#!/usr/bin/env python

EXAMPLES = '''
# Generates a fastd key
- fastd_key: path=/etc/fastd/site/secret.conf
'''

from ansible.module_utils.basic import *
import os

if __name__ == '__main__':
  module = AnsibleModule(
    argument_spec={
      'path': {'required': True, 'type': 'str'},
    }
  )

  path = module.params['path']
  changed = False

  # file does not exist or is empty?
  if not os.path.isfile(path) or os.stat(path).st_size == 0:
    # create file with restrictive permissions
    with os.fdopen(os.open(path, os.O_WRONLY | os.O_CREAT, 0o600), 'w') as handle:
      # generate fastd secret
      secret = subprocess.check_output(["fastd", "--machine-readable", "--generate-key"]).strip().decode()
      handle.write('secret "%s";\n' % secret)

    changed = True

  module.exit_json(changed=changed)