#!/bin/bash
#
# This is an sdm plugin for: knockd
#
# The plugin is called three times: for Phase 0, Phase 1, and post-install.
#

function loadparams() {
    source $SDMPT/etc/sdm/sdm-readparams
}

# $1 is the phase: "0", "1", or "post-install"
# $2 is the argument list: arg1=val1|arg2=val2|arg3=val3| ...
#
# Main code for the Plugin
#
phase=$1
pfx="$(basename $0)"     #For messages
args="$2"
loadparams
vldargs="|config|localsrc|"
assetdir="$SDMPT/etc/sdm/assets/knockd"

if [ "$phase" == "0" ]
then
    #
    # In Phase 0 all references to directories in the image must be preceded by $SDMPT
    #
    logtoboth "* Plugin $pfx: Start Phase 0"
    plugin_getargs $pfx "$args" "$vldargs" "" || exit
    mkdir -p $assetdir
    #
    # Print the keys found (example usage). plugin_getargs returns the list of found keys in $foundkeys
    #
    plugin_printkeys
    #
    # Copy pktables and knockd.conf files
    #
    srcurl="https://raw.githubusercontent.com/gitbls/pktables/master"
    if [ "$config" != "" ]
    then
	logtoboth "> Plugin $pfx: Copy knockd config from $localsrc to $assetdir"
	[ -f $config ] && cp -a $config $assetdir/knockd.conf
    fi
    if [ "$localsrc" != "" ]
    then
	#
	# Copy the appropriate files from local stash into the IMG
	#
	logtoboth "> Plugin $pfx: Copy pktables and knockd-helper from $localsrc to $assetdir"
	[ -f "$localsrc/pktables" ] && cp -a $localsrc/pktables $assetdir
	[ -f "$localsrc/knockd-helper" ] && cp -a $localsrc/knockd-helper $assetdir
	[ -f "$localsrc/knockd.service" ] && cp -a $localsrc/knockd.service $assetdir
	if [ "$config" == "" ]
	then
	    logtoboth "> Plugin $pfx: Copy knockd.conf from $localsrc to $assetdir"
	    [ -f "$localsrc/knockd.conf" ] && cp -a $localsrc/knockd.conf $assetdir
	fi
    else
	logtoboth "> Plugin $pfx: Download pktables from GitHub..."
	gsts=0
	for f in pktables knockd-helper knockd.service
	do
	    wget $srcurl/$f --output-document=$assetdir/$f
	    [ $? -ne 0 ] && gsts=1
	done
	if [  $gsts -ne 0 ]
	then
	    logtobothex "? Plugin $pfx: Unable to download pktables from $srcurl"
	fi
    fi
    logtoboth "* Plugin $pfx: Complete Phase 0"
elif [ "$phase" == "1" ]
then
    #
    # Phase 1 (in nspawn)
    #
    logtoboth "* Plugin $pfx: Start Phase 1"
    plugin_getargs $pfx "$args" "$vldargs" ""
    #logfreespace "at start of Plugin $pfx Phase 1"
    #
    logtoboth "> Plugin $pfx: Install knockd and iptables"
    installpkgsif "knockd iptables"
    #
    #logfreespace "at end of $pfx Phase 1"
    logtoboth "* Plugin $pfx: Complete Phase 1"
else
    #
    # Plugin Post-install edits
    #
    logtoboth "* Plugin $pfx: Start Phase post-install"
    plugin_getargs $pfx "$args" "$vldargs" ""
    #logfreespace "at start of Plugin $pfx Phase post-install"
    #
    [ -f $assetdir/pktables ] && cp -a $assetdir/pktables /usr/local/bin && setfileownmode /usr/local/bin/pktables 755
    [ -f $assetdir/knockd-helper ] && cp -a $assetdir/knockd-helper /usr/local/bin && setfileownmode /usr/local/bin/knockd-helper 755
    if [ -f $assetdir/knockd.conf ]
    then
	[ -f /etc/knockd.conf ] && mv /etc/knockd.conf /etc/knockd.conf.sdm
	cp -a $assetdir/knockd.conf /etc
	setfileownmode /etc/knockd.conf 644
    fi
    if [ -f $assetdir/knockd.service ]
    then
	cp -a $assetdir/knockd.service /etc/systemd/system
	setfileownmode /etc/systemd/system/knockd.service 644
	systemctl daemon-reload > /dev/null 2>&1
    fi
    #
    #logfreespace "at end of $pfx Custom Phase post-install"
    plugin_addnote ""
    plugin_addnote "*** knockd Configuration Notes ***"
    plugin_addnote ""
    plugin_addnote " * sudoedit /etc/knockd.conf and configure your port knocking"
    plugin_addnote " * sudoedit /usr/local/bin/knockd-helper"
    plugin_addnote "   and add 'pktables init' commands for each service in your knockd.conf "
    plugin_addnote " * sudo systemctl enable knockd"
    plugin_addnote " * Reboot"
    plugin_addnote " * Check for errors: sudo journalctl -b"
    plugin_addnote " * Make sure port forwards for ALL your knock sequences are set in your router"
    plugin_addnote ""
    plugin_addnote " * pktables documentation: https://github.com/gitbls/pktables"
    plugin_addnote " * knockd and knockd.conf documentation: man knockd"
    plugin_addnote ""
    plugin_addnote " * Complete Phase post-install"
fi
