#!/bin/sh
# Mosquitto entrypoint — generates /mosquitto/config/passwd from env vars
# before handing off to the broker process.
#
# Required environment variables (set in docker-compose.yml):
#   MQTT_C2_USER   — username for the drb-c2-core service
#   MQTT_C2_PASS   — password for the drb-c2-core service
#   MQTT_NODE_USER — shared username for all edge nodes
#   MQTT_NODE_PASS — shared password for all edge nodes
set -e

PASSWD_FILE=/mosquitto/config/passwd

# Remove any stale file so we start clean on every container start
rm -f "$PASSWD_FILE"

if [ -z "$MQTT_C2_USER" ] || [ -z "$MQTT_C2_PASS" ]; then
    echo "ERROR: MQTT_C2_USER and MQTT_C2_PASS must be set" >&2
    exit 1
fi

if [ -z "$MQTT_NODE_USER" ] || [ -z "$MQTT_NODE_PASS" ]; then
    echo "ERROR: MQTT_NODE_USER and MQTT_NODE_PASS must be set" >&2
    exit 1
fi

mosquitto_passwd -b "$PASSWD_FILE" "$MQTT_C2_USER"   "$MQTT_C2_PASS"
mosquitto_passwd -b "$PASSWD_FILE" "$MQTT_NODE_USER" "$MQTT_NODE_PASS"

echo "Mosquitto: password file written for users: $MQTT_C2_USER, $MQTT_NODE_USER"

exec /usr/sbin/mosquitto -c /mosquitto/config/mosquitto.conf