#!/bin/sh
# postinst script for prosody
#DEBHELPER#

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
  configure)
 	if ! getent passwd prosody >/dev/null; then
 	  adduser --disabled-password --quiet --system \
 	    --home "/var/lib/prosody" --no-create-home \
 	    --gecos "Prosody XMPP Server" --group prosody
 	fi

	# Adding prosody user to the ssl-cert group to use the snakeoil
	# SSL certificate
	if getent group ssl-cert >/dev/null ; then
	    adduser --quiet prosody ssl-cert
	fi

 	# Create directory for log files
 	if [ ! -d "/var/log/prosody" ]; then
 		install -d -o prosody -g adm -m 750 "/var/log/prosody";
 	fi
	if ! dpkg-statoverride --list "/var/log/prosody" >/dev/null; then
		chown prosody:adm "/var/log/prosody"
		chmod 750 "/var/log/prosody"
	fi

 	# Create data directory
 	if [ ! -d "/var/lib/prosody" ]; then
 		install -d -o prosody -g prosody -m 750 "/var/lib/prosody";
 	fi
	if ! dpkg-statoverride --list "/var/lib/prosody" >/dev/null; then
		chown prosody:prosody "/var/lib/prosody"
		chmod 750 "/var/lib/prosody"
	fi

	# Fix config directory permissions
	if ! dpkg-statoverride --list "/etc/prosody" >/dev/null; then
		chown root:root "/etc/prosody"
		chmod 755 "/etc/prosody"
	fi

	# Fix config file permissions
	if ! dpkg-statoverride --list "/etc/prosody/prosody.cfg.lua" >/dev/null; then
		for f in "/etc/prosody/prosody.cfg.lua" \
			 /etc/prosody/prosody.cfg.lua.dpkg*; do
			if [ -f "$f" ]; then
			    chown root:prosody "$f"
			    chmod 640 "$f"
			fi
		done
	fi

	# Create directory for SSL certificate and key
 	if [ ! -d "/etc/prosody/certs" ]; then
 		install -d -o root -g prosody -m 750 "/etc/prosody/certs";
 	fi
	if ! dpkg-statoverride --list "/etc/prosody/certs" >/dev/null; then
		chown root:prosody "/etc/prosody/certs"
		chmod 750 "/etc/prosody/certs"
	fi

	for csum in \
		"069eca73d50c38807ddfcedc5cbefbd1dbe9c008  /etc/prosody/certs/localhost.key"  \
		"fe4ee64f202d64a8d9f874c03305040acc52e7b7  /etc/prosody/certs/localhost.crt"  \
		"fe4ee64f202d64a8d9f874c03305040acc52e7b7  /etc/prosody/certs/localhost.cert" \
		"454bf0db3ccb3bc07e764e640ebd7b7c5e2aeea4  /etc/prosody/certs/localhost.crt"  \
		"454bf0db3ccb3bc07e764e640ebd7b7c5e2aeea4  /etc/prosody/certs/localhost.cert"; do
		if echo "$csum" | sha1sum --check --status >/dev/null 2>&1; then
			rm -v "${csum#*  }";
		fi
	done

	if [ ! -f "/etc/prosody/certs/localhost.key" ]; then
	   	if [ -f "/etc/prosody/certs/localhost.crt" ]; then
	   		mv -v "/etc/prosody/certs/localhost.crt" "/etc/prosody/certs/localhost.crt.bak";
	   	fi
		openssl req -new -newkey rsa:2048 -x509 -days 365 -nodes \
			-out "/etc/prosody/certs/localhost.crt" \
			-keyout "/etc/prosody/certs/localhost.key" \
			-subj "/CN=localhost" \
			>/dev/null 2>&1
	fi
  ;;
  abort-upgrade|abort-remove|abort-deconfigure)
  ;;
  *)
    echo "postinst called with unknown argument \`$1'" >&2
    exit 1
  ;;
esac

# Automatically added by dh_systemd_enable/11.1.6ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
	# This will only remove masks created by d-s-h on package removal.
	deb-systemd-helper unmask 'prosody.service' >/dev/null || true

	# was-enabled defaults to true, so new installations run enable.
	if deb-systemd-helper --quiet was-enabled 'prosody.service'; then
		# Enables the unit on first installation, creates new
		# symlinks on upgrades if the unit file has changed.
		deb-systemd-helper enable 'prosody.service' >/dev/null || true
	else
		# Update the statefile to add new symlinks (if any), which need to be
		# cleaned up on purge. Also remove old symlinks.
		deb-systemd-helper update-state 'prosody.service' >/dev/null || true
	fi
fi
# End automatically added section
# Automatically added by dh_installinit/11.1.6ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
	if [ -x "/etc/init.d/prosody" ]; then
		update-rc.d prosody defaults >/dev/null
		if [ -n "$2" ]; then
			_dh_action=restart
		else
			_dh_action=start
		fi
		invoke-rc.d prosody $_dh_action || exit 1
	fi
fi
# End automatically added section

