#!/bin/sh

# an installation script for monkeysphere (borrowing liberally from
# postgresql and mysql pkg-install scripts, and from monkeysphere's
# debian/monkeysphere.postinst)

# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
# Copyright 2008

# FIXME: is /var/lib/monkeysphere the right place for this stuff on
# FreeBSD?

# PostgreSQL puts its data in /usr/local/pgsql/data

# MySQL puts its data in /var/db/mysql

VARLIB="/var/monkeysphere"

case $2 in
POST-INSTALL)
        USER=monkeysphere
        GROUP=${USER}
        UID=641
        GID=${UID}

        if pw group show "${GROUP}" 2>/dev/null; then
                echo "You already have a group \"${GROUP}\", so I will use it."
        else
                if pw groupadd ${GROUP} -g ${GID}; then
                        echo "Added group \"${GROUP}\"."
                else
                        echo "Adding group \"${GROUP}\" failed..."
                        exit 1
                fi
        fi

        if pw user show "${USER}" 2>/dev/null; then
                echo "You already have a user \"${USER}\", so I will use it."
        else
                if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
                        -d "$VARLIB" -s /usr/local/bin/bash -c "monkeysphere authentication user,,,"
                then
                        echo "Added user \"${USER}\"."
                else
                        echo "Adding user \"${USER}\" failed..."
                        exit 1
                fi
        fi

	## set up the cache directories:

	install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
	cat <<EOF > "$VARLIB"/gnupg-host/gpg.conf
list-options show-uid-validity
EOF

	install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication
# install authentication gpg.conf
	cat <<EOF > "$VARLIB"/gnupg-authentication/gpg.conf
list-options show-uid-validity
primary-keyring $VARLIB/gnupg-authentication/pubring.gpg
keyring $VARLIB/gnupg-host/pubring.gpg
EOF
	chown monkeysphere:monkeysphere "$VARLIB"/gnupg-authentication/gpg.conf

	monkeysphere-server diagnostics
        ;;
esac