#!/usr/bin/env bash
set -euo pipefail

SCRIPT_NAME="$(basename "$0")"
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
SKILL_ROOT="$(dirname "$(dirname "$SCRIPT_DIR")")"

: "${OUTPUT_DIR:=$SKILL_ROOT/outputs}"
: "${BACKUP_DIR:=$OUTPUT_DIR/backups}"

log_info()  { echo "[INFO]  $(date -Iseconds) $*"; }
log_error() { echo "[ERROR] $(date -Iseconds) $*" >&2; }

die() { log_error "$@"; exit 1; }

reload_service() {
  if systemctl list-units --type=service | grep -qE '^sshd\.service'; then
    sudo systemctl reload sshd
  elif systemctl list-units --type=service | grep -qE '^ssh\.service'; then
    sudo systemctl reload ssh
  else
    die "Could not find ssh/sshd service under systemctl"
  fi
}

main() {
  mkdir -p "$OUTPUT_DIR" "$BACKUP_DIR"
  if [[ ! -f "$BACKUP_DIR/sshd_config.before" ]]; then
    die "No backup found at $BACKUP_DIR/sshd_config.before"
  fi
  log_info "Restoring /etc/ssh/sshd_config from backup"
  sudo cp -a "$BACKUP_DIR/sshd_config.before" /etc/ssh/sshd_config
  log_info "Reloading SSH service"
  reload_service
  log_info "SSH rollback complete"
}

[[ "${BASH_SOURCE[0]}" == "$0" ]] && main "$@"