#!/bin/bash
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2015  Marek Marczykowski-Górecki 
#                           <marmarek@invisiblethingslab.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
#

# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions

BEGIN_MARKER="### QUBES BEGIN ###"
END_MARKER="### QUBES END ###"

set -e

### helper functions begin ###

# set proxy in given config file
update_conf() {
    local CONF_PATH="$1"
    local CONF_OPTIONS="$2"

    # Ensure that Qubes conf markers are present in the file
    if ! grep -q "$BEGIN_MARKER" "$CONF_PATH"; then
        if grep -q "$END_MARKER" "$CONF_PATH"; then
            echo "ERROR: found QUBES END marker but not QUBES BEGIN in ${CONF_PATH}" >&2
            echo "Fix the file by either removing both of them, or adding missing back and retry" >&2
            exit 1
        fi
        cp "$CONF_PATH" "${CONF_PATH}.qubes-orig"
        echo "$BEGIN_MARKER" >> "$CONF_PATH"
        echo "$END_MARKER" >> "$CONF_PATH"
    elif ! grep -q "$END_MARKER" "$CONF_PATH"; then
        echo "ERROR: found QUBES BEGIN marker but not QUBES END in ${CONF_PATH}" >&2
        echo "Fix the file by either removing both of them, or adding missing back and retry" >&2
        exit 1
    fi

    # Prepare config block
    local tmpfile
    tmpfile=$(mktemp)
    cat > "${tmpfile}" <<EOF
# This part of configuration, until QUBES END, is automatically generated by
# $0. All changes here will be overriden.
# If you want to override any option set here, set it again to desired value,
# below this section
$CONF_OPTIONS
EOF

    # And insert it between the markers
    sed -i -e "/^$BEGIN_MARKER$/,/^$END_MARKER$/{
        /^$END_MARKER$/b
        /^$BEGIN_MARKER$/!d
        r ${tmpfile}
        }" "${CONF_PATH}"
    rm -f "${tmpfile}"
}

### helper functions end

# Determine whether the proxy should be used
if qsvc yum-proxy-setup || qsvc updates-proxy-setup ; then
    PROXY_ADDR_BASE="127.0.0.1:8082"
    PROXY_ADDR="http://${PROXY_ADDR_BASE}/"
    PROXY_CONF_ENTRY="proxy=$PROXY_ADDR"
else
    PROXY_ADDR=""
    # do not proxy at all (for example dnf.conf doesn't tolerate empty entry)
    PROXY_CONF_ENTRY=""
fi

# For programs supporting .d style configs, it's simple
if [ -d /etc/apt/apt.conf.d ]; then
    if [ -n "$PROXY_ADDR" ]; then
        cat > /etc/apt/apt.conf.d/01qubes-proxy <<EOF
### This file is automatically generated by Qubes ($0 script).
### All modifications here will be lost.
### If you want to override some of this settings, create another file under 
### /etc/apt/apt.conf.d.

# Use Qubes Update Proxy
Acquire::http::Proxy "$PROXY_ADDR";
Acquire::tor::proxy "$PROXY_ADDR";
EOF
    else
        rm -f /etc/apt/apt.conf.d/01qubes-proxy
    fi
fi

# Yum at least supports including an individual config files
if [ -d /etc/yum.conf.d ]; then
    cat > /etc/yum.conf.d/qubes-proxy.conf <<EOF
### This file is automatically generated by Qubes ($0 script).
### All modifications here will be lost.
### If you want to override some of this settings, add them in /etc/yum.conf
### below a "include=/etc/yum.conf.d/qubes-proxy.conf" line.

$PROXY_CONF_ENTRY
EOF
fi

# Pacman (archlinux) also
if [ -d /etc/pacman.d ]; then
    if [ -n "$PROXY_ADDR" ]; then
        mkdir -p /run/qubes/bin
        cat > /run/qubes/bin/pacman <<EOF
#!/bin/bash
### This file is automatically generated by Qubes ($0 script).
### All modifications here will be lost.
exec env ALL_PROXY=$PROXY_ADDR /usr/bin/pacman "\$@"
EOF
        chmod +x /run/qubes/bin/pacman
        cat > /etc/profile.d/qubes-proxy.sh << EOF
### This file is automatically generated by Qubes ($0 script).
### All modifications here will be lost.
export PATH=/run/qubes/bin:\$PATH
EOF
    else
        rm -f /run/qubes/bin/pacman
        rm -f /etc/profile.d/qubes-proxy.sh
    fi
fi


# DNF configuration doesn't support including other files
# https://bugzilla.redhat.com/show_bug.cgi?id=1352234
if [ -e /etc/dnf/dnf.conf ]; then
    update_conf /etc/dnf/dnf.conf "$PROXY_CONF_ENTRY"
fi

# The same goes for PackageKit...
# https://bugs.freedesktop.org/show_bug.cgi?id=96788
if [ -e /etc/PackageKit/PackageKit.conf ]; then
    update_conf /etc/PackageKit/PackageKit.conf "ProxyHTTP=$PROXY_ADDR"
fi

# Portage (Gentoo)
if [ -e /etc/portage/make.conf ]; then
    update_conf /etc/portage/make.conf "http_proxy=\"$PROXY_ADDR\"
https_proxy=\"$PROXY_ADDR\"
RSYNC_PROXY=\"${PROXY_ADDR_BASE}\""

    # Current workaround for gpg not resolving key servers used behing proxy
    # See QubesOS/qubes-issues#6013
    if [ -n "$PROXY_ADDR" ]; then
        update_conf /etc/hosts "127.0.0.1 keys.gentoo.org keys.gnupg.net"
    else
        update_conf /etc/hosts ""
    fi
fi