#!/usr/bin/env bash

set -e

BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

# Create radvd.conf before installing radvd, installation fails without it
if ! [ -f /etc/radvd.conf ]; then 
    sudo cp "$BASE_DIR/radvd.conf" /etc/radvd.conf
fi

# Install packages to run IEEE 802.11 Access Point
sudo apt-get install hostapd radvd dnsmasq iptables -y

# Configure wlan0 interface
sudo mv /etc/network/interfaces /etc/network/interfaces.bak
sudo touch /etc/network/interfaces

echo "source-directory /etc/network/interfaces.d" | sudo tee --append /etc/network/interfaces > /dev/null
echo "" | sudo tee --append /etc/network/interfaces > /dev/null
echo "auto lo"  | sudo tee --append /etc/network/interfaces > /dev/null
echo "iface lo inet loopback" | sudo tee --append /etc/network/interfaces > /dev/null
echo "" | sudo tee --append /etc/network/interfaces > /dev/null
echo "allow-hotplug wlan0" | sudo tee --append /etc/network/interfaces > /dev/null
echo "iface wlan0 inet static" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    address 10.0.0.1" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    netmask 255.255.255.0" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    network 10.0.0.0" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    broadcast 10.0.0.255" | sudo tee --append /etc/network/interfaces > /dev/null
echo "iface wlan0 inet6 static" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    address fdfc::2" | sudo tee --append /etc/network/interfaces > /dev/null
echo "    netmask 64" | sudo tee --append /etc/network/interfaces > /dev/null
echo "" | sudo tee --append /etc/network/interfaces > /dev/null
echo "allow-hotplug eth0" | sudo tee --append /etc/network/interfaces > /dev/null
echo "iface eth0 inet dhcp" | sudo tee --append /etc/network/interfaces > /dev/null

# Enable packet forwarding
sudo cp /etc/sysctl.conf /etc/sysctl.conf.bak
sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sudo sed -i 's/#net.ipv6.conf.all.forwarding=1/net.ipv6.conf.all.forwarding=1/' /etc/sysctl.conf

# Get network name and password
APSSID=$(sudo grep -m 1 '"ipv6"' /etc/cjdroute.conf | awk '{ print $2 }' | sed 's/[",]//g' | sed "s/.*:/$MESH_NAME-/g")

# Select wpa-eap or wpa-psk
read -p "Use WPA-EAP (Y) or WPA2-PSK (n) for WiFi Access Point $APSSID? " -n 1 -r
echo ""
if [[ $REPLY =~ ^[Nn]$ ]]; then
    USE_EAP=false
    while [ "${#APPASS}" -lt 8 ] || [ "${#APPASS}" -gt 63 ]; do
        read -p "Set WPA2-PSK password (8-63 characters): " APPASS;
    done
else
    USE_EAP=true
    while [ "${#APPASS}" -lt 8 ] || [ "${#APPASS}" -gt 63 ]; do
        read -p "Set WPA-EAP password (8-63 characters) for user \"guest\": " APPASS;
    done
fi

# Configure network with hostapd
sudo cp "$BASE_DIR/nat.sh" /etc/hostapd/nat.sh
if [ "$USE_EAP" = true ]; then
    # Configure hostapd for wpa-eap
    sudo cp "$BASE_DIR/wpa-eap/hostapd.conf" /etc/hostapd/hostapd.conf
    sudo echo "ssid=$APSSID" | sudo tee --append /etc/hostapd/hostapd.conf > /dev/null
    sudo cp "$BASE_DIR/wpa-eap/hostapd.eap_user" /etc/hostapd/hostapd.eap_user
    sudo echo "\"guest\" MSCHAPV2 \"$APPASS\" [2]" | sudo tee --append /etc/hostapd/hostapd.eap_user > /dev/null

    # Generate wpa-eap certificates
    cp -r "$BASE_DIR/wpa-eap/certs" "$BASE_DIR/tmp"
    /bin/bash "$BASE_DIR/tmp/bootstrap"
    sudo cp "$BASE_DIR/tmp/ca.pem" /etc/hostapd/ca.pem
    sudo cp "$BASE_DIR/tmp/server.pem" /etc/hostapd/server.pem
    rm -rf "$BASE_DIR/tmp"
else
    # Configure hostapd for wpa-psk
    sudo cp "$BASE_DIR/wpa-psk/hostapd.conf" /etc/hostapd/hostapd.conf
    sudo echo "ssid=$APSSID" | sudo tee --append /etc/hostapd/hostapd.conf > /dev/null
    sudo echo "wpa_passphrase=$APPASS" | sudo tee --append /etc/hostapd/hostapd.conf > /dev/null
fi

# Configure DHCP with dnsmasq
if [ -f /etc/dnsmasq.conf ]; then
    sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.bak
fi
sudo cp "$BASE_DIR/dnsmasq.conf" /etc/dnsmasq.conf

if [ -f /etc/dhcpcd.conf ]; then 
    sudo cp /etc/dhcpcd.conf /etc/dhcpcd.conf.bak
    sudo echo "" | sudo tee --append /etc/dhcpcd.conf > /dev/null
    sudo echo "denyinterfaces wlan0" | sudo tee --append /etc/dhcpcd.conf > /dev/null
fi

# Configure IPv6 router advertisement with radvd
sudo cp "$BASE_DIR/radvd.conf" /etc/radvd.conf
sudo systemctl daemon-reload
sudo systemctl enable radvd.service
sudo systemctl start radvd.service

# Enable hostapd service
if [ -f /etc/default/hostapd ]; then
    sed '\?^DAEMON_CONF?d' /etc/default/hostapd | sudo tee /etc/default/hostapd > /dev/null
    sudo echo DAEMON_CONF="/etc/hostapd.conf" | sudo tee --append /etc/default/hostapd > /dev/null
fi

sudo cp "$BASE_DIR/hostapd.service" /etc/systemd/system/hostapd.service
sudo systemctl daemon-reload
sudo systemctl enable hostapd.service
sudo systemctl start hostapd.service
