#!/usr/bin/env bash

# Configure Fingerprint support declaratively for Nomarchy NixOS.

FEATURE_FILE="/etc/nixos/nomarchy-features/fingerprint.nix"

if [[ "--remove" == $1 ]]; then
    if [ -f "$FEATURE_FILE" ]; then
        sudo rm "$FEATURE_FILE"
        echo "Removed $FEATURE_FILE."
        echo "IMPORTANT: Remove './nomarchy-features/fingerprint.nix' from your imports and run 'sys-update'."
    else
        echo "Fingerprint support not found."
    fi
    exit 0
fi

if [ -f "$FEATURE_FILE" ]; then
    echo "Fingerprint support is already configured in $FEATURE_FILE"
else
    sudo mkdir -p "/etc/nixos/nomarchy-features"
    cat <<EOF | sudo tee "$FEATURE_FILE" > /dev/null
{ config, pkgs, ... }:
{
  services.fprintd.enable = true;
  # NixOS's fprintd module automatically configures PAM for login/sudo if enabled.
}
EOF
    echo "Created $FEATURE_FILE."
    echo "IMPORTANT: To finish enabling fingerprint support, add './nomarchy-features/fingerprint.nix' to your imports list in /etc/nixos/system.nix or /etc/nixos/flake.nix,"
    echo "then run 'sys-update'."
fi

# Enrollment is still an imperative action
if command -v fprintd-enroll &> /dev/null; then
    echo "Let's enroll your fingerprint now."
    fprintd-enroll "$USER"
else
    echo "fprintd-enroll not found. Please run 'sys-update' first if you just enabled it."
fi
