#!/bin/bash


echo "Welcome to the CentOS to SME Server script. Ar you sure you have at least one ethernet interface before proceeding ? Hit Ctrl+C if unsure, press 'enter' if you are OK to proceed."
read testme

echo "disabling and removing SELinux"
sed -i -e 's/rhgb quiet/selinux=0/g' /boot/grub/grub.conf
sed -i -e 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
yum remove selinux-policy-targeted -y 1>/dev/null

echo "##########################################################################"
echo "setting yum repo for SME Server"
mkdir /tmp/repo.bak
mv /etc/yum.repos.d/*.repo /tmp/repo.bak/
cp /etc/yum.prosmerepos.d/* /etc/yum.repos.d/

echo "##########################################################################"
echo "importing rpm gpg keys"
#yum install wget -y 1>/dev/null
for i in $( ls /usr/share/doc/smeserver-centos2sme/keys ); do
	rpm --import /usr/share/doc/smeserver-centos2sme/keys/$i
done

echo "##########################################################################"
echo "cleaning yum cache"
yum --enablerepo=* clean all 1>/dev/null

echo "##########################################################################"
echo "Removing dhcp-common"
# from https://forums.contribs.org/index.php/topic,53304.msg276453/topicseen.html#msg276453
# Stefano found deps issues
rpm -e --nodeps dhcp-common

echo "##########################################################################"
echo "yum upgrade to install sme build of initscript:"
yum upgrade -y 1>/dev/null

initscripts=`rpm -q initscripts`

if [[ $initscripts =~ ^initscripts-[0-9.\-]*\.el[0-9_]+\.sme.*$ ]]; then
         echo "... OK"; 
else         
	echo "... something wrong try to manually install the SME version of initscripts. 
One possible reason of this is that initscripts from CentOS is a newest version /release than the one in SME repositories.";
	exit 1
fi 


# they might have come back with upgrade...
rm /etc/yum.repos.d/CentOS*.repo -rf

# would make a test here to check if initscript was updated or not ...
echo "##########################################################################"
echo "yum groupinstall"
yum --disablerepo=* --enablerepo=smeos,smeupdates groupinstall base -y

# check 
if [[ -f /sbin/e-smith/console ]]; then
	echo "... all seems good untill now"
else
	echo "... exiting something is missing, try again yum --disablerepo=* --enablerepo=smeos,smeupdates groupinstall base -y"
	exit 1
fi

echo "##########################################################################"
echo "cleaning rpm not necessary or possibly conflicting: postfix"
yum remove postfix -y 1>/dev/null

echo "##########################################################################"
echo "yum upgrade"
yum upgrade -y 1>/dev/null

echo "##########################################################################"
echo "starting runit, so we can run a few services"
/etc/runit/2 &

echo "##########################################################################"
echo "cleaning /var/service/"
find /var/service/ -type f -iname control -exec rm {} \;

echo "##########################################################################"
echo "start syslog"
/etc/init.d/rsyslog start

echo "##########################################################################"
echo "running post-install event for SME..."
echo "but before, we unlink the S10init-passwords action"
unlink  /etc/e-smith/events/post-install/S10init-passwords
/sbin/e-smith/signal-event post-install

echo "##########################################################################"
echo "set admin password as set"
#need syslog to work. so just in case
/etc/init.d/rsyslog restart
/sbin/e-smith/db accounts setprop admin PasswordSet yes
/sbin/e-smith/db configuration set PasswordSet yes
/sbin/e-smith/db configuration setprop bootstrap-console Restore disabled

echo "... as we copy your current root password as admin password"
# here copy root password to admin user !!!
grep $USER /etc/shadow | cut -f 2 -d ':'>/tmp/encrypted
usermod -p $(cat /tmp/encrypted) admin
rm /tmp/encrypted -f
# to test, there is chances it is salted, alternatively
# echo "Please give now the password for the created admin user :"
# passwd admin

echo "##########################################################################"
echo "Cleaning /service subfolders"
find /var/service/ -type f -iname control -exec rm {} \;

echo "##########################################################################"
echo "force quota check"
touch /forcequotacheck

#start rsyslogd service in case , as console needs it to run...
/etc/init.d/rsyslog restart

echo "##########################################################################"
echo "now time to configure your server using the SME Server console"
# maybe improve here to launch the configure this server directly
#/sbin/e-smith/console
/usr/bin/perl -Mesmith::console -Mesmith::console::configure -e "esmith::console::configure->new->doit(esmith::console->new,esmith::ConfigDB->open)"

echo "##########################################################################"
echo "set SSHD to accept root login with rsa key"
/sbin/e-smith/db configuration setprop  sshd status enabled PermitRootLogin yes access public
/sbin/e-smith/signal-event  remoteaccess-update

echo "##########################################################################"
echo "Enable access to server-manager to the following IPs:"
echo "Please type IP.IP.IP.IP/255.255.255.255,IP2.IP2.IP2.IP2/255.255.255.255  to allow access to the manager from the desired IP. Leave blank if you do want to have access to the manager from outside the lan. Fill with 0.0.0.0/0.0.0.0 if you live on the edge!"
read validfrom
if [ ! -z "$validfrom" ]; then
	/sbin/e-smith/db configuration setprop httpd-admin ValidFrom  $validfrom
	/sbin/e-smith/signal-event post-upgrade
else
	echo "nothing to do"
fi


# last tidying
find /var/service/ -type f -iname control -exec rm {} \;

# just in case before reboot
/sbin/e-smith/db configuration set PasswordSet yes
/sbin/e-smith/db configuration setprop bootstrap-console Restore disabled


echo "##########################################################################"
echo "you just have to issue a '/sbin/e-smith/signal-event reboot'; or simply 'reboot' and enjoy your SME"
echo "But before that, are you sure you have added a working SSH key to ~/.ssh/authorized_keys ?"
echo "##########################################################################"
