#!/bin/sh

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

CONFIG_ROOT="/etc/cauth-ldap-slave-slapd-config"
OPENLDAP_USER="openldap"
OPENLDAP_GROUP="openldap"
YANDEX_ENVIRONMENT=$(cat /etc/yandex/environment.type)


add_openldap_user_group() {
    if [ -z "$(getent group ${OPENLDAP_GROUP})" ]; then
        addgroup --quiet --system ${OPENLDAP_GROUP}
    fi
    if [ -z "$(getent passwd openldap)" ]; then
        echo "\n  Creating new user openldap... " >&2
        adduser --quiet --system --home /var/lib/ldap --shell /bin/false \
            --ingroup ${OPENLDAP_GROUP} --disabled-password --disabled-login \
            --gecos "Symas LDAP Server Account" ${OPENLDAP_USER}
        echo "done." >&2
    fi
}  # add_openldap_user_group()


check_yandex_environment() {
    if [ -z "${YANDEX_ENVIRONMENT}" ]; then
        echo "ERROR: No yandex environment set, check contents of /etc/yandex/environment.type"
        exit 1
    fi
    if [ "${YANDEX_ENVIRONMENT}" = "production" ]; then
        echo "INFO: Installing onto \"production\" Yandex environment"
    elif [ "${YANDEX_ENVIRONMENT}" = "testing" ]; then
        echo "INFO: Installing onto \"testing\" Yandex environment"
    else
        echo "ERROR: Unknown Yandex environment, check /etc/yandex/environment.type contents."
        exit 1
    fi
} # check_yandex_environment()

configure_environment() {
    ENV_CONFIG_ROOT="${CONFIG_ROOT}/${YANDEX_ENVIRONMENT}"

    # Add symlink to /etc/default/slapd-instances
    ln -v -f -s "${ENV_CONFIG_ROOT}"/default/slapd-instances-config /etc/default/slapd-instances-config

    # Add symlinks to /etc/init.d/slapd-instances
    ln -v -f -s "${ENV_CONFIG_ROOT}"/init.d/slapd-instances /etc/init.d/slapd-instances

    # Add symlinks to instances config files.
    for INSTANCE_CONFIG in "${ENV_CONFIG_ROOT}"/instance-*.conf; do
        CONFIG_BNAME=$(basename "${INSTANCE_CONFIG}")
        ln -v -f -s "${INSTANCE_CONFIG}" "${CONFIG_ROOT}/${CONFIG_BNAME}"
    done

    # Create empty replication-settings.conf file if it does not exist.
    if [ ! -f "${CONFIG_ROOT}"/replication-settings.conf ]; then
        echo "# Empty replication settings" >"${CONFIG_ROOT}"/replication-settings.conf
        chown --verbose ${OPENLDAP_USER}:${OPENLDAP_GROUP} ${CONFIG_ROOT}/replication-settings.conf || true
        chmod --verbose 600 ${CONFIG_ROOT}/replication-settings.conf || true
        printf "INFO: Run 'cauth-ldap-replication-manager' utility to set up LDAP replication master.\n"
    fi

    # Make directory for logs.
    mkdir -p /var/log/slapd-instances

    # Update rc.d
    update-rc.d slapd disable || true
    update-rc.d symas-openldap-server disable || true
    update-rc.d slapd-instances defaults
    systemctl daemon-reload

    # slapd instances needs access to saslauthd socket
    usermod -a -G sasl openldap || true

    # Reload syslog-ng.
    /etc/init.d/syslog-ng reload || true
} # configure_environment()

do_configure() {
    if [ "${YANDEX_ENVIRONMENT}" = "production" ]; then
        configure_environment
    fi
    if [ "${YANDEX_ENVIRONMENT}" = "testing" ]; then
        echo "ERROR: Testing environment is not supported yet."
        # configure_environment
        exit 1
    fi
} # do_configure()


case "${1}" in
    configure)
    add_openldap_user_group
    check_yandex_environment
    do_configure
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`${1}'" >&2
        exit 1
    ;;
esac

exit 0
