#!/bin/sh -e

. shell-error
. /etc/cl-user.conf

[ "$#" -eq 1 ] || fatal "more arguments required"
user="$1"; shift

[ -n "$bindpw" ] && bindpw="-w $bindpw" || bindpw="-W"

#check for name
getent passwd "$user" && fatal "same name already exists"

#calculate uid
uid_avail="$(getent passwd| cut -f3 -d: |sort -unr|head -n1)"
uid_min="${uid_min:-$(sed -rn 's,^UID_MIN[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"
uid_max="${uid_max:-$(sed -rn 's,^UID_MAX[[:space:]]+([^[:space:]]+),\1,p' /etc/login.defs)}"

uid=$(( $uid_avail + 1 ))

[ "$uid" -le "$uid_max" ] || fatal "not free uid available"
[ "$uid" -lt "$uid_min" ] && uid="$uid_min"

message "using uid - $uid"

#add group and calculate gid
getent group "$user" && fatal "same name in group database already exists"
cl-groupadd "$user"
gid="$(getent group "$user"|cut -f3 -d:)"

message "using gid - $gid"

#edit ldap
ldapadd -a -D "$binddn" $bindpw -x -H "ldap://${host:-localhost}"<<EOF
dn: uid=$user,ou=People,$base
uid: $user
cn: $user
objectClass: account
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
userPassword: {crypt}x
uidNumber: $uid
gidNumber: $gid
homeDirectory: /home/$user
EOF

if [ -d "/home/$user" ]; then
    message "home directory already exists"
else
    cp -r /etc/skel "/home/$user"
    chown -R "$uid:$gid" "/home/$user"
fi
