#! /usr/bin/env python3
from fastluks import __version__, main_script
import argparse

#______________________________________
def cli_options():
    parser = argparse.ArgumentParser(description='fastluks main script')
    parser.add_argument('--device', default='/dev/vdb',dest='device_name', help='Device')
    parser.add_argument('--cryptdev', default='crypt', dest='cryptdev', help='Cryptdev')
    parser.add_argument('-m', '--mountpoint', default='/export', dest='mountpoint', help='Cryptdev mountpoint')
    parser.add_argument('-f', '--filesystem', default='ext4', dest='filesystem', help='Device filesystem')
    parser.add_argument('-c', '--cipher', default='aes-xts-plain64', dest='cipher_algorithm', help='Cipher algorithm')
    parser.add_argument('-s', '--key-size', default=256, type=int, dest='keysize', help='Key size')
    parser.add_argument('--hash', default='sha256', dest='hash_algorithm', help='Hash algorithm')
    parser.add_argument('--header-backup-dir', default='/etc/luks', dest='luks_header_backup_dir', help='LUKS header backup dir')
    parser.add_argument('--header-backup-file', default='luks-header.bck', dest='luks_header_backup_file', help='LUKS header backup file')
    parser.add_argument('--cryptdev-file', default='/etc/luks/luks-cryptdev.ini', dest='luks_cryptdev_file', help='LUKS cryptdev ini file')
    parser.add_argument('-l', '--passphrase-length', default=8, type=int, dest='passphrase_length', help='Passphrase length')
    parser.add_argument('-p', '--passphrase', default=None, dest='passphrase', help='Passphrase')
    parser.add_argument('--passphrase-confirmation', default=None, dest='passphrase_confirmation', help='Passphrase confirmation')
    parser.add_argument('--save-passphrase-locally', default=False, dest='save_passphrase_locally', action='store_true', help='Store passphrase in local ini file')
    parser.add_argument('--vault', default=False, dest='use_vault', action='store_true', help='Use Hashicorp Vault to store the passphrase')
    parser.add_argument('--vault-url', default=None, type=str, dest='vault_url', help='Vault URL')
    parser.add_argument('--wrapping-token', default=None, type=str, dest='wrapping_token', help='Vault wrapping token')
    parser.add_argument('--secret-path', default=None, type=str, dest='secret_path', help='Vault secret path (to be appended to /v1/secrets/data/)')
    parser.add_argument('--user-key', default=None, type=str, dest='user_key', help='Vault key')
    parser.add_argument('-V', '--version', action='store_true', dest='version', default=False, help='Print fastluks version')
    return parser.parse_args()

#______________________________________
def encrypt_and_setup():

    options = cli_options()

    if options.version is True:
        print('fastluks package: ' + __version__)
    else:
        main_script(options.device_name, options.cryptdev, options.mountpoint, options.filesystem,
                    options.cipher_algorithm, options.keysize, options.hash_algorithm,
                    options.luks_header_backup_dir, options.luks_header_backup_file, options.luks_cryptdev_file,
                    options.passphrase_length, options.passphrase, options.passphrase_confirmation,
                    options.save_passphrase_locally, options.use_vault, options.vault_url, options.wrapping_token,
                    options.secret_path, options.user_key)

#______________________________________
if __name__ == '__main__':
    encrypt_and_setup()