#!/bin/sh

. /lib/functions.sh
. /usr/share/libubox/jshn.sh

generate_portsecurity() {
	local poe port keys cfg bridge name

	json_select network
	json_select static
	json_get_keys keys ports
	json_select ports

	for i in $keys; do
		json_select "$i"
		json_get_var port "name"
		uci -q batch <<-EOF
			set port_security.$port='port'
			set port_security.$port.aaa_fail_policy='REJECT'
			set port_security.$port.radius='example'
			set port_security.$port.dot1x_enable='0'
		EOF
		json_select ..
	done
	json_select ..
	json_select ..
	json_select ..

	uci -q batch <<-EOF
			set port_security.general='general'
			set port_security.general.fail_reauth_timeout='600'
	EOF
	uci -q batch <<-EOF
			set port_security.example='radius'
			set port_security.example.port='1812'
			set port_security.example.secret='-'
			set port_security.example.address='0.0.0.0'
			set port_security.example.name='example'
	EOF
}

if [ ! -s /etc/config/port_security ]; then
	json_init
	json_load_file "/etc/board.json"
	touch /etc/config/port_security
	generate_portsecurity
	uci commit port_security
fi
