#!/bin/bash

. ${TOOLKIT}-functions.sh

# PATCHES: cleanup for old or standard config files
#
# 2018.03.07 kanna
# - moved down some files, to cope with .conf extension
#
purgefiles \
	/etc/apache2/conf.d/servername.conf \
	/etc/apache2/conf.d/other-vhosts-access-log \
	/etc/apache2/conf-enabled/other-vhosts-access-log.conf \
	/etc/apache2/conf-enabled/security.conf


# 2016.11.21
# 2.4 uses .conf extension for sites (fucking prjadmins, you don't have
# anything better to do than implement useless but disrupting design changes?)
#
a2_version=$(apache2_version)
conf_ext=

case $a2_version in
  2.2.*)
    purgefiles \
	/etc/apache2/sites-*/ku-default-ssl-vhosts.conf \
	/etc/apache2/sites-*/ku-default-ssl.conf \
	/etc/apache2/sites-*/ku-default.conf
    ;;
  *)
    purgefiles \
	/etc/apache2/sites-*/ku-default-ssl-vhosts \
	/etc/apache2/sites-*/ku-default-ssl \
	/etc/apache2/sites-*/ku-default
     
    conf_ext=".conf"
    ;;
esac

installfile ku-default$conf_ext /etc/apache2/sites-available/ root:root 440

# removes standard config files
#
purgefiles \
	/etc/apache2/sites-*/auto-virtual*$conf_ext \
	/etc/apache2/sites-*/default$conf_ext \
	/etc/apache2/sites-*/default-ssl$conf_ext \
	/etc/apache2/sites-*/000-default$conf_ext


# MODULES
#
for mod in vhost_alias ssl rewrite authnz_ldap
do
	apache2_enable_module $mod || exit $?
done
case $DISTRIB_ID in
  Devuan)	apache2_enable_module cgi ;;
esac


# SITES
#
# . enable default only if not present auto-virtual
# . enable ssl if defined ssl cert for unit 'www'
#
has_cert=false
jtconf cert.filename 2>/dev/null >/dev/null && has_cert=true || :

$has_cert && {
	file1="ku-default-ssl$conf_ext"
	file2="ku-default-ssl-vhosts$conf_ext"
	destdir="/etc/apache2/sites-available"

	installfile $file1 $destdir/ku-default-ssl$conf_ext :root 640 || exit $?
	installfile $file2 $destdir/ku-default-ssl-vhosts$conf_ext :root 640 || exit $?
}

if [ -L /etc/apache2/sites-enabled/ku-auto-virtual$conf_ext ]
then
	# use auto virtual hosts, disable defaults
	apache2_disable_site ku-default$conf_ext
	[ -f /etc/apache2/conf-available/serve-cgi-bin.conf ] && apache2_disable_conf serve-cgi-bin
	$has_cert && {
		apache2_disable_site ku-default-ssl$conf_ext
		apache2_enable_site ku-default-ssl-vhosts$conf_ext
	}
else
	# don't use auto virtual hosts, enable defaults
	apache2_enable_site ku-default 
	[ -f /etc/apache2/conf-available/serve-cgi-bin.conf ] && apache2_enable_conf serve-cgi-bin
	$has_cert && {
		apache2_enable_site ku-default-ssl
	}
fi


# PHP

# PHP 5.3.10-1ubuntu3.10 with Suhosin-Patch (cli) (built: Feb 28 2014 23:14:25) 
# Copyright (c) 1997-2012 The PHP Group
# Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
##phpver=$(dpkg -l php5-common | grep "^ii  php5-common " \
##	| sed -e 's/.*php5-common  *//' -e s'/\.[^0-9].*//')
phpver=$(php --version | grep '^PHP ' | sed -e 's/PHP //' -e 's/ .*//')
name="php.ini"

case $phpver in
    5.3.*)	file="php-5.3.ini"; dest="/etc/php5/apache2" ;;
    5.4.*)	file="php-5.4.ini"; dest="/etc/php5/apache2" ;;
    5.6.*)	file="php-5.6.ini"; dest="/etc/php5/apache2" ;;
    7.0.*)	file="php-7.0.ini"; dest="/etc/php/7.0/cli" ;;
    7.4.*)	file="php-7.4.ini"; dest="/etc/php/7.4/cli/conf.d"; name="50-ku-php.ini" ;;
    8.2.*)	file="php-8.2.ini"; dest="/etc/php/8.2/cli/conf.d"; name="50-ku-php.ini" ;;
    *)		echo -e "\nUNMANAGED PHP VERSION $phpver -- ABORT\n" ; exit 1 ;;
esac
installfile $file $dest/$name root:root 644 

