#!/usr/bin/env python

import os
import stat
import argparse
import random
import sys
import pwd

# Removed '$' as it will be used as salt by auth.hashers
# as part of token creation
validchars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#%^&*(-_=+)'
owner = 'apache'

def main():
    parser = argparse.ArgumentParser(description='Write SECRET_KEY to file')
    parser.add_argument('-f', dest='outfile', help='output file', required=True)
    args = parser.parse_args()

    SECRET_KEY = ''.join([random.SystemRandom().choice(validchars) \
                          for i in range(32)])

    try:
        secret = open(args.outfile, 'w')
        secret.write(SECRET_KEY)
        secret.close()

        entry = pwd.getpwnam(owner)

        os.chmod(args.outfile, stat.S_IRUSR | stat.S_IWUSR)
        os.chown(args.outfile, entry.pw_uid, entry.pw_gid)

    except Exception as e:
        sys.stderr.write(repr(e) + '\n')
        raise SystemExit(1)

if __name__ == "__main__":
    main()
