#!/bin/bash
# lmz-repository-setup
#  Generate repository configuration with the customer's credentials
#
# Depends: lmz-initial-setup needs to be run first
#
# Copyright (C) 2014-2020 Univention GmbH
#
# http://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

set -u
set -e

eval "$(ucr shell \
	hostname \
	repository/online/server \
	)"

msg () { # {{{1
	echo -e "$(date): $@"
}

err () {
	echo -e "$(date): ${@}" >&2
}

ucc_repository_setup () { # {{{1
	kdn="$(head -n 1 < /etc/kdn.user)"
	kdn_password="$(head -n 1 < /etc/kdn.secret)"
	msg "Setting UCC image repository."
    # Due to a bug in the ucc-image-download utility it is not possible to use
    # basic auth
	# ucr set ucc/image/download/url="http://${kdn}:${kdn_password}@${repository_online_server}/ucc-lmz-desktop/"
	ucr set ucc/image/download/url="http://${repository_online_server}/ucc-lmz-desktop/"
	msg "Done.\n"
}

ucs_repository_setup () { # {{{1
	kdn="$(head -n 1 < /etc/kdn.user)"
	kdn_password="$(head -n 1 < /etc/kdn.secret)"
	while [[ $# -ge 1 ]]; do
		msg "Setting ${1} package repository."
		ucr set "repository/online/component/${1}=yes" \
			"repository/online/component/${1}/username=${kdn}" \
			"repository/online/component/${1}/password=${kdn_password}"
		msg "Done.\n"
		shift
	done

	# don't update package lists when in the midst of a package installation
	if [[ -z "${DPKG_MAINTSCRIPT_PACKAGE:=}" ]]; then
		apt-get update
	fi
}

opsi_repository_setup () { # {{{1
	kdn="$(head -n 1 < /etc/kdn.user)"
	kdn_password="$(head -n 1 < /etc/kdn.secret)"
	while [[ $# -ge 1 ]]; do
		msg "Setting ${1} OPSI product repository."
		ucr set "opsi/product-download/${1}/username=${kdn}" \
			"opsi/product-download/${1}/password=${kdn_password}" \
			"opsi/product-download/${1}/baseUrl=http://${repository_online_server}/opsi/" \
			"opsi/product-download/${1}/dirs=abo/lmz-bw,abo/mshotfix/opsi4/glb,abo/mshotfix/opsi4/misc,abo/msoffice/opsi4,abo/standard/opsi4,paedml/linux70,paedml/linux70/common"
		msg "Done.\n"
		shift
	done
}

# Start execution {{{1
if [[ ! -e /etc/kdn.user ]] || [[ ! -e /etc/kdn.secret ]]; then
	err "ERROR: Customer id and password not found (/etc/kdn.user, /etc/kdn.secret).  Please run lmz-initial-setup first!"
	exit 1
fi

# make sure the latest server configuration is in place
systemctl restart univention-directory-policy.service

case "${hostname}" in
	server )
		ucs_repository_setup lmz
		ucc_repository_setup
		;;
	backup )
		ucs_repository_setup lmz opsi
		;;
	nextcloud )
		ucs_repository_setup lmz
		;;
	* )
		err "ERROR: Called on unknown server."
		exit 2
		;;
esac

# vi: ft=sh:tw=80:sw=4:ts=4:fdm=marker
