#!/bin/sh
# postinst script for wsssh-server

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <package-being-installed> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
    configure)
        # Create wssshd user and group if they don't exist
        if ! getent group wssshd >/dev/null 2>&1; then
            addgroup --system wssshd
        fi

        if ! getent passwd wssshd >/dev/null 2>&1; then
            adduser --system --ingroup wssshd --home /var/lib/wssshd \
                    --no-create-home --shell /bin/false wssshd
        fi

        # Create wssshd home directory
        if [ ! -d /var/lib/wssshd ]; then
            mkdir -p /var/lib/wssshd
        fi

        # Ensure wssshd user owns its home directory and can write to it
        chown wssshd:wssshd /var/lib/wssshd
        chmod 755 /var/lib/wssshd

        # Ensure the user can actually write to its home directory
        # Try to create a test file to verify write permissions
        if ! su -s /bin/sh wssshd -c "touch /var/lib/wssshd/.test_write 2>/dev/null && rm /var/lib/wssshd/.test_write 2>/dev/null" 2>/dev/null; then
            echo "Warning: wssshd user cannot write to /var/lib/wssshd, fixing permissions"
            # Try to fix permissions by making directory writable
            chmod 775 /var/lib/wssshd
            # Also ensure the user is in the right group
            usermod -g wssshd wssshd 2>/dev/null || true
        fi

        # Create log directory
        if [ ! -d /var/log/wssshd ]; then
            mkdir -p /var/log/wssshd
            chown wssshd:wssshd /var/log/wssshd
            chmod 755 /var/log/wssshd
        fi

        # Create configuration directory
        if [ ! -d /etc/wssshd ]; then
            mkdir -p /etc/wssshd
            chown wssshd:wssshd /etc/wssshd
            chmod 755 /etc/wssshd
        fi

        # Create /etc/default/wssshd if it doesn't exist
        if [ ! -f /etc/default/wssshd ]; then
            cat > /etc/default/wssshd << EOF
# WebSocket SSH Server (wssshd) configuration
# Set to Y, 1, TRUE, true, YES, or yes to enable the service
START=no

# Additional configuration can be done in /etc/wssshd.conf
EOF
            chmod 644 /etc/default/wssshd
        fi

        # Create example configuration file if it doesn't exist
        if [ ! -f /etc/wssshd.conf.example ]; then
            if [ -f /usr/share/wsssh/wssshd.conf.example ]; then
                cp /usr/share/wsssh/wssshd.conf.example /etc/wssshd.conf.example
                chmod 644 /etc/wssshd.conf.example
            fi
        fi

        # Set up init script
        if [ -x /etc/init.d/wssshd ]; then
            update-rc.d wssshd defaults >/dev/null 2>&1 || true
        fi

        # Enable systemd service if available and sysv init is not active
        if [ -f /lib/systemd/system/wssshd.service ] && command -v systemctl >/dev/null 2>&1; then
            if ! systemctl is-active wssshd >/dev/null 2>&1 && [ ! -f /var/run/wssshd-watchdog.pid ]; then
                systemctl enable wssshd.service >/dev/null 2>&1 || true
            fi
        fi

        # Set proper permissions on binary
        if [ -f /usr/bin/wssshd ]; then
            chown wssshd:wssshd /usr/bin/wssshd
            chmod 755 /usr/bin/wssshd
        fi

        # Install watchdog script
        if [ -f /usr/sbin/wssshd-watchdog ]; then
            chown wssshd:wssshd /usr/sbin/wssshd-watchdog
            chmod 755 /usr/sbin/wssshd-watchdog
        fi

        # Create database directory if it doesn't exist
        if [ ! -d /var/lib/wssshd/db ]; then
            mkdir -p /var/lib/wssshd/db
            chown wssshd:wssshd /var/lib/wssshd/db
            chmod 755 /var/lib/wssshd/db
        fi

        # Restart service if it was running before upgrade
        if [ -f /tmp/wsssh-server-upgrade-state ]; then
            . /tmp/wsssh-server-upgrade-state
            rm -f /tmp/wsssh-server-upgrade-state
            if [ "$WSSSHD_WAS_RUNNING" = "1" ]; then
                echo "Restarting wssshd service after upgrade..."
                if [ -x /etc/init.d/wssshd ]; then
                    /etc/init.d/wssshd start || true
                fi
            fi
        fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0