# 2019.10.11 lc
# - deprecated kusa-db var
#
[ "X$(jtconf php.upload_file_size 2>/dev/null || :)" != "X" ] && {
	echo -e "\nDEPRECATED! php.upload_file_size=$val\n"
	echo -e "   remove all references in your kusa-db, and use php.post_file_size instead\n"
	exit_err 1 "DEPRECATED kusa-db variable"
}


# run user
#
user=$(jtconf apache.user)
group=$(jtconf apache.group)
file="/etc/apache2/envvars"

sed	-e "s/APACHE_RUN_USER=.*/APACHE_RUN_USER=::apache.user::/g" \
	-e "s/APACHE_RUN_GROUP=.*/APACHE_RUN_GROUP=::apache.group::/g" \
	$file >$file.tmp
installfile $file.tmp $file root:root 664
rm -f $file.tmp


# enable system docs access?
#
file=ku-sysdoc.conf 
dest=/etc/apache2/conf.d/ku-sysdoc.conf 

if getconfirm apache.allow_sysdoc
then
	installfile $file $dest root:root 444
else
	uninstallfiles $dest
fi

# homepage menu images
#
images_maintainer=$(jtconf apache.maintainer-images)
cd $images_maintainer
[ -e current-homepage-menu ] || {
	##updatelink homepage-menu current-homepage-menu
	rm -f current-homepage-menu	# fix old link
					# now uses apache.images-menu
}

# machine class image
#
images_local="$(jtconf path.wwwdir)/images_local"
cd $images_local
[ -e machine-icon.png ] || {
	imgpath=$(ku-machine-icon --search) && {
		installfile $imgpath machine-icon.png $user:$group 664
	}
}



# local custom files, install them if needed
#
kusalocal="/etc/kusa/modules/local"
file="bad_useragent_map.txt"
dest="/etc/apache2/"

fgrep -q "$file" $kusalocal/install || {
	(
	  echo
	  echo "# srv-web module"
	  echo "#"
	  echo ":default_owner	root:www-data"
	  echo ":default_mode	440"
	  echo
	  echo "$file		$dest"
	  echo
	) >>$kusalocal/install

	putwarning "$kusalocal/install (file)" \
		"a new section was added to $kusalocal/install file for srv-web module;" \
		"please review also $kusalocal/run-install file and uncomment relevant" \
		"commands for srv-web module"
}
[ -f $dest/$file ] || {
	installfile $file $dest root:www-data 440 || exit_err $? "installing $file"
}
# one copy in kusa localdir
[ -f $kusalocal/$file ] || {
	installfile $file $kusalocal/ root:root 660 || exit_err $? "installing $file"
}


# MPM selection (only >2.4)
#
case $a2_version in
  2.2.*) ;;
  *)
	installfile mpm_prefork.conf	/etc/apache2/mods-available/ root:root 440
	installfile mpm_event.conf	/etc/apache2/mods-available/ root:root 440
	installfile mpm_worker.conf	/etc/apache2/mods-available/ root:root 440

  	mpm=$(jtconf apache.mpm_type)
  	prev_mpm=$(ls /etc/apache2/mods-enabled/mpm_*.conf | sed -e 's#.*/mpm_##' -e 's/\.conf//')
	[ "X$mpm" != "X$prev_mpm" ] && {
		[ "X$prev_mpm" != "X" ] && a2dismod mpm_$prev_mpm
		a2enmod mpm_$mpm
		SOMETHING_CHANGED=true
	}
	;;
esac


# awstats
#
file=$(jtconf apache.customer-images)"/logo-small.png"
dest="/usr/share/awstats/icon/other/logo.png"

if [ -f "$file" ]
then
	installfile "$file" "$dest" $user:$group 664
else
	putwarning "AWSTATS CUSTOMER LOGO:" \
	  "file '$file' not found, NOT installing awstat customer logo" \
	  "as '$dest'; when you have fixed this, re-run kusa srv-web" \
	  "to update awstats files"
fi


$SOMETHING_CHANGED && {
	reload_service apache2 apache2 || exit 1
}

exit 0
