#!/bin/sh

PROXIED_AUTH_SOCK="${PROXIED_AUTH_SOCK:-/var/run/proxied-ssh-auth.sock}"

if [ -S "${PROXIED_AUTH_SOCK}" ]; then
    echo "Found previously not closed ssh auth socket, closing."
    rm ${PROXIED_AUTH_SOCK}
fi

# This should be run only when run as is specified and SSH Agent socket is present
if [ -n "$API_RUNAS" ] && [ -S "$SSH_AUTH_SOCK" ]; then
    echo "Proxying ${SSH_AUTH_SOCK} -> ${PROXIED_AUTH_SOCK} for ${API_RUNAS%%:*}"
    socat UNIX-LISTEN:${PROXIED_AUTH_SOCK},fork,user=${API_RUNAS%%:*},mode=600 \
          UNIX-CONNECT:${SSH_AUTH_SOCK} &
    export SSH_AUTH_SOCK=/var/run/proxied-ssh-auth.sock
fi