#!/bin/bash
#
# CLAMAV / AMAVIS
# -------------------------------------------------------------------
#
echo -e "\n  start $0_content_filters"

[ "X${SOMETHING_CHANGED:-}" = "X" ] && {
	echo -e "\nerror: this script cannot be run standalone, is part," >&2
	echo -e "   and is sourced, from main 'run-install' script" >&2
	exit 1
}

save_SOMETHING_CHANGED=$SOMETHING_CHANGED; SOMETHING_CHANGED=false

pkgs="amavisd-new clamav-daemon spamassassin"

sa_plugin_dir="/usr/share/perl5/Mail/SpamAssassin/Plugin"
sa_config_dir="/etc/spamassassin"
sa_lib_dir="/var/lib/spamassassin"

update_sa_channels()
{
	local chanfile="$sa_config_dir/channels"
	local keyfile="$sa_config_dir/gpgkeys"
	local sa_update_keys_dir="$sa_lib_dir/sa-update-keys"
	local kusadir="sa-channels"
	local channels=$(kusa-conf spamassassin.channels 2>/dev/null) || :
	local chan=
	local gpgkey=
	local key=

	local user=$(stat -c '%U' $sa_lib_dir)
	local group=$(stat -c '%G' $sa_lib_dir)

	create_dir --fixperms $sa_update_keys_dir $user:$group 700

	[ -f $chanfile ] || cp /dev/null $chanfile
	[ -f $keyfile ] || cp /dev/null $keyfile

	for chan in $channels
	do
		gpgkey="$kusadir/$chan.GPG-KEY"
		key="$kusadir/$chan.KEY"

		if grep -q "^$chan$" $chanfile
		then
			echo -n "  checking channel: $chan "
		else
			echo -n "  adding   channel: $chan "
			echo "$chan" >>$chanfile
		fi

		[ -f $key ] && {
			key=$(cat $key)
			if grep -q "^$key$" $keyfile
			then
				echo -n "key=$key "
			else
				echo -n "  adding key=$key "
				echo "$key" >>$keyfile
			fi
		}
		[ -f $gpgkey ] && {
			echo -n "  importing $gpgkey ... "
			sa-update --import $gpgkey --gpgkeyfile $keyfile
		}
		echo "ok"
	done
}


install_unarchivers()
{
	local pkglist=$(filepath pkgs_install_unarchive) || exit $?
	local pkg=
	local found=
	local must_install=

	echo -e "\n checking for unarchivers programs\n"

	for pkg in $(cat $pkglist)
	do
		apt-cache show $pkg >/dev/null 2>&1 || {
			echo "  ignore package $pkg (not exists)"
			continue
		}
		must_install="$must_install $pkg"
	done
	install_pkgs $must_install
	return 0
}


if getconfirm srv-mail.use_content_filter
then

	echo "  activating content filter: clamav, amavis, spamassassin"
	install_pkgs $pkgs
	install_unarchivers

	# clamav user must be in amavis group
	#
	id clamav | grep -q "amavis" || {
		usermod -G amavis clamav	|| exit $?
		SOMETHING_CHANGED=true
	}

	update_sa_channels

	# work dirs, bayesian filters learn and quarantine
	#
	work=$(jtconf clamav.workdir) || exit_missing_define clamav.workdir
	relink_dir /var/lib/clamav $work

	work=$(jtconf amavis.workdir)	|| exit_missing_define amavis.workdir
	relink_dir /var/lib/amavis $work


	installfile 60-ku_settings	/etc/amavis/conf.d/			root:root 444
	installfile freshclam.conf	/etc/clamav/				root:root 444
	installfile local.cf		$sa_config_dir/				root:root 444
	installfile sa-update-cron	/etc/cron.daily/			root:root 700
	installfile auto-check-srv-mail	/etc/kuwatcher/conf.d/			root:root 440
	installfile sa-auto-rules.tmp	$sa_config_dir/70-ku-auto-rules.cf	root:root 444

	for file in $(ls spamassassin/*.cf 2>/dev/null || :)
	do
		installfile $file	$sa_config_dir/			root:root 444
	done


	# apparmor (augh!)
	#
	apparmor_installfile usr.sbin.clamd
	apparmor_installfile usr.bin.freshclam

	# additional plugins
	#
	installfile FromNotReplyTo.pm		$sa_plugin_dir/		root:root 644 false
	installfile FromNotReplyToSameDomain.pm	$sa_plugin_dir/		root:root 644 false

	# distro rules
	#
	for file in $(ls -d spamassassin/* 2>/dev/null || :)
	do
		[ -f $file ] || continue
		installfile $file $sa_config_dir/	root:root 444
	done

	# 2015.09
	# amavis and junk mail cleanup, default file
	#
	file=/etc/default/ku-amavis-cleanup
	[ -f $file ] || {
		installfile ku-amavis-cleanup.default $file root:root 664
	}
	installfile ku-amavis-cleanup /etc/cron.daily/ root:root 775

	# 2016.04.20
	# daemon defaults and patched init file
	#
	file=/etc/default/amavisd
	[ -f $file ] || {
		installfile amavisd.default $file root:root 664
	}
	installfile amavis.init /etc/init.d/amavis root:root 775
else
	getconfirm srv-mail.keep_content_filter || {
		echo "  content filter disabled, cleanup (pkgs and file) ..."

		remove_pkgs $pkgs

		uninstallfiles \
			/etc/amavis/conf.d/60-ku-settings \
			/etc/clamav/freshclam.conf \
			$sa_config_dir/local.cf \
			$sa_config_dir/70-ku-auto-rules.cf \
			/etc/cron.daily/sa-update-cron \
			/etc/kuwatcher/conf.d/auto-check-srv-mail \
			/etc/cron.daily/ku-amavis-cleanup \
			/etc/init.d/amavis \
			$sa_plugin_dir/FromNotReplyTo.pm \
			$sa_plugin_dir/FromNotReplyToSameDomain.pm

		for file in $(ls spamassassin/*.cf 2>/dev/null || :)
		do
			[ -f $sa_config_dir/$file ] || continue
			uninstallfiles $sa_config_dir/$file
		done
	}
fi

# install other customizable files samples, if needed
#
file="80-local-rules.cf"

if getconfirm srv-mail.use_content_filter
then
	[ -f $file ] && {
		[ -f $sa_config_dir/$file ] || {
			installfile $file $sa_config_dir/ root:root 444 || exit_err $? "installing $file"
		}
		# one copy in kusa localdir
		[ -f $kusalocal/$file ] || {
			installfile $file $kusalocal/ root:root 660 || exit_err $? "installing $file"
		}
	}
else
	uninstallfiles "$sa_config_dir/$file"
fi

# purge old stuff
purgefiles \
	$sa_config_dir/70-ku-local-rules.cf \
	$sa_config_dir/70-ku-auto-distro-rules.cf \

# -------------------------------------------------------------------
changed_content_filters=$SOMETHING_CHANGED; $save_SOMETHING_CHANGED && SOMETHING_CHANGED=true

echo "  done $0_content_filters"
# run-install_content_filters (eof)
