#!/bin/sh
set -e
# #######################################
# ## SBT Native Packager Bash Library  ##
# #######################################

# Adding system user
# $1 = user
# $2 = uid
# $3 = group
# $4 = description
# $5 = shell (defaults to /bin/false)
addUser() {
  user="$1"
  if [ -z "$user" ]; then
    echo "usage: addUser user [group] [description] [shell]"
    exit 1
  fi
    uid="$2"
    if [ -z "$uid" ]; then
      uid_flags=""
    else
      uid_flags="--uid $uid"
    fi
    group=${3:-$user}
    descr=${4:-No description}
    shell=${5:-/bin/false}
    if ! getent passwd | grep -q "^$user:"; then
      echo "Creating system user: $user in $group with $descr and shell $shell"
      useradd $uid_flags --gid $group -r --shell $shell -c "$descr" $user
    fi
}

# Adding system group
# $1 = group
# $2 = gid
addGroup() {
  group="$1"
  gid="$2"
  if [ -z "$gid" ]; then
    gid_flags=""
  else
    gid_flags="--gid $gid"
  fi
  if ! getent group | grep -q "^$group:"; then
    echo "Creating system group: $group"
    groupadd $gid_flags -r $group
  fi
}

# Will return true even if deletion fails
# $1 = user
deleteUser() {
  if hash deluser 2>/dev/null; then
    deluser --quiet --system $1 > /dev/null || true
  elif hash userdel 2>/dev/null; then
    userdel $1
  else
    echo "WARNING: Could not delete user $1 . No suitable program (deluser, userdel) found"
  fi
}

# Will return true even if deletion fails
# $1 = group
deleteGroup() {
  if hash delgroup 2>/dev/null; then
    delgroup --quiet --system $1 > /dev/null || true
  elif hash groupdel 2>/dev/null; then
    groupdel $1
  else
   echo "WARNING: Could not delete user $1 . No suitable program (delgroup, groupdel) found"
  fi
}

# #######################################

case "$1" in
  configure)
    # Adding system user/group : thehive and thehive
    addGroup thehive ""
    addUser thehive "" thehive "thehive daemon-user" "/bin/false"
    # Generate secret key
    if ! test -e /etc/thehive/secret.conf; then
      key=$(dd if=/dev/urandom bs=1024 count=1 | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)
      echo "play.http.secret.key=\"$key\"" > /etc/thehive/secret.conf
    fi

    # Chown definitions created by SBT Native Packager
    mkdir -p /var/log/thehive /opt/thp/thehive/index /opt/thp/thehive/database /opt/thp/thehive/files
    touch /var/log/thehive/application.log
    chown -R thehive:thehive /var/log/thehive /opt/thp/thehive/index /opt/thp/thehive/database /opt/thp/thehive/files
    chown root:thehive /etc/thehive/application.conf /etc/thehive/logback.xml /etc/thehive/secret.conf
    chmod 0640 /etc/thehive/application.conf /etc/thehive/logback.xml /etc/thehive/secret.conf
    test -x /bin/systemctl && /bin/systemctl daemon-reload || /bin/true
    test -n "$2" && service thehive start
    exit 0
  ;;
  abort-upgrade|abort-remove|abort-deconfigure)
  ;;
  *)
    echo "postinst called with unknown argument \`$1'" >&2
    exit 1
  ;;
esac
