#!/bin/sh

PROGRAM=setup-acf
VERSION=0.1

PREFIX=
. $PREFIX/lib/libalpine.sh

usage() {
	echo "$PROGRAM [-adh] [PACKAGE...]"
	exit 0;
}

pkgs="acf-core acf-alpine-baselayout"

while getopts "adh" opt ; do
	case $opt in
		a) pkgs=`apk_fetch -l | grep ^acf-`;;
		d) pkgs="$pkgs acf-devtools";;
		h) usage;;
		*) usage;;
	esac
done
shift `expr $OPTIND - 1`

while [ $# -gt 0 ]; do
	pkgs="$pkgs acf-$1"
	shift
done

if [ "$FORCE_SETUP_WEBCONF" != yes ]; then
	# issue warning so user knows what he is doing
	echo "!!!"
	echo "!!! WARNING !!! WARNING !!! WARNING !!!"
	echo "!!!"
	echo "!!! The webinterface is in alpha stage and will give *anyone* on the"
	echo "!!! network access to your box. The web interface is only for testing"
	echo "!!! purposes and should only be used in isolated secure networks."
	echo "!!!"
	echo "!!! Please send suggestions and patches to acf@lists.alpinelinux.org"
	echo "!!!"

	echon "Are you sure you want continue? (y/n) [n] "
	default_read  imsure n
	if [ "$imsure" != y ]; then
		echo "Aborting."
		exit
	fi
fi

# install packages 
apk_add mini_httpd $pkgs || exit 1

# setup mini_httpd and start it
mkdir -p /var/www/localhost/
ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
lbu add /var/www/localhost/htdocs


SSLDIR=/etc/ssl/mini_httpd
SSLCNF=$SSLDIR/mini_httpd.cnf
KEYFILE=$SSLDIR/server.key
CRTFILE=$SSLDIR/server.crt
PEMFILE=$SSLDIR/server.pem

if [ -f $PEMFILE ]; then
	echo "$PEMFILE already exist."
else
	mkdir -p $SSLDIR
cat <<EOF >$SSLCNF
[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
OU=HTTPS server
CN=$(hostname)
emailAddress=postmaster@example.com

[ cert_type ]
nsCertType = server
EOF
	echo "Generating certificates for HTTPS..."
	openssl genrsa 2048 > $KEYFILE
	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
		-config $SSLCNF > $CRTFILE
	cat $KEYFILE >> $CRTFILE
	rm $KEYFILE
	mv $CRTFILE $PEMFILE
fi

cat <<EOF >/etc/mini_httpd.conf
nochroot
dir=/var/www/localhost/htdocs
user=nobody
logfile=/var/log/mini_httpd.log
cgipat=cgi-bin**
certfile=$PEMFILE
port=443
ssl
EOF

cat <<EOF >/etc/conf.d/mini_httpd
MINI_HTTPD_OPTS="-C /etc/mini_httpd.conf"
MINI_HTTPD_DOCROOT=/var/www/localhost/htdocs
EOF

pidof mini_httpd >/dev/null && /etc/init.d/mini_httpd stop
rc_add -k mini_httpd
/etc/init.d/mini_httpd start