#!/usr/bin/sh
#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
# 
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
# 
# Copyright (C) 2006 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
#

###########################
#
# This shell script provides a way to set up a new installation after
# the binaries have already been extracted.  This is typically after
# using native packaging support to install the package e.g. RPM,
# pkgadd, depot, etc.  This script will show the license, readme,
# dsktune, then run the usual setup pre and post installers.  This
# script should be run from the server root directory since it uses
# pwd to get the server root directory.
#
##########################

echo '######################################################################'
echo This shell script will configure the Directory Server
echo Gateway, Phonebook and Org Chart web applications to
echo work with the Administration Server.
echo

getValFromInf() {
	cattr=$1
	cfile=$2
	rval=`grep ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*=[ 	]*//"`
	echo $rval
}

getValFromConf() {
	cattr=$1
	cfile=$2
	rval=`grep ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*//"`
	echo $rval
}

getValFromLdif() {
	cattr=$1
	cfile=$2
	num=${3:-1}
	rval=`grep -i ^$cattr: $cfile | head -$num | sed -e "s/^..*:[ 	]*//"`
	echo $rval
}

# e.g. /etc/dirsrv/dsgw
dsgwconfigdir="/etc/dirsrv/dsgw"
basecfgdir=`dirname $dsgwconfigdir`
# default security dir
securitydir="/etc/dirsrv/dsgw"
defaultsecdir=1
httpdconf="@httpdconf@"
cookiedir="/var/run/dirsrv/dsgw/cookies"

# see if there is a $dsgwconfigdir/../admin-serv
admservdir=$basecfgdir/admin-serv
if [ -f "$admservdir/local.conf" ] ; then
    echo Reading parameters from Administration Server config . . .
    host=`getValFromLdif serverHostName "$admservdir/local.conf"`
    port=`getValFromLdif configuration.nsServerPort "$admservdir/local.conf"`
    sec=`getValFromLdif configuration.nsServerSecurity "$admservdir/local.conf"`
    if [ "$sec" = "on" ] ; then
        httpurl="https://$host:$port"
        if [ -n "$defaultsecdir" ] ; then
            securitydir="$admservdir"
            defaultsecdir=
        fi
    else
        httpurl="http://$host:$port"
    fi
    httpdconf=$admservdir/httpd.conf
    dsgwuser=`ls -l $admservdir/local.conf | awk '{print $3}'`
    dsgwgroup=`ls -l $admservdir/local.conf | awk '{print $4}'`
    echo Using Administration Server URL $httpurl . . .
else
    echo
    echo '########################################################################'
    echo Error: It appears the Administration Server has not yet been configured.
    echo There are configuration files missing from $admservdir
    echo Please run setup-ds-admin.pl to create your Administration Server
    echo then run this script again.
    exit 1
fi

# see if there are any directory servers here
for dir in $basecfgdir/slapd-* ; do
    case "$dir" in
    *.deleted) continue ;;
    esac
    if [ -d "$dir" -a -f "$dir/dse.ldif" ] ; then
        echo Reading parameters from Directory Server $dir . . .
        dirmgr=`getValFromLdif nsslapd-rootdn "$dir/dse.ldif"`
        host=`getValFromLdif nsslapd-localhost "$dir/dse.ldif"`
        sec=`getValFromLdif nsslapd-security "$dir/dse.ldif"`
        if [ "$sec" = "on" ] ; then
            port=`getValFromLdif nsslapd-secureport "$dir/dse.ldif"`
            ldapurl="ldaps://$host:$port"
            if [ -n "$defaultsecdir" ] ; then
                securitydir="$dir"
                defaultsecdir=
            fi
        else
            port=`getValFromLdif nsslapd-port "$dir/dse.ldif"`
            ldapurl="ldap://$host:$port"
        fi
        # get suffix - first non-netscaperoot suffix
        savesuffix="$suffix"
        suffix=`grep ^nsslapd-suffix: $dir/dse.ldif | sed -e 's/^nsslapd-suffix:[ 	]*//' | grep -v -i o=netscaperoot | head -1`
        if [ -z "$suffix" ] ; then
            suffix="$savesuffix"
        fi
        if [ -z "$dsgwuser" ] ; then
            dsgwuser=`ls -l $dir/dse.ldif | awk '{print $3}'`
        fi
        if [ -z "$dsgwgroup" ] ; then
            dsgwgroup=`ls -l $dir/dse.ldif | awk '{print $4}'`
        fi
    fi
done

if [ -n "$ldapurl" ] ; then
    echo Using Directory Server URL $ldapurl/$suffix . . .
fi

# get command line arguments

inffile=
nextisinffile=
reconfig=
for arg in "$@" ; do
	if [ "$arg" = "-r" ]; then
		reconfig=1
	elif [ "$arg" = "-f" ]; then
		nextisinffile=1
	elif [ $nextisinffile ]; then
		inffile="$arg"
		nextisinffile=
	fi
done

if [ -f "$inffile" ] ; then
    hostname=`getValFromInf FullMachineName $inffile`
    port=`getValFromInf ServerPort $inffile`
    suffix=`getValFromInf Suffix $inffile`
    dirmgr=`getValFromInf RootDN $inffile`
    httpport=`getValFromInf Port $inffile`
    httpurl="http://$host:$httpport"
    ldapurl="ldap://$host:$port"
    infuser=`getValFromInf SysUser $inffile`
    infgroup=`getValFromInf SysGroup $inffile`
    if [ -z "$infuser" ] ; then
        infuser=`getValFromInf SuiteSpotUserID $inffile`
    fi
    if [ -z "$infgroup" ] ; then
        infgroup=`getValFromInf SuiteSpotGroup $inffile`
    fi
    if [ -n "$infuser" ] ; then
        dsgwuser="$infuser"
    fi
    if [ -n "$infgroup" ] ; then
        dsgwgroup="$infgroup"
    fi
    echo Using parameters from file $inffile . . .
    echo Using Administration Server URL $httpurl . . .
    echo Using Directory Server URL $ldapurl/$suffix . . .
fi

