# Barix configuration interface
# (c) 2012 Barix AG
#
# meta-file for automatic config-file generation

# destination file for the configuration (absolute path)
DST_FILE[0]=/etc/lighttpd/lighttpd.conf

# template file located in /barix/config/templates/templates
TEMPLATE_FILE[0]=httpd.lighttpd.conf

# comments are prefixed with this character
COMMENT_PREFIX[0]="#"

# function to create dynamic content
DYNAMIC_CONTENT_FN[0]=create_dynamic_config_httpd

# function to create dynamic content
function create_dynamic_config_httpd()
{
	protocol=`cfg_print_param httpd.webserver.protocol`
	
	if [  "$protocol" == "https" ]; then
		cert=`cfg_print_param httpd.ssl.certificate`
		
		if [ ! -f "$cert" ]; then		
			if ! [ -d /mnt/data/certs ]; then
				mkdir -p /mnt/data/certs
			fi
			
			#TODO:try to get it from flash
			
			# Auto generate SSL self-signed certificate with validity for 20 years
			/usr/bin/openssl req -newkey rsa:2048 -x509 -days 7300 -nodes -keyout /mnt/data/certs/barix.pem -out /mnt/data/certs/barix.pem -subj "/emailAddress=info@barix.com/C=CH/ST=Zurich/L=Dubendorf/O=Barix AG/CN=barix.local"
			chmod 400 /mnt/data/certs/barix.pem
			cfg_set_param httpd.ssl.certificate '/mnt/data/certs/barix.pem'
			/usr/bin/uci commit httpd
		fi

		cert=`cfg_print_param httpd.ssl.certificate`
		echo 'server.modules += ("mod_openssl")'
            	echo 'server.port = 443'
            	echo 'server.bind = "0.0.0.0"'
            	echo 'ssl.engine = "enable"'
            	echo "ssl.pemfile = \"$cert\"" 
	else # HTTP
		echo 'server.port = 80'
	fi
}

# destination file for the modules configration (absolute path)
DST_FILE[1]=/etc/lighttpd/modules.conf

# template file located in /barix/config/templates/templates
TEMPLATE_FILE[1]=httpd.modules.conf

# comments are prefixed with this character
COMMENT_PREFIX[1]="#"

# function to create dynamic content
DYNAMIC_CONTENT_FN[1]=create_dynamic_config_httpd_modules

# function to create dynamic content
function create_dynamic_config_httpd_modules()
{
	# get the password, if set
	pwd_set=`cfg_print_param httpd.webserver.password_set`

	# first password is set
	if [ "$pwd_set" == "true" ]; then

		echo -e '$HTTP["url"] != "/sys/cgi-bin/system_ready.cgi" {'
		echo -e 'auth.require = ( "/" => ('
		echo -e '       "method"  => "digest",'
		echo -e '       "realm"   => "Barix Login",'
		echo -e '       "require" => "user=admin" )'
		echo -e ')'
		echo -e '}\n'

	fi
}


# Generate soundscape webui auth files
DST_FILE[2]=/etc/lighttpd/user.passwd

# no template
TEMPLATE_FILE[2]=

# comments are prefixed with this character
COMMENT_PREFIX[2]=

# function to create dynamic content
DYNAMIC_CONTENT_FN[2]=create_dynamic_config_user_passwd

# function to create dynamic content
function create_dynamic_config_user_passwd()
{
	# do something only if soundscape is installed
	if [ -e /usr/bin/soundscape ]; then
	
		# get the password, if set
		pwd=`cfg_print_param system.webui.User_hash`
		
		# If the passwd is empty, may be this is the first run after
		# FW upgrade from v0.72, and the hash has not been yet
		# taken from the defaults, so pick it up from there
		if [ "$pwd" == "" ]; then
			pwd=$(cat /barix/config/defaults/system | tr -d \'\" | grep -i User_hash | cut -d' ' -f3)
			
			# bring the change to the currend settings w/o resetting to the defaults
			cfg_set_param system.webui.User_hash "$pwd" 
		fi
		
		echo -n $pwd
	fi
}

DST_FILE[3]=/etc/lighttpd/admin.passwd

# no template
TEMPLATE_FILE[3]=

# comments are prefixed with this character
COMMENT_PREFIX[3]=

# function to create dynamic content
DYNAMIC_CONTENT_FN[3]=create_dynamic_config_admin_passwd

# function to create dynamic content
function create_dynamic_config_admin_passwd()
{
	# do something only if soundscape is installed
	if [ -e /usr/bin/soundscape ]; then
	
		# get the password, if set
		pwd=`cfg_print_param system.webui.Admin_hash`
				
		# If the passwd is empty, may be this is the first run after
		# FW upgrade from v0.72, and the hash has not been yet
		# taken from the defaults, so pick it up from there
		if [ "$pwd" == "" ]; then
			pwd=$(cat /barix/config/defaults/system | tr -d \'\" | grep -i Admin_hash | cut -d' ' -f3)
			
			# bring the change to the currend settings w/o resetting to the defaults
			cfg_set_param system.webui.Admin_hash "$pwd" 
		fi
		
		echo -n $pwd
	fi
}
