# Barix configuration interface
# (c) 2012 Barix AG
#
# meta-file for automatic config-file generation

# destination file for the configuration (absolute path)
DST_FILE[0]=/etc/lighttpd/lighttpd.conf

# template file located in /barix/config/templates/templates
TEMPLATE_FILE[0]=httpd.lighttpd.conf

# comments are prefixed with this character
COMMENT_PREFIX[0]="#"

# function to create dynamic content
DYNAMIC_CONTENT_FN[0]=create_dynamic_config_httpd

# function to create dynamic content
function create_dynamic_config_httpd()
{
    protocol=`cfg_print_param httpd.webserver.protocol`

    if [  "$protocol" == "https" ]; then
        cert=`cfg_print_param httpd.ssl.certificate`
        if [ ! -f "$cert" ]; then		
            if ! [ -d /mnt/data/certs ]; then
                mkdir -p /mnt/data/certs
            fi

            #TODO:try to get it from flash

            # Auto generate SSL self-signed certificate with validity for 20 years
            /usr/bin/openssl req -newkey rsa:2048 -x509 -days 7300 -nodes -keyout /mnt/data/certs/barix.pem -out /mnt/data/certs/barix.pem -subj "/emailAddress=info@barix.com/C=CH/ST=Zurich/L=Dubendorf/O=Barix AG/CN=barix.local"
            chmod 400 /mnt/data/certs/barix.pem
            cfg_set_param httpd.ssl.certificate '/mnt/data/certs/barix.pem'
            /usr/bin/uci commit httpd
        fi

        cert=`cfg_print_param httpd.ssl.certificate`
        echo 'server.modules += ("mod_openssl")'
                echo 'server.port = 443'
                echo 'server.bind = "0.0.0.0"'
                echo 'ssl.engine = "enable"'
                echo "ssl.pemfile = \"$cert\"" 
    else # HTTP
        echo 'server.port = 80'
    fi

    echo ""
    sdf_port=$(cfg_print_param sdf.general.listening_port)
    echo '$HTTP["url"] =~ "^/app-settings" {'
    echo "      proxy.server  = ( \"\" => "
    echo "          (( \"host\" => \"127.0.0.1\", \"port\" => $sdf_port ))"
    echo "      )"
    echo "}"

    echo '$HTTP["url"] =~ "^/web/api/v1" {'
    echo "      proxy.server  = ( \"\" =>"
    echo "          (( \"host\" => \"127.0.0.1\", \"port\" => $sdf_port ))"
    echo "      )"
    echo "}"
}

# destination file for the modules configration (absolute path)
DST_FILE[1]=/etc/lighttpd/modules.conf

# template file located in /barix/config/templates/templates
TEMPLATE_FILE[1]=httpd.modules.conf

# comments are prefixed with this character
COMMENT_PREFIX[1]="#"

# function to create dynamic content
DYNAMIC_CONTENT_FN[1]=create_dynamic_config_httpd_modules

# function to create dynamic content
function create_dynamic_config_httpd_modules()
{
	# get the password, if set
	pwd_set=`cfg_print_param httpd.webserver.password_set`

	# first password is set
	if [ "$pwd_set" == "true" ]; then

		echo -e '$HTTP["url"] != "/sys/cgi-bin/system_ready.cgi" {'
		echo -e 'auth.require = ( "/" => ('
		echo -e '       "method"  => "digest",'
		echo -e '       "realm"   => "Barix Login",'
		echo -e '       "require" => "user=admin" )'
		echo -e ')'
		echo -e '}\n'

	fi
}


# Generate soundscape webui auth files
DST_FILE[2]=/etc/lighttpd/user.passwd

# no template
TEMPLATE_FILE[2]=

# comments are prefixed with this character
COMMENT_PREFIX[2]=

# function to create dynamic content
DYNAMIC_CONTENT_FN[2]=create_dynamic_config_user_passwd

# function to create dynamic content
function create_dynamic_config_user_passwd()
{
	# do something only if soundscape is installed
	if [ -e /usr/bin/soundscape ]; then
	
		# get the password, if set
		pwd=`cfg_print_param system.webui.User_hash`
		
		# If the passwd is empty, may be this is the first run after
		# FW upgrade from v0.72, and the hash has not been yet
		# taken from the defaults, so pick it up from there
		if [ "$pwd" == "" ]; then
			pwd=$(cat /barix/config/defaults/system | tr -d \'\" | grep -i User_hash | cut -d' ' -f3)
			
			# bring the change to the currend settings w/o resetting to the defaults
			cfg_set_param system.webui.User_hash "$pwd" 
		fi
		
		echo -n $pwd
	fi
}

DST_FILE[3]=/etc/lighttpd/admin.passwd

# no template
TEMPLATE_FILE[3]=

# comments are prefixed with this character
COMMENT_PREFIX[3]=

# function to create dynamic content
DYNAMIC_CONTENT_FN[3]=create_dynamic_config_admin_passwd

# function to create dynamic content
function create_dynamic_config_admin_passwd()
{
	# do something only if soundscape is installed
	if [ -e /usr/bin/soundscape ]; then
	
		# get the password, if set
		pwd=`cfg_print_param system.webui.Admin_hash`
				
		# If the passwd is empty, may be this is the first run after
		# FW upgrade from v0.72, and the hash has not been yet
		# taken from the defaults, so pick it up from there
		if [ "$pwd" == "" ]; then
			pwd=$(cat /barix/config/defaults/system | tr -d \'\" | grep -i Admin_hash | cut -d' ' -f3)
			
			# bring the change to the currend settings w/o resetting to the defaults
			cfg_set_param system.webui.Admin_hash "$pwd" 
		fi
		
		echo -n $pwd
	fi
}