if [ -z "$reconfig" -a -f $dsgwconfigdir/dsgw.conf ] ; then
    echo
    echo '######################################################################'
    echo The Directory Server Gateway has already been configured.  The
    echo file $dsgwconfigdir/dsgw.conf
    echo exists already.  If you want to force a reconfiguration, removing
    echo your existing configuration and recreating it, run this script
    echo again with the "-r" argument.
    exit 1
fi

echo Generating config file $dsgwconfigdir/dsgw.conf . . .
# generate dsgw.conf and pb.conf and default.conf in the $dsgwconfigdir directory
rm -f $dsgwconfigdir/dsgw.conf
sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitypath.*\$#securitypath $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    /usr/share/dirsrv/dsgw/config/dsgw.tmpl > $dsgwconfigdir/dsgw.conf

chown $dsgwuser:$dsgwgroup $dsgwconfigdir/dsgw.conf
chmod 0400 $dsgwconfigdir/dsgw.conf

echo Generating config file $dsgwconfigdir/pb.conf . . .
rm -f $dsgwconfigdir/pb.conf
sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitypath.*\$#securitypath $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    /usr/share/dirsrv/dsgw/pbconfig/pb.tmpl > $dsgwconfigdir/pb.conf

chown $dsgwuser:$dsgwgroup $dsgwconfigdir/pb.conf
chmod 0400 $dsgwconfigdir/pb.conf

echo Generating config file $dsgwconfigdir/orgchart.conf . . .
rm -f $dsgwconfigdir/orgchart.conf
sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitydir.*\$#securitydir $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    /usr/share/dirsrv/dsgw/orghtml/orgchart.tmpl > $dsgwconfigdir/orgchart.conf

chown $dsgwuser:$dsgwgroup $dsgwconfigdir/orgchart.conf
chmod 0400 $dsgwconfigdir/orgchart.conf

# the default.conf is just a copy of dsgw.conf
echo Generating config file $dsgwconfigdir/default.conf . . .
rm -f $dsgwconfigdir/default.conf
cp $dsgwconfigdir/dsgw.conf $dsgwconfigdir/default.conf
chown $dsgwuser:$dsgwgroup $dsgwconfigdir/default.conf
chmod 0400 $dsgwconfigdir/default.conf

echo Generating the credential database directory . . .
if [ ! -d "$cookiedir" ] ; then
    mkdir -p "$cookiedir"
fi
chown $dsgwuser:$dsgwgroup "$cookiedir"
chmod 0700 "$cookiedir"

if [ -d /etc/tmpfiles.d -a ! -f /etc/tmpfiles.d/dirsrv-dsgw.conf ] ; then
    echo Updating information in /etc/tmpfiles.d/dirsrv-dsgw.conf
    parentdir=`dirname $cookiedir`
    echo "d $parentdir 0700 $dsgwuser $dsgwgroup" > /etc/tmpfiles.d/dirsrv-dsgw.conf || { echo Error: could not update /etc/tmpfiles.d/dirsrv-dsgw.conf ; echo skipping tmpfiles.d configuration; }
    echo "d $cookiedir 0700 $dsgwuser $dsgwgroup" >> /etc/tmpfiles.d/dirsrv-dsgw.conf || { echo Error: could not update /etc/tmpfiles.d/dirsrv-dsgw.conf ; echo skipping tmpfiles.d configuration; }
fi

# tell Apache about the dsgw - must restart Apache
echo Adding configuration to httpd config file $httpdconf . . .
grep dsgw-httpd.conf "$httpdconf" > /dev/null 2>&1 || (echo "" ; echo "# DSGW configuration" ; echo "Include $dsgwconfigdir/dsgw-httpd.conf") >> $httpdconf

# copy in the admin server web app fragments
echo Enabling links to web apps from Administration Server home page . . .
admservdata="/usr/share/dirsrv/data"
admservhtml="/usr/share/dirsrv/html"

if [ -d "$admservdata" -a -d "$admservhtml" ] ; then
    if [ ! -f "$admservdata/admserv_dsgw.html" ] ; then
        echo Error: $admservdata/admserv_dsgw.html not found
    elif [ ! -f "$admservhtml/admserv_dsgw.html" ] ; then
        cp -p "$admservdata/admserv_dsgw.html" "$admservhtml"
    else
        echo $admservhtml/admserv_dsgw.html already exists - not copying . . .
    fi

    if [ ! -f "$admservdata/admserv_phonebook.html" ] ; then
        echo Error: $admservdata/admserv_phonebook.html not found
    elif [ ! -f "$admservhtml/admserv_phonebook.html" ] ; then
        cp -p "$admservdata/admserv_phonebook.html" "$admservhtml"
    else
        echo $admservhtml/admserv_phonebook.html already exists - not copying . . .
    fi

    if [ ! -f "$admservdata/admserv_orgchart.html" ] ; then
        echo Error: $admservdata/admserv_orgchart.html not found
    elif [ ! -f "$admservhtml/admserv_orgchart.html" ] ; then
        cp -p "$admservdata/admserv_orgchart.html" "$admservhtml"
    else
        echo $admservhtml/admserv_orgchart.html already exists - not copying . . .
    fi
else
    echo Error: Administration server directories "$admservdata" and "$admservhtml" not found
fi

echo
echo The Directory Server Gateway web applications have been successfully configured.
echo You will need to restart your Administration Server.
echo '######################################################################'

exit 0
