#!/bin/sh
# postinst script for opal
#
# see: dh_installdeb(1)

set -e

. /usr/share/debconf/confmodule

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

NAME=opal

[ -r /etc/default/$NAME ] && . /etc/default/$NAME

case "$1" in
    configure)

    	RET=""
      db_get opal-server/admin_password

      new_release="$(dpkg -s $DPKG_MAINTSCRIPT_PACKAGE | grep '^Version' | sed -e 's/^Version:\s*/opal-server-/')"

      if [ -z "$2" ] && [ "$RET" != "" ] ; then
        echo Updating administrator password.
        # hash the password and escape the possible '$/&' characters
        adminpw=$(echo -n $RET | xargs java -jar /usr/share/${new_release}/tools/hasher/lib/obiba-password-hasher-*-cli.jar | sed -e 's/\([\$\/\/]\)/\\\1/g' | cut -d ' ' -f 1)
        tfile=`mktemp`
        if [ ! -f "$tfile" ]; then
          return 1
        fi
        cat /etc/opal/shiro.ini | sed -e "s,^administrator\s*=.*\,,administrator=$adminpw\,," > $tfile && \
          mv $tfile /etc/opal/shiro.ini
        # clear password in db_get so it won't be re-encoded during next upgrade
        db_set opal-server/admin_password ""
      fi

    	# Create opal user if it doesn't exist.
      if ! id opal > /dev/null 2>&1 ; then
        adduser --system --home /var/lib/opal --no-create-home --disabled-password opal
      fi

      # Opal file structure on Debian
      # /etc/opal: configuration
      # /usr/share/opal: executable
      # /var/lib/opal: data runtime
      # /var/log: logs

      rm -f /usr/share/opal
      ln -s /usr/share/${new_release} /usr/share/opal

      if [ ! -e /var/lib/opal/conf ] ; then
        ln -s /etc/opal /var/lib/opal/conf
      fi

      chown -R opal:adm /var/lib/opal /var/log/opal /etc/opal
      chmod -R 750      /var/lib/opal /var/log/opal /etc/opal
      chmod +x /usr/share/opal/tools/shiro-hasher
      find /etc/opal/ -type f | xargs chmod 640

      # if upgrading to 2.0, delete old log4j config
      if [ -f "/etc/opal/log4j.properties" ]; then
        mv /etc/opal/log4j.properties /etc/opal/log4j.properties.old
      fi

      # if upgrading to 2.0, move opal-config.xml to data dir
      if [ -f "/etc/opal/opal-config.xml" ]; then
        cp /etc/opal/opal-config.xml /etc/opal/opal-config.xml.opal1-backup
        mv /etc/opal/opal-config.xml /var/lib/opal/data/opal-config.xml
      fi

      # make sure newrelic is removed from defaults
      if grep -q newrelic /etc/default/opal; then
        sed -r 's,(\s+-Dnewrelic.config.file=.*)(\s+-javaagent.*)(.*)",\3",g' /etc/default/opal > /tmp/opal.default
        mv /tmp/opal.default /etc/default/opal
        chown opal:adm /etc/default/opal
        chmod 644 /etc/default/opal
      fi

      if [ -e /etc/init.d/opal ]; then
        update-rc.d opal defaults >/dev/null
        rm /etc/init.d/opal
      fi
      systemctl daemon-reload
      systemctl enable opal
      systemctl start opal
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0
