#!/bin/sh

set -e
FILESECRET="/etc/n4d/key"
CERTPATH="/etc/n4d/cert/"
CERTNAME="n4d"
case "$1" in
   configure)
	if [ ! -e "$FILESECRET" ]; then
		cat /dev/urandom| tr -dc '0-9a-zA-Z' |{ head -c 50;echo ""; } > $FILESECRET
	fi
	chmod 400 $FILESECRET
	chown root:root $FILESECRET
	if [ ! -e "${CERTPATH}${CERTNAME}key.pem" ]; then
	if [ ! -e "${CERTPATH}${CERTNAME}.csr" ]; then
		mkdir -p $CERTPATH
		openssl genrsa -out ${CERTPATH}${CERTNAME}key.pem 2048
                yes '' | openssl req -new -key ${CERTPATH}${CERTNAME}key.pem -out ${CERTPATH}${CERTNAME}.csr
                openssl x509 -req -days 600 -in ${CERTPATH}${CERTNAME}.csr -signkey ${CERTPATH}${CERTNAME}key.pem -out ${CERTPATH}${CERTNAME}cert.pem
		#lliurex-pki -n $CERTNAME --rsa
	fi
	fi
	update-rc.d n4d start 20 2 3 4 5 .
   ;;

   abort-upgrade|abort-remove|abort-deconfigure)
   ;;

   *)
       exit 1
   ;;
esac

#DEBHELPER#

exit 0