#!/bin/sh

set -euo pipefail

# vim: syntax=sh

export LC_ALL=C
VAULT_KV_PATH=kv/service/monitoring/grafana
RAND_CMD="tr -dc A-Za-z0-9\-_\/=~\.+ < /dev/urandom | head -c 50"
if ! vault kv list $(dirname ${VAULT_KV_PATH}) 2>/dev/null | grep -q -E "^$(basename ${VAULT_KV_PATH})\$"; then
  vault kv put ${VAULT_KV_PATH} \
    secret_key="$(sh -c "${RAND_CMD}")" \
    initial_admin_pwd="$(sh -c "${RAND_CMD}")" \

fi
for SECRET in secret_key initial_admin_pwd; do
  if ! vault kv get -field ${SECRET} ${VAULT_KV_PATH} >/dev/null 2>&1; then
    vault kv patch ${VAULT_KV_PATH} \
      ${SECRET}=$(sh -c "${RAND_CMD}")
  fi
done