#!/bin/bash

vault_file="vault-secrets.txt"
vault_token_file="vault-token.txt"

vault_vip=$(juju config vault vip)

export VAULT_ADDR="http://${vault_vip}:8200"

vault operator init -key-shares=5 -key-threshold=3 > ${vault_file}

IPS=$(juju status vault --format json  | jq -r '.applications.vault.units | to_entries[].value."public-address"')

for ip in $IPS;do
  echo export VAULT_ADDR=http://${ip}:8200;
  export VAULT_ADDR=http://${ip}:8200;
  for vault_key in $(head -n3 ${vault_file} | awk '{print $4}');do
    echo vault operator unseal -tls-skip-verify $vault_key
    vault operator unseal -tls-skip-verify $vault_key
  done;
done;

initial_token=$(grep Initial ${vault_file} | awk '{print $4}')

export VAULT_ADDR="http://${vault_vip}:8200"
export VAULT_TOKEN=${initial_token}

vault token create -ttl=10m > ${vault_token_file}

token=$(cat ${vault_token_file} | grep token | head -n 1 | awk '{print $2}')

juju run-action --wait vault/leader authorize-charm token=${token}