class Host < ActiveRecord::Base
	belongs_to :certificate

	def certificate
		# ensure that we always use a current, working non expired certificate.
		case
		when super.nil?
			self.certificate_id = Certificate.get.id
			self.save
			super(true)
		when super.expires_soon?
			old = super
			new = Certificate.get.update
			Lxd::Certificate.new(api: api(old), certificate: new.to_s).add
			self.certificate_id = new.id
			self.save
			@api = nil # enforce new api to get the new certificate used.
			# finally remove the old certificate from lxd
			Lxd::Certificate.new(api: api(new), fingerprint: old.cert_fpr).delete
			super(true)
		else
			super
		end
	end

	def lxd_config
		Lxd::Config.get api
	end

	def lxd_certificates
		Lxd::Certificate.all api
	end

	def lxd_authenticate password
		Lxd::Certificate.new(api: api).add password
	end

	private
	def api certificate = nil
		@api ||= Lxd::API.get self, certificate
	end
end
# vim: ts=2 sw=2: