#!/bin/sh

set -e

umask 066

# Resolve some defaults from other system config
basedn="`grep '^BASE\b' /etc/ldap/ldap.conf | sed -e 's/^BASE[[:space:]]\+//'`"
dnsdomain="`dnsdomainname`"
orgname=""
if [ -r /etc/local-ORG/orgname ]; then
	orgname="$(head -n 1 /etc/local-ORG/orgname)"
fi

# config defaults as of slapd 2.4.10-3
backend="hdb"

# Ensure all required values are properly resolved
for var in basedn dnsdomain orgname backend; do
	if [ -z "`eval echo '$'$var`" ]; then
		echo 1>&2 "ERROR: Required variable '$var' missing. Exiting...!"
		exit 1
	fi
done

masterdir=/etc/local-COMMON/ldap/db
tempdir=`mktemp -dt slapd.XXXXXX`

snippets="$(LANG=C find "$masterdir" -type f -name '*.conf.in' | sort)"
# concatenate files with an additional newline in between
# (perl could replace sed too, but multiline perl inside shell is ugly)
perl -e 'foreach (@ARGV) {print "\n" if $n; $n++; open (FH, $_); print while(<FH>); close FH;}' $snippets \
	| sed >>"$tempdir/slapd.conf" \
		-e "s/@BACKEND@/$backend/g" \
		-e "s/@SUFFIX@/$basedn/g" \
		-e "s/@ADMIN@/cn=admin,$basedn/g"

for section in core base cipux horde; do
	sed <"$masterdir/$section.ldif.in" >"$tempdir/$section.ldif" \
		-e "s/@SUFFIX@/$basedn/g" \
		-e "s/@DOMAIN@/$dnsdomain/g" \
		-e "s/@ORG@/$orgname/g"
done

for db in passwd group; do
	getent $db >"$tempdir/$db.dump"
	( cd /usr/share/migrationtools && ./migrate_passwd.pl "$tempdir/$db.dump" >"$tempdir/$db.ldif" )
done

#invoke-rc.d slapd stop
#slapadd -l "$tempdir/core.ldif"
#invoke-rc.d slapd start
#ldappasswd -x -h localhost -D "cn=admin,$basedn" -S -w supersecretpassword "cn=admin,$basedn"
for section in base cipux horde; do
	ldapadd -x -h localhost -D "cn=admin,$basedn" -f "$tempdir/$section.ldif" -W
done
for section in cipux horde; do
	ldappasswd -x -h localhost -D "cn=admin,$basedn" -S -W "uid=$section,ou=System,ou=Entities,ou=SAM,$basedn"
done

# TODO: Write as function, and create group if not existing
ldapmodify -x -h localhost -D "cn=admin,$basedn" -W <<EOF
dn: cn=DSA,ou=Administrators,ou=Groups,ou=Access Control,$basedn
changetype: modify
add: uniqueMember
uniqueMember: uid=cipux,ou=System,ou=Entities,ou=SAM,$basedn
EOF