#!/bin/bash

echo "config.sh: Start configuration"
if [ -f /root/packages/configured ]; then
	echo "config.sh: It was already configured"
	exit 0
fi

#
# Postfix
#

# basic settings.
postconf -e maillog_file=/var/log/postfix.log
postconf -e myhostname=kopano
postconf -e virtual_mailbox_maps=mysql:/etc/postfix/mysql-aliases.cf
postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql-groups.cf
postconf -e virtual_transport=lmtp:127.0.0.1:2003
postconf -e virtual_mailbox_domains=$MYDOMAIN

# get aliases from database.
cat <<EOF > /etc/postfix/mysql-aliases.cf
user = $SERVER_MYSQL_USER
password = $SERVER_MYSQL_PASSWORD
hosts = $SERVER_MYSQL_HOST
dbname = $SERVER_MYSQL_DATABASE
query = select value from objectproperty where objectid=(select objectid from objectproperty where value='%s' limit 1) and propname='loginname';
EOF
chmod 600 /etc/postfix/mysql-aliases.cf

cat <<EOF > /etc/postfix/mysql-groups.cf
user = $SERVER_MYSQL_USER
password = $SERVER_MYSQL_PASSWORD
hosts = $SERVER_MYSQL_HOST
dbname = $SERVER_MYSQL_DATABASE
query = select value from objectproperty where objectid in ( select objectid from objectrelation where parentobjectid in ( select objectid from objectproperty where value='%s' and propname='emailaddress' ) and relationtype=1 ) and propname='emailaddress';
EOF
chmod 600 /etc/postfix/mysql-groups.cf

# enable sasl authentication.
sed -i "s/^START=no/START=yes/" /etc/default/saslauthd
sed -i 's/^MECHANISMS="pam"/MECHANISMS="rimap"/' /etc/default/saslauthd
sed -i 's/^MECH_OPTIONS=""/MECH_OPTIONS="127.0.0.1"/' /etc/default/saslauthd
sed -i "s/^THREADS=5/THREADS=0/" /etc/default/saslauthd
sed -i 's@^OPTIONS="-c -m /var/run/saslauthd"@OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"@' /etc/default/saslauthd
adduser postfix sasl
cat <<EOF > /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
EOF
postconf -e "mua_client_restrictions=permit_sasl_authenticated reject"
sed -i "17,21 s/^#//g" /etc/postfix/master.cf
sed -i "23 s/^#//g" /etc/postfix/master.cf
sed -i "29,32 s/^#//g" /etc/postfix/master.cf
sed -i "34 s/^#//g" /etc/postfix/master.cf

# disable chroot for all acrive service.
sed -i "s/^\([a-z]\+ \+[a-z\-]\+ \+[a-z\-]\+ \+[a-z\-]\+ \+\)y\( \+.\+$\)/\1n\2/g" /etc/postfix/master.cf

#
# kopano-server
#
if [ -v SERVER_MYSQL_HOST ]; then sed -i "s/^#mysql_host = localhost\$/mysql_host = $SERVER_MYSQL_HOST/" /etc/kopano/server.cfg; fi
if [ -v SERVER_MYSQL_PORT ]; then sed -i "s/^#mysql_port = 3306\$/mysql_port = $SERVER_MYSQL_PORT/" /etc/kopano/server.cfg; fi
if [ -v SERVER_MYSQL_USER ]; then sed -i "s/^#mysql_user = root\$/mysql_user = $SERVER_MYSQL_USER/" /etc/kopano/server.cfg; fi
if [ -v SERVER_MYSQL_PASSWORD ]; then sed -i "s/^#mysql_password =\$/mysql_password = $SERVER_MYSQL_PASSWORD/" /etc/kopano/server.cfg; fi
if [ -v SERVER_MYSQL_DATABASE ]; then sed -i "s/^#mysql_database = kopano\$/mysql_database = $SERVER_MYSQL_DATABASE/" /etc/kopano/server.cfg; fi
sed -i "s/^#disabled_features = imap pop3/disabled_features = pop3/" /etc/kopano/server.cfg

#
# kopano-gateway
#
sed -i "s/^#imap_listen = \*%lo:143/imap_listen = 0.0.0.0:143/" /etc/kopano/gateway.cfg

#
# kopano-ical
#
sed -i "s@^#server_timezone = .\+\$@server_timezone = $TZ@" /etc/kopano/ical.cfg

#
# WebApp
#
sed -i 's/"SECURE_COOKIES", true/"SECURE_COOKIES", false/' /etc/kopano/webapp/config.php

#
# Z-Push
#
sed -i "s@define('TIMEZONE', '');@define('TIMEZONE', '$TZ');@" /etc/z-push/z-push.conf.php

#
# Register certificates.
#
cp -a /root/packages/cert/server.crt /etc/ssl/certs/ && \
    postconf -e smtpd_tls_cert_file=/etc/ssl/certs/server.crt
cp -a /root/packages/cert/server.key /etc/ssl/private/ && \
    postconf -e smtpd_tls_key_file=/etc/ssl/private/server.key

#
# Add first user.
#
kopano-admin -c $KOPANOADMUSER -p $KOPANOADMPASS -e $KOPANOADMUSER@$MYDOMAIN -f $KOPANOADMUSER -a yes

#
# Configuration complete.
#
touch /root/packages/configured
echo "config.sh: Configuration complete"