#!/bin/bash
# BEGIN COPYRIGHT BLOCK
# (C) 2011 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK

# Always switch into the base directory three levels
# above this shell script prior to executing it so
# that all of its output is written to this directory
cd `dirname $0`/../..

# Retrieve the name of this base directory
PKI_PWD=`pwd`

# Establish the name of the machine
PKI_HOSTNAME=`hostname`

# Set pre-defined variables
PKI_DIR="pki"
PKI_FLAVOR="dogtag"
PKI_SCRIPTS_DIR="scripts"
ROOT_UID=0

# This script may ONLY be run on Linux!
PKI_OS=`uname`
if [ "${PKI_OS}" != "Linux" ]; then
    printf "The '$0' script is ONLY executable\n"
    printf "on a 'Linux' machine!\n"
    exit 255
fi
PKI_ARCH=`uname -p`
NOARCH="noarch"

# Set packaging variables
RPM_EXE="/bin/rpm"
YUM_EXE="/usr/bin/yum"
YUM_EXE_OPTIONS="-y --nogpgcheck install"
RPM_DIR="RPMS"
RPM_EXT="-[0-9]*.rpm"
COMBINED="combined"

# Set sudo variables
PKI_SUDO="/usr/bin/sudo"
PKI_SUDOERS="/etc/sudoers"

# Set user identity variables
PKI_EUID=`/usr/bin/id -u`
PKI_UID=`/usr/bin/id -ur`
PKI_USERNAME=`/usr/bin/id -un`

# Make sure that this script is NOT being run as root!
if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
    printf "The '$0' script may NOT be run as root!\n"
    exit 255
fi

# Check for the presence of the 'sudo' executable
if [ ! -x "${PKI_SUDO}" ]; then
    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
    printf "to be available on '${PKI_HOSTNAME}'!\n"
    exit 255
fi

# Check for the presence of the 'sudoers' file
if [ ! -e "${PKI_SUDOERS}" ]; then
    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
    printf "to be available on '${PKI_HOSTNAME}'!\n"
    exit 255
fi

# Check for the presence of the required sudoers command(s)
PKI_SUDOERS_COMMAND="(root) NOPASSWD: ALL"
PKI_SUDOERS_LINE="${PKI_USERNAME}  NOPASSWD: ALL"
PKI_SUDOERS_RPM_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
PKI_SUDOERS_RPM_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
PKI_SUDOERS_YUM_COMMAND="(root) NOPASSWD: ${YUM_EXE}"
PKI_SUDOERS_YUM_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${YUM_EXE}"
printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
# NOTE:  If 'ALL' commands are NOT sudo enabled, then at least BOTH
#        of the 'RPM' and 'YUM' commands MUST be sudo enabled!
`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
if [ $? -ne 0 ]; then
    sudo_commands=2
    `${PKI_SUDO} -l | grep "${PKI_SUDOERS_RPM_COMMAND}" > /dev/null 2>&1`
    if [ $? -ne 0 ]; then
        sudo_commands=`expr ${sudo_commands} - 1`
    fi
    `${PKI_SUDO} -l | grep "${PKI_SUDOERS_YUM_COMMAND}" > /dev/null 2>&1`
    if [ $? -ne 0 ]; then
        sudo_commands=`expr ${sudo_commands} - 1`
    fi
    if [ ${sudo_commands} -ne 2 ]; then
        printf "The '$0' script requires that the\n"
        printf "'${PKI_SUDOERS}' file MUST contain BOTH of these lines:\n\n"
        printf "    '${PKI_SUDOERS_RPM_LINE}'\n"
        printf "    '${PKI_SUDOERS_YUM_LINE}'\n\n"
        exit 255
    fi
fi

# Set 'composition scripts' variables
PKI_COMPOSE_SCRIPTS_DIR="${PKI_PWD}/${PKI_DIR}/${PKI_SCRIPTS_DIR}"
COMPOSE_DOGTAG_PKI_THEME_PACKAGES="compose_dogtag_pki_theme_packages"
COMPOSE_PKI_CORE_PACKAGES="compose_pki_core_packages"
COMPOSE_PKI_RA_PACKAGES="compose_pki_ra_packages"
COMPOSE_PKI_TPS_PACKAGES="compose_pki_tps_packages"
COMPOSE_PKI_CONSOLE_PACKAGES="compose_pki_console_packages"

