set -ex
K1=192.168.89.7
K2=192.168.89.6
ssh root@$K1 "ipsec stop"
ssh root@$K2 "ipsec stop"
ssh root@$K1 "rm -f /etc/ipsec.d/*db"
ssh root@$K2 "rm -f /etc/ipsec.d/*db"
ssh root@$K1 "ipsec initnss"
ssh root@$K2 "ipsec initnss"
ssh root@$K1 "ipsec newhostkey"
ssh root@$K2 "ipsec newhostkey"

LCK=`ssh root@$K1 'ipsec showhostkey --list|sed s/^.*ckaid://'`
LKY=`ssh root@$K1 "ipsec showhostkey --ckaid $LCK --left"|grep 'leftrsasigkey'`

RCK=`ssh root@$K2 'ipsec showhostkey --list|sed s/^.*ckaid://'`
RKY=`ssh root@$K2 "ipsec showhostkey --ckaid $RCK --right"|grep 'rightrsasigkey'`

cat - > host_to_host.tmpl <<EOF
conn host-to-host
	left=$K1
	leftsubnet=${K1}/32
$LKY
	leftid=@k1
	right=$K2
	rightsubnet=${K2}/32
$RKY
	rightid=@k2
	dpddelay=5
	dpdtimeout=30
	dpdaction=restart
	auto=start

EOF

scp host_to_host.tmpl root@$K1:/etc/ipsec.d/host_to_host.conf
scp host_to_host.tmpl root@$K2:/etc/ipsec.d/host_to_host.conf


ssh root@$K1 "ipsec start"
ssh root@$K2 "ipsec start"


# These should not be necessary but doing for debugging.
ssh root@$K1 "ipsec auto --add host-to-host"
ssh root@$K1 "ipsec auto --up host-to-host"