#!/bin/ash

if [[ ! $(id -u) = 0 ]]; then
    echo "Please run as root!"
    exit 1
fi

# edit repositories
echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/main" > /etc/apk/repositories
echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories

# apk update and install essentials
apk update && apk upgrade
apk add ncdu hstr htop nano sudo pwgen curl wget git bash-doc bash-completion openssh iputils restic --no-cache

# check if vm or lxc
if [[ ! -f /dev/.lxc-boot-id ]]
    then
        apk add qemu-guest-agent
        rc-update add qemu-guest-agent
        rc-service qemu-guest-agent start
    else
        rc-service qemu-guest-agent stop
        rc-update del qemu-guest-agent
        apk del qemu-guest-agent
fi

# change default shell to bash
isInFile=$(cat /etc/passwd | grep -c "/bin/bash")
if [ $isInFile -eq 0 ]
    then
        sed -i 's/ash/bash/g' /etc/passwd
fi

# set nano as default editor
echo "EDITOR=nano" > /etc/profile.d/default_editor.sh
echo "export EDITOR" >>  /etc/profile.d/default_editor.sh

# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]
    then
        adduser -h /home/akanealw -s /bin/bash -u 1000 -D akanealw
        echo 'akanealw:$1$OI5pilBO$ueRIbJDk6UVhxz9uCZjgU0' | chpasswd -e
fi

# add akanealw to sudo users
if [[ ! -f /etc/sudoers.d/akanealw ]]
    then
        echo "akanealw ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/akanealw
fi

# add ssh keys for akanealw
mkdir /home/akanealw/.ssh > /dev/null 2>&1
cp /home/akanealw/.ssh/authorized_keys /home/akanealw/.ssh/authorized_keys.bak > /dev/null 2>&1

isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "winpc-akanealw") > /dev/null 2>&1
    if [ $isInFile -eq 0 ]; then
        echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBKYj+eRQsvdLvrJNoqugb9A7iQT+BEPb6LI9BseyhWR winpc-akanealw" >> /home/akanealw/.ssh/authorized_keys
    fi

isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "server-akanealw")
    if [ $isInFile -eq 0 ]; then
        echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAiw0sQxxTg/zBm/Hz4LLjtiuGfefF2vogGkYcWox4S server-akanealw" >> /home/akanealw/.ssh/authorized_keys
    fi
chown akanealw:akanealw /home/akanealw/.ssh/
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*

# download user customization script for akanealw
mkdir /home/akanealw/scripts > /dev/null 2>&1
rm /home/akanealw/scripts/alpine-* > /dev/null 2>&1
wget -qO /home/akanealw/scripts/alpine-user-customizations.sh http://192.168.1.50/scripts/alpine/alpine-user-customizations.sh
chown -R akanealw:akanealw /home/akanealw/scripts/
chmod +x /home/akanealw/scripts/alpine-*

# disable ssh password login
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sed -i "/#PasswordAuthentication yes/c\PasswordAuthentication no" /etc/ssh/sshd_config

# enable and start sshd
if [[ -f /etc/init.d/sshd ]]; then
    rc-update add sshd > /dev/null 2>&1
    rc-service sshd start > /dev/null 2>&1
fi

# edit issue file
isInFile=$(cat /etc/issue | grep -c "192.168.1")
if [ $isInFile -eq 0 ]
    then
        ip address show eth0 | awk '/inet / {print $2}' | cut -d/ -f1 >> /etc/issue
        echo "" >> /etc/issue
fi

# remove all motd
rm /etc/motd > /dev/null 2>&1