#!/bin/sh

# Install and use ssh from ports.
pkg install -y openssh-portable

# Disable base sshd and enable the one from ports.
sysrc -v \
  sshd_enable=NO \
  openssh_enable=YES

# Create state dataset to persist SSH host keys across OS rebuilds.
create_dataset -o "mountpoint=${ssh_host_key_dir}" "${state_dataset}/ssh"

# If the state dataset contains existing host keys, symlink them into
# /etc/ssh.
#
# If not, this is the first time we are building this box, so copy the
# autogenerated host keys to the state partition.
service openssh keygen
for key in  \
  ssh_host_ecdsa_key \
  ssh_host_ed25519_key \
  ssh_host_rsa_key
do
  [ -f "${ssh_host_key_dir}/${key}" ] || \
    mv -v "/usr/local/etc/ssh/${key}" "/usr/local/etc/ssh/${key}.pub" "$ssh_host_key_dir"

  ln -snvf "${ssh_host_key_dir}/${key}"     "/usr/local/etc/ssh/${key}"
  ln -snvf "${ssh_host_key_dir}/${key}.pub" "/usr/local/etc/ssh/${key}.pub"
done

# Copy SSH configs.
install_directory -m 0755 /usr/local/etc/ssh/sshd_config.d
install_template -m 0644 \
  /usr/local/etc/ssh/sshd_config \
  /usr/local/etc/ssh/ssh_config

# Stop base sshd and start the one from ports.
service sshd stop
service openssh restart