#!/bin/bash
#
# .---.                  .              .
# |                      |              |
# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
#
#                    Freedom in the Cloud
#
# batman adv mesh functions
#
# License
# =======
#
# Copyright (C) 2014-2016 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

VARIANTS=''

IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=0

ENABLE_BATMAN="no"
BATMAN_CELLID='any'

batman_variables=(MY_USERNAME
                  BATMAN_CELLID)

function logging_on_batman {
    echo -n ''
}

function logging_off_batman {
    echo -n ''
}

function install_interactive_batman {
    echo -n ''
    APP_INSTALLED=1
}

function configure_firewall_for_batman {
    if [[ $(is_completed $FUNCNAME) == "1" ]]; then
        return
    fi
    if [[ $ENABLE_BATMAN != "yes" ]]; then
        return
    fi

    function_check save_firewall_settings
    save_firewall_settings
    mark_completed $FUNCNAME
}

function reconfigure_batman {
    echo -n ''
}

function upgrade_batman {
    echo -n ''
}

function backup_local_batman {
    echo -n ''
}

function restore_local_batman {
    echo -n ''
}

function backup_remote_batman {
    echo -n ''
}

function restore_remote_batman {
    echo -n ''
}

function remove_batman {
    ${PROJECT_NAME}-mesh-install -f batman --remove yes
    if [ ! "$?" = "0" ]; then
        echo $'Failed to remove batman'
        exit 79353
    fi
    remove_completion_param install_batman
    remove_completion_param configure_firewall_for_batman
}

function mesh_install_batman {
    chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 batctl
    chroot "$rootdir" apt-get -yq install python-dev libevent-dev ebtables python-pip git
    chroot "$rootdir" apt-get -yq install wireless-tools rfkill

    if ! grep -q "batman_adv" $rootdir/etc/modules; then
        echo 'batman_adv' >> $rootdir/etc/modules
    fi

    BATMAN_SCRIPT=$rootdir/var/lib/batman

    if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
        cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
    else
        cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
    fi

    BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
    echo '[Unit]' > $BATMAN_DAEMON
    echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
    echo 'After=network.target' >> $BATMAN_DAEMON
    echo '' >> $BATMAN_DAEMON
    echo '[Service]' >> $BATMAN_DAEMON
    echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
    echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
    echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
    echo 'Restart=on-failure' >> $BATMAN_DAEMON
    echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
    echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
    echo '' >> $BATMAN_DAEMON
    echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
    echo 'TimeoutSec=300' >> $BATMAN_DAEMON
    echo '' >> $BATMAN_DAEMON
    echo '[Install]' >> $BATMAN_DAEMON
    echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
    chroot "$rootdir" systemctl enable batman
}

function install_mesh_tunnel {
    # https://sudoroom.org/wiki/Mesh/Relay_setup
    chroot "$rootdir" apt-get -yq install xl2tpd l2tpns
    chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 python-dev libevent-dev ebtables python-pip git

    git clone https://github.com/wlanslovenija/tunneldigger $rootdir/opt/tunneldigger
    cd $rootdir/opt/tunneldigger/client
    chroot "$rootdir" make
    if [ ! -f $rootdir/opt/tunneldigger/client/l2tp_client ]; then
        echo $'tunneldigger failed to build client'
        exit 823563
    fi
    cd $rootdir/opt/tunneldigger/broker
    chroot "$rootdir" pip install -r requirements.txt
    echo 'l2tp_core' >> $rootdir/etc/modules
    echo 'l2tp_eth' >> $rootdir/etc/modules
    echo 'l2tp_netlink' >> $rootdir/etc/modules

    echo '#!/bin/sh' > $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo 'INTERFACE="$3"' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo 'ifconfig $INTERFACE up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo 'batctl if add $INTERFACE' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo 'if [ `cat /sys/class/net/bat0/operstate` != "up" ]; then' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo "  ipv4addr=\$(ip -o -f inet addr show dev \"eth0\" | awk '{print \$4}' | awk 'END {print}' | awk -F '/' '{print \$1}')" >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo '  ifconfig bat0 $ipv4addr netmask 255.0.0.0 up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    echo 'fi' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
    chmod +x $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh

    echo '[broker]' > $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; IP address the broker will listen and accept tunnels on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'address=127.0.0.1' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Ports where the broker will listen on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'port=53,8942' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Interface with that IP address' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'interface=lo' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Maximum number of tunnels that will be allowed by the broker' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'max_tunnels=1024' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Tunnel port base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'port_base=20000' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Tunnel id base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'tunnel_id_base=100' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Namespace (for running multiple brokers); note that you must also' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; configure disjunct ports, and tunnel identifiers in order for' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; namespacing to work' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'namespace=default' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; check if all kernel module are loaded. Do not check for built-ins.' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'check_modules=true' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '[log]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Log filename' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'filename=tunneldigger-broker.log' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Verbosity' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'verbosity=DEBUG' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Should IP addresses be logged or not' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'log_ip_addresses=false' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '[hooks]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Arguments to the session.{up,pre-down,down} hooks are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';    <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Arguments to the session.mtu-changed hook are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';    <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Called after the tunnel interface goes up' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'session.up=/opt/tunneldigger/broker/scripts/up_hook.sh' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Called just before the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'session.pre-down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Called after the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'session.down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo '; Called after the tunnel MTU gets changed because of PMTU discovery' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
    echo 'session.mtu-changed=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg

    echo '[Unit]' > $rootdir/etc/systemd/system/tunneldigger.service
    echo 'Description=TunnelDigger Broker' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'After=syslog.target' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'After=network.target' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo '[Service]' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'Type=simple' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'User=root' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'Group=root' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'WorkingDirectory=/opt/tunneldigger/broker' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'ExecStart=/opt/tunneldigger/broker/l2tp_broker.py l2tp_broker.cfg' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'Restart=always' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'RestartSec=60' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo '[Install]' >> $rootdir/etc/systemd/system/tunneldigger.service
    echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/tunneldigger.service

    echo '#!/bin/bash' > $rootdir/usr/bin/meshtunnel
    echo 'if [ ! $1 ]; then' >> $rootdir/usr/bin/meshtunnel
    echo '    echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
    echo '    exit 1' >> $rootdir/usr/bin/meshtunnel
    echo 'fi' >> $rootdir/usr/bin/meshtunnel
    echo 'if [ ! $2 ]; then' >> $rootdir/usr/bin/meshtunnel
    echo '    echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
    echo '    exit 2' >> $rootdir/usr/bin/meshtunnel
    echo 'fi' >> $rootdir/usr/bin/meshtunnel
    echo '' >> $rootdir/usr/bin/meshtunnel
    echo 'sed -i "s|address=.*|address=$1|g" /opt/tunneldigger/broker/l2tp_broker.cfg' >> $rootdir/usr/bin/meshtunnel
    echo 'systemctl restart tunneldigger' >> $rootdir/usr/bin/meshtunnel
    echo 'sleep 3' >> $rootdir/usr/bin/meshtunnel
    echo 'cd /opt/tunneldigger/client' >> $rootdir/usr/bin/meshtunnel
    echo './l2tp_client -f -u foo -l ${2}:53 -i l2tp' >> $rootdir/usr/bin/meshtunnel
    echo 'exit 0' >> $rootdir/usr/bin/meshtunnel
    chmod +x $rootdir/usr/bin/meshtunnel
}

function install_batman {
    if [ $INSTALLING_MESH ]; then
        mesh_install_batman
        return
    fi
    if [[ $ENABLE_BATMAN != "yes" ]]; then
        return
    fi

    ${PROJECT_NAME}-mesh-install -f batman
    if [ ! "$?" = "0" ]; then
        echo $'Failed to install batman'
        exit 72524
    fi

    function_check configure_firewall_for_batman
    configure_firewall_for_batman
    APP_INSTALLED=1
}

# NOTE: deliberately no exit 0