# Establish 'packages' directories variables
PKI_PACKAGES_DIR="${PKI_PWD}/packages"
PKI_DOGTAG_THEME_PACKAGES_DIR="${PKI_PWD}/packages.dogtag_theme"
PKI_CORE_PACKAGES_DIR="${PKI_PWD}/packages.core"
PKI_RA_PACKAGES_DIR="${PKI_PWD}/packages.ra"
PKI_TPS_PACKAGES_DIR="${PKI_PWD}/packages.tps"
PKI_CONSOLE_PACKAGES_DIR="${PKI_PWD}/packages.console"

# Establish PKI theme package names
PKI_COMMON_THEME=${PKI_FLAVOR}-pki-common-theme${RPM_EXT}
PKI_CA_THEME=${PKI_FLAVOR}-pki-ca-theme${RPM_EXT}
PKI_KRA_THEME=${PKI_FLAVOR}-pki-kra-theme${RPM_EXT}
PKI_OCSP_THEME=${PKI_FLAVOR}-pki-ocsp-theme${RPM_EXT}
PKI_RA_THEME=${PKI_FLAVOR}-pki-ra-theme${RPM_EXT}
PKI_TKS_THEME=${PKI_FLAVOR}-pki-tks-theme${RPM_EXT}
PKI_TPS_THEME=${PKI_FLAVOR}-pki-tps-theme${RPM_EXT}
PKI_CONSOLE_THEME=${PKI_FLAVOR}-pki-console-theme${RPM_EXT}

# Establish PKI core package names
PKI_SYMKEY=pki-symkey${RPM_EXT}
PKI_BASE=pki-base${RPM_EXT}
PKI_JAVADOC=pki-javadoc${RPM_EXT}
PKI_TOOLS=pki-tools${RPM_EXT}
PKI_SERVER=pki-server${RPM_EXT}
PKI_SELINUX=pki-selinux${RPM_EXT}
PKI_CA=pki-ca${RPM_EXT}
PKI_KRA=pki-kra${RPM_EXT}
PKI_OCSP=pki-ocsp${RPM_EXT}
PKI_TKS=pki-tks${RPM_EXT}

# Establish PKI ra package names
PKI_RA=pki-ra${RPM_EXT}

# Establish PKI tps package names
PKI_TPS=pki-tps${RPM_EXT}

# Establish PKI console package names
PKI_CONSOLE=pki-console${RPM_EXT}

# Always start with new package directories
rm -rf ${PKI_PACKAGES_DIR}
rm -rf ${PKI_DOGTAG_THEME_PACKAGES_DIR}
rm -rf ${PKI_CORE_PACKAGES_DIR}
rm -rf ${PKI_RA_PACKAGES_DIR}
rm -rf ${PKI_TPS_PACKAGES_DIR}
rm -rf ${PKI_CONSOLE_PACKAGES_DIR}

# Compose and install 'dogtag-pki-theme' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_DOGTAG_PKI_THEME_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_DOGTAG_THEME_PACKAGES_DIR}
cd ${PKI_DOGTAG_THEME_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_COMMON_THEME} ${PKI_CA_THEME} ${PKI_KRA_THEME} ${PKI_OCSP_THEME} ${PKI_RA_THEME} ${PKI_TKS_THEME} ${PKI_TPS_THEME} ${PKI_CONSOLE_THEME}

# Compose and install 'pki-core' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_CORE_PACKAGES} hybrid_rpms
mv ${PKI_PACKAGES_DIR} ${PKI_CORE_PACKAGES_DIR}
cd ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}
mkdir -p ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
cp -p ${NOARCH}/*.rpm ${PKI_ARCH}/*.rpm ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
cd ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_SYMKEY} ${PKI_BASE} ${PKI_JAVADOC} ${PKI_TOOLS} ${PKI_SERVER} ${PKI_SELINUX} ${PKI_CA} ${PKI_KRA} ${PKI_OCSP} ${PKI_TKS}

# Compose and install 'pki-ra' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_RA_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_RA_PACKAGES_DIR}
cd ${PKI_RA_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_RA}

# Compose and install 'pki-tps' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_TPS_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_TPS_PACKAGES_DIR}
cd ${PKI_TPS_PACKAGES_DIR}/${RPM_DIR}/${PKI_ARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_TPS}

# Compose and install 'pki-console' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_CONSOLE_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_CONSOLE_PACKAGES_DIR}
cd ${PKI_CONSOLE_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_CONSOLE}