#!/bin/sh

ID=$(id -u)

if [ $ID -ne 0 ]; then
 echo "You must run this script as root"
 exit 1
fi

NETCONFIG_DIR=/var/lib/tcos/tftp/netconfig/etc
NETCONFIG_FILE=tcospasswd
NETCONFIG_SECRET=${NETCONFIG_DIR}/${NETCONFIG_FILE}
SECRET_FILE=tcosmonitor-secret
TCOS_SECRET=/etc/tcos/secrets
SHARE_SECRET=/net/secrets/tcos
SECRET_DIR=/net/secrets
PASS=$(pwgen -s -B -1)
[ $# -eq 2 ] && PASS="$2"

do_create()
{
      if [ ! -d $SHARE_SECRET ]; then
	mkdir -p $SHARE_SECRET
      fi
      chown root:teachers $SECRET_DIR 2>/dev/null
      chmod 750 $SECRET_DIR 2>/dev/null
      chown root:tcos $SHARE_SECRET 2>/dev/null

      if [ -e ${TCOS_SECRET}/$SECRET_FILE -a -e ${NETCONFIG_SECRET} ]; then
	#if [ ! -e /etc/$NETCONFIG_FILE ]; then
		cp -f ${NETCONFIG_SECRET} /etc/$NETCONFIG_FILE 2>/dev/null
        	chmod -f 644 /etc/$NETCONFIG_FILE 2>/dev/null
        	chown root:tcos /etc/$NETCONFIG_FILE 2>/dev/null
	#fi

	#if [ ! -e $SHARE_SECRET/$SECRET_FILE ]; then
		cp -f ${TCOS_SECRET}/$SECRET_FILE $SHARE_SECRET/$SECRET_FILE 2>/dev/null
        	chmod -f 644 $SHARE_SECRET/$SECRET_FILE 2>/dev/null
        	chown root:tcos $SHARE_SECRET/$SECRET_FILE 2>/dev/null
	#fi
      fi

      [ -e ${TCOS_SECRET}/$SECRET_FILE -a -e ${NETCONFIG_SECRET} ] && exit 0

      [ ! -d ${NETCONFIG_DIR} ] && mkdir -p ${NETCONFIG_DIR} 2>/dev/null

      update-tcospasswd --user=root --passwd=$PASS --silent --tcosmonitor-secret 2>/dev/null
      update-tcospasswd --user=root --passwd=$PASS --file=${NETCONFIG_SECRET} --silent 2>/dev/null
      cp -f ${NETCONFIG_SECRET} /etc/$NETCONFIG_FILE 2>/dev/null
      cp -f ${TCOS_SECRET}/$SECRET_FILE $SHARE_SECRET/$SECRET_FILE 2>/dev/null
      chmod -f 644 /etc/$NETCONFIG_FILE 2>/dev/null
      chown root:tcos /etc/$NETCONFIG_FILE 2>/dev/null
      chmod -f 644 $SHARE_SECRET/$SECRET_FILE 2>/dev/null
      chown root:tcos $SHARE_SECRET/$SECRET_FILE 2>/dev/null
      chmod -f 644 ${NETCONFIG_SECRET} 2>/dev/null

}

do_erase()
{
      [ -e  ${TCOS_SECRET}/$SECRET_FILE ] && rm -f ${TCOS_SECRET}/$SECRET_FILE 2>/dev/null
      [ -e  ${NETCONFIG_SECRET} ] && rm -f ${NETCONFIG_SECRET} 2>/dev/null
      [ -e  $SHARE_SECRET/$SECRET_FILE ] && rm -f $SHARE_SECRET/$SECRET_FILE 2>/dev/null
      [ -e  /etc/$NETCONFIG_FILE ] && rm -f /etc/$NETCONFIG_FILE 2>/dev/null
}


case "$1" in
  generate)
	do_create
	;;
  regenerate)
	do_erase
	do_create
	;;
  erase)
	do_erase
	;;
esac

exit 0