#!/bin/sh

SOURCE_DIR=$(realpath $(dirname "${0}"))/basic

# Install packages
apk --no-cache add docker gettext git htop kbd-misc libressl openssh-server openssh-sftp-server postfix nginx

# Copy profile files and settings
mkdir /root/.ssh
mkdir -p /root/.config/htop
cp ${SOURCE_DIR}/root/.ssh/authorized_keys /root/.ssh/authorized_keys
cp ${SOURCE_DIR}/root/.config/htop/htoprc /root/.config/htop/htoprc

# Copy boot configuration
cp ${SOURCE_DIR}/boot/extlinux.conf /boot/extlinux.conf

# Forbid login on tty1, disable tty2-6
cp ${SOURCE_DIR}/etc/inittab /etc/inittab

# Enable support for Czech characters
cp ${SOURCE_DIR}/etc/rc.conf /etc/rc.conf
cp ${SOURCE_DIR}/etc/conf.d/consolefont /etc/conf.d/consolefont
rc-update add consolefont boot

# Set legal banner with URL
cp ${SOURCE_DIR}/etc/issue.template /etc/issue.template
cp ${SOURCE_DIR}/sbin/issue-gen /sbin/issue-gen # TODO: Make executable

# Configure Postfix
# cp ${SOURCE_DIR}/etc/postfix/main.cf /etc/postfix/main.cf

# Create a self-signed certificate
mkdir /etc/ssl/private
openssl req -x509 -new -out /etc/ssl/certs/services.pem -keyout /etc/ssl/private/services.key -nodes -days 3654 -subj "/C=CZ/CN=$(hostname -f)"
chmod 640 /etc/ssl/private/services.key

# Configure nginx
# cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf
# cp ${SOURCE_DIR}/etc/nginx/sites-available/default /etc/nginx/sites-available/default

# Copy Portal resources
cp ${SOURCE_DIR}/usr/local/bin/portal-app-manager /usr/local/bin/portal-app-manager
cp -r ${SOURCE_DIR}/srv/portal /srv/portal

# Configure services
for SERVICE in docker nginx postfix sshd; do
    rc-update add ${SERVICE} boot
    service ${SERVICE} start
done

# TODO: Hide OpenRC output