#!/bin/sh
# postinst script for wsssh-tools

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <package-being-installed> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
    configure)
        # Create wssshc user and group if they don't exist
        if ! getent group wssshc >/dev/null 2>&1; then
            addgroup --system wssshc
        fi

        if ! getent passwd wssshc >/dev/null 2>&1; then
            adduser --system --ingroup wssshc --home /var/lib/wssshc \
                    --no-create-home --shell /bin/false wssshc
        fi

        # Create home directory for wssshc user
        if [ ! -d /var/lib/wssshc ]; then
            mkdir -p /var/lib/wssshc
        fi

        # Ensure wssshc user owns its home directory and can write to it
        chown wssshc:wssshc /var/lib/wssshc
        chmod 755 /var/lib/wssshc

        # Ensure the user can actually write to its home directory
        # Try to create a test file to verify write permissions
        if ! su -s /bin/sh wssshc -c "touch /var/lib/wssshc/.test_write 2>/dev/null && rm /var/lib/wssshc/.test_write 2>/dev/null" 2>/dev/null; then
            echo "Warning: wssshc user cannot write to /var/lib/wssshc, fixing permissions"
            # Try to fix permissions by making directory writable
            chmod 775 /var/lib/wssshc
            # Also ensure the user is in the right group
            usermod -g wssshc wssshc 2>/dev/null || true
        fi

        # Create log directory for wssshc
        if [ ! -d /var/log/wssshc ]; then
            mkdir -p /var/log/wssshc
            chown wssshc:wssshc /var/log/wssshc
            chmod 755 /var/log/wssshc
        fi

        # Install wssshc watchdog script
        if [ -f /usr/sbin/wssshc-watchdog ]; then
            chown wssshc:wssshc /usr/sbin/wssshc-watchdog
            chmod 755 /usr/sbin/wssshc-watchdog
        fi

        # Create wsssht user and group if they don't exist
        if ! getent group wsssht >/dev/null 2>&1; then
            addgroup --system wsssht
        fi

        if ! getent passwd wsssht >/dev/null 2>&1; then
            adduser --system --ingroup wsssht --home /var/lib/wsssht \
                    --no-create-home --shell /bin/false wsssht
        fi

        # Create home directory for wsssht user
        if [ ! -d /var/lib/wsssht ]; then
            mkdir -p /var/lib/wsssht
        fi

        # Ensure wsssht user owns its home directory and can write to it
        chown wsssht:wsssht /var/lib/wsssht
        chmod 755 /var/lib/wsssht

        # Ensure the user can actually write to its home directory
        # Try to create a test file to verify write permissions
        if ! su -s /bin/sh wsssht -c "touch /var/lib/wsssht/.test_write 2>/dev/null && rm /var/lib/wsssht/.test_write 2>/dev/null" 2>/dev/null; then
            echo "Warning: wsssht user cannot write to /var/lib/wsssht, fixing permissions"
            # Try to fix permissions by making directory writable
            chmod 775 /var/lib/wsssht
            # Also ensure the user is in the right group
            usermod -g wsssht wsssht 2>/dev/null || true
        fi

        # Create log directory for wsssht
        if [ ! -d /var/log/wsssht ]; then
            mkdir -p /var/log/wsssht
            chown wsssht:wsssht /var/log/wsssht
            chmod 755 /var/log/wsssht
        fi

        # Install wsssht watchdog script
        if [ -f /usr/sbin/wsssht-watchdog ]; then
            chown wsssht:wsssht /usr/sbin/wsssht-watchdog
            chmod 755 /usr/sbin/wsssht-watchdog
        fi

        # Create /etc/default/wssshc if it doesn't exist
        if [ ! -f /etc/default/wssshc ]; then
            cat > /etc/default/wssshc << EOF
# WebSocket SSH Client (wssshc) configuration
# Set to Y, 1, TRUE, true, YES, or yes to enable the service
START=no

# Additional configuration can be done in /etc/wssshc.conf
# or ~/.config/wsssh/wssshc.conf
EOF
            chmod 644 /etc/default/wssshc
        fi

        # Create /etc/default/wsssht if it doesn't exist
        if [ ! -f /etc/default/wsssht ]; then
            cat > /etc/default/wsssht << EOF
# WSSSH Tunnel Setup Tool (wsssht) configuration
# Set to Y, 1, TRUE, true, YES, or yes to enable the service
START=no

# Additional configuration can be done in /etc/wsssht.conf
# or ~/.config/wsssh/wsssht.conf
EOF
            chmod 644 /etc/default/wsssht
        fi

        # Create example configuration files if they don't exist
        if [ ! -f /etc/wssshc.conf.example ]; then
            if [ -f /usr/share/wsssh/wssshc.conf.example ]; then
                cp /usr/share/wsssh/wssshc.conf.example /etc/wssshc.conf.example
                chmod 644 /etc/wssshc.conf.example
            fi
        fi

        if [ ! -f /etc/wsssht.conf.example ]; then
            if [ -f /usr/share/wsssh/wsssht.conf.example ]; then
                cp /usr/share/wsssh/wsssht.conf.example /etc/wsssht.conf.example
                chmod 644 /etc/wsssht.conf.example
            fi
        fi

        # Set up init scripts
        if [ -x /etc/init.d/wssshc ]; then
            update-rc.d wssshc defaults >/dev/null 2>&1 || true
        fi

        if [ -x /etc/init.d/wsssht ]; then
            update-rc.d wsssht defaults >/dev/null 2>&1 || true
        fi

        # Enable systemd services if available and sysv init is not active
        if [ -f /lib/systemd/system/wssshc.service ] && command -v systemctl >/dev/null 2>&1; then
            if ! systemctl is-active wssshc >/dev/null 2>&1 && [ ! -f /var/run/wssshc-watchdog.pid ]; then
                systemctl enable wssshc.service >/dev/null 2>&1 || true
            fi
        fi

        if [ -f /lib/systemd/system/wsssht.service ] && command -v systemctl >/dev/null 2>&1; then
            if ! systemctl is-active wsssht >/dev/null 2>&1 && [ ! -f /var/run/wsssht-watchdog.pid ]; then
                systemctl enable wsssht.service >/dev/null 2>&1 || true
            fi
        fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0