#!/bin/sh -e

case $1 in
	adduser)
		USERNAME=$2
		PASSWORD=$3

		kinit -k -t /etc/keytabs/root.admin.keytab root/admin
		aklog

		if ! vos examine db.$USERNAME >/dev/null 2>/dev/null; then
			vos create -server afs -partition a -name db.$USERNAME -maxquota 5000
			fs mkmount -dir /afs/.hcoop.net/common/.databases/$USERNAME -vol db.$USERNAME -rw
			vos release common.databases
			fs setacl -dir /afs/hcoop.net/common/databases/$USERNAME -acl system:postgres l
			fs setacl -dir /afs/hcoop.net/common/databases/$USERNAME -acl system:mysql l
			fs setacl -dir /afs/hcoop.net/common/databases/$USERNAME -acl system:backup rl
		fi

		sudo -H mysql -e "CREATE USER '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';"
	;;
	passwd)
		USERNAME=$2
		PASSWORD=$3

		sudo -H mysql -e "SET PASSWORD FOR '$USERNAME'@'localhost' = PASSWORD('$PASSWORD');"
	;;
	createdb)
		USERNAME=$2
		DBNAME_BASE=$3
		DBNAME="${USERNAME}_${DBNAME_BASE}"
		DIR=/afs/hcoop.net/common/databases/$USERNAME/mysql

		kinit -k -t /etc/keytabs/root.admin.keytab root/admin
		aklog

		mkdir -p $DIR
		fs setacl -dir $DIR -acl system:mysql rlid
		fs setacl -dir $DIR -acl system:backup rl
		mkdir $DIR/$DBNAME
		chown mysql:mysql $DIR/$DBNAME
		chmod 770 $DIR/$DBNAME
		ln -sf $DIR/$DBNAME /var/lib/mysql/$DBNAME
		fs setacl -dir $DIR/$DBNAME/ -acl system:mysql all

		sudo -H mysql -e "GRANT CREATE,SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE VIEW,SHOW VIEW,GRANT OPTION ON TABLE * TO '$USERNAME'@'localhost';" $DBNAME
		sudo -H mysql -e "FLUSH PRIVILEGES;"
	;;
	*)
		echo "Usage: domtool-mysql [adduser <user> <password> | passwd <user> <password> | createdb <user> <table>]"
	;;
esac