#! /usr/bin/env bash
FILE="$(realpath "${BASH_SOURCE[0]}")"
NAME="$(basename "${FILE}")"

ACTION_OPEN='open'
ACTION_CLOSE='close'

DATA_DIRECTORY='/data'
CONTAINERS_DIRECTORY="${DATA_DIRECTORY}/containers"

CONTAINERS_MAP_DIRECTORY='/dev/mapper'
CONTAINERS_MOUNT_DIRECTORY='/media'

function main {
local action="${1}"
local pass_phrase
local container
local container_name
local container_file
local container_map_file
local container_mount_directory

case "${action}" in
    "${ACTION_OPEN}"|"${ACTION_CLOSE}")
        shift
        if [ "${1}" ]; then
            if [ "${action}" == "${ACTION_OPEN}" ]; then
                echo -n 'PassPhrase: '
                read -s pass_phrase
                echo
            fi
            for container in "${@}"; do
                echo
                case "${container}" in
                    'p') container_name='private' ;;
                    's') container_name='sensitive' ;;
                    'w') container_name='work' ;;
                    *) container_name="${container}" ;;
                esac
                container_file="${CONTAINERS_DIRECTORY}/${container_name}"
                if [ -f "${container_file}" ]; then
                    container_map_file="${CONTAINERS_MAP_DIRECTORY}/${container_name}"
                    container_mount_directory="${CONTAINERS_MOUNT_DIRECTORY}/${container_name}"
                    case "${action}" in
                        "${ACTION_OPEN}")
                            echo "${container_file} → ${container_map_file}"
                            echo "${pass_phrase}" \
                            | cryptsetup luksOpen "${container_file}" "${container_name}"
                            if [ ${?} -eq 0 ]; then
                                mkdir --parents "${container_mount_directory}"
                                echo "${container_map_file} → ${container_mount_directory}"
                                mount "${container_map_file}" "${container_mount_directory}"
                            fi
                        ;;
                        "${ACTION_CLOSE}")
                            echo "${container_map_file} ← ${container_mount_directory}"
                            umount "${container_map_file}"
                            if [ ${?} -eq 0 ]; then
                                rmdir --ignore-fail-on-non-empty "${container_mount_directory}"
                                echo "${container_file} ← ${container_map_file}"
                                cryptsetup luksClose "${container_name}"
                            fi
                        ;;
                    esac
                else
                    echo 'This path does not point to a file!'
                fi
            done
        else
            echo 'No container name provided!'
        fi
    ;;
    *)
        echo 'Usage:'
        echo "${NAME} [${ACTION_OPEN}|${ACTION_CLOSE}] [p] [s] [w]"
        echo
        echo 'p = private'
        echo 's = sensitive'
        echo 'w = work'
    ;;
esac
}

main "${@}"