh_host_rsa_key -N ""
		openssl rsa -in /tmp/ssh_host_rsa_key -outform pem > /etc/keystored/keys/ssh_host_rsa_key.pem
		openssl rsa -pubout -in /etc/keystored/keys/ssh_host_rsa_key.pem -out /etc/keystored/keys/ssh_host_rsa_key.pub.pem
		rm /tmp/ssh_host_rsa_key
	fi
fi

exit 0