#!/bin/ksh93
#
# setup_pkg
#
# Setup IPKG configuration
#
# This script configures publishers and authentication keys for the system's
# IPKG system.
#

# Hard coded constants
KEY_DIR="/var/pkg/ssl"
DEFAULT_PUB="opensolaris.org"
DEFAULT_PUB_URL="http://pkg.opensolaris.org/release/"

# Pfexec versions of commands
PFPKG="pfexec pkg"
PFMKDIR="pfexec mkdir"
PFCHOWN="pfexec chown"
PFCP="pfexec cp"

# Get parameters
CMD=$1
CONFIG=$2

# Print an error message and exit.
function emit_error {
	echo "Error: $1"
	exit 1
}

# Clear repositories from pkg and revert to default
function clear_publishers {
	# Set default publisher.
	echo "Setting default publisher $DEFAULT_PUB at $DEFAULT_PUB_URL."
	$PFPKG set-publisher -P -O $DEFAULT_PUB_URL $DEFAULT_PUB

	# List all publishers we know except the default one.
	PUBLISHERS=$( pkg publisher -Ha | sed -e 's/\s\s*/ /g' | \
		cut '-d ' -f1 | grep -v $DEFAULT_PUB )

	# Clear all publishers.
	if [ "$PUBLISHERS" ] ; then
		echo "Clearing all other publishers."
		$PFPKG unset-publisher $PUBLISHERS
	fi

	echo "Done."
}

# Set up repositories for pkg
# The argument is a file containing information about publishers and their URLs
# with possible keyfiles and "preferred" option.
function add_publishers {
	CONFIG_FILE=$1
	CONFIG_DIR=$(dirname $1)
	[ $CONFIG_DIR ] || CONFIG_DIR="."

	# Make sure the directory for storing keys is set up correctly.
	if [ ! -d $KEY_DIR ] ; then
		echo "Creating directory $KEY_DIR."
		$PFMKDIR -m 0755 -p $KEY_DIR
		$PFCHOWN root:root $KEY_DIR
	fi

	# File format:
	# One line per package repository.
	# Lines containing "#" are ignored.
	# Fields in a line are separated by space.
        # Fields: "URL publisher keyfile preferred".
	# "preferred" can be any string. If present, this publisher will be
	# marked as preferred.
	# Keyfile will be expanded to "keyfile.key.pem" and
	# "keyfile.certificate.pem".
	# We assume that keyfiles are in the same directory as the config file.
	# "keyfile" and "preferred" can be left out.
	cat $CONFIG_FILE | grep -v '#' | while read url pub key pref; do
		# Handle the keyfile field.
		key_string=""
		key_opt=""
		if [ $key ] ; then
			echo "Storing key and certificate for $key in $KEY_DIR."
			$PFCP $CONFIG_DIR/$key.key.pem $KEY_DIR
			[ $? -eq 0 ] || \
				emit_error \
				"Can't copy $CONFIG_DIR/$key.key.pem."
			key_opt="-k $KEY_DIR/$key.key.pem"
			$PFCP $CONFIG_DIR/$key.certificate.pem $KEY_DIR
			[ $? -eq 0 ] || \
				emit_error \
				"Can't copy $CONFIG_DIR/$key.certificate.pem."

			key_opt="$key_opt -c $KEY_DIR/$key.certificate.pem"
			key_string=" with key $key"
		fi

		# Handle the preferred field.
		pref_string=""
		pref_opt=""
		if [ $pref ] ; then
			pref_string=" preferred"
			pref_opt="-P"
		fi

		# Put everything together into a pkg command.
		echo "Adding$pref_string publisher $pub at $url$key_string."
		$PFPKG set-publisher $pref_opt $key_opt -O $url $pub
		[ $? -eq 0 ] || \
			emit_error "Couldn't add publisher $publisher."
	done
}

# Show a help message.
function show_help {
	echo "Usage: $0 command [arg ...]"
	echo "Supported commands are:"
	echo "  add pkg-config-file [zone]"
	echo "  clear [zone]"
}

#
# Main program.
#
# We support different subcommands. Switch to the corresponding subroutine,
# then exit.
#
case $CMD in
        "clear" )
                clear_publishers
        ;;
        "add" )
		[ -n $CONFIG ] || emit_error "Config file not specified."
                add_publishers $CONFIG
        ;;
        'help' | * )
                show_help
        ;;
esac

exit 0