#!/bin/bash

export POLICIES=`ls -1 /etc/consul.d/policies/*.hcl`
export TOKEN_DIR=/etc/consul.d/tokens
export ANONYMOUS_TOKEN="00000000-0000-0000-0000-000000000001"
export CONSUL_HTTP_TOKEN=`cat ${TOKEN_DIR}/token-bootstrap.json | jq -r ".SecretID"`

for conf in ${POLICIES}; do
  policy=`basename ${conf} .hcl`

  consul acl policy read -name "${policy}" &> /dev/null
  if [ $? -ne 0 ]; then
    consul acl policy create -name "${policy}" -rules @${conf}
  fi

  # anonymousは特別扱い
  if [ ${policy} = "anonymous" ]; then
    continue
  fi

  consul acl token list | grep ${policy} &> /dev/null
  if [ $? -ne 0 ]; then
    consul acl token create -description "${policy}" -policy-name ${policy} | tee ${TOKEN_DIR}/${policy}
  fi
done

consul acl token update -id ${ANONYMOUS_TOKEN} -policy-name "anonymous" -description "Anonymous Token"

exit 0