#!/bin/bash

function check_sanity {
    # Do some sanity checking.
    if [ $(/usr/bin/id -u) != "0" ]
    then
        die 'Must be run by root user'
    fi

    if [ -f /etc/debian_version ]
    then
        DEBIAN_VERSION=`cat /etc/debian_version `
        if [ ${DEBIAN_VERSION:0:1} -lt 5 ]
        then
            die "Debian $DEBIAN_VERSION is not supported"
        fi
    else
        die "Distribution is not supported"
    fi
}

function die {
    echo "ERROR:" $1 > /dev/null 1>&2
    exit 1
}

function install_dash {
    if [ ! -f /bin/dash ]
    then
        apt-get -y install dash
    fi
    rm -f /bin/sh
    ln -s dash /bin/sh
}

function install_dropbear {
    if [ ! -f /usr/sbin/dropbear ]
    then
        apt-get -y install dropbear
    fi
    # Disable SSH
    touch /etc/ssh/sshd_not_to_be_run
    invoke-rc.d ssh stop

    # Enable dropbear to start. If xinetd exists, we will use that instead.
    if [ -f /usr/sbin/xinetd ]
    then
        cat >> /etc/xinetd.d/dropbear <<END
service ssh
{
    socket_type     = stream
    only_from       = 0.0.0.0
    wait            = no
    user            = root
    protocol        = tcp
    server          = /usr/sbin/dropbear
    server_args     = -i
    disable         = no
}
END
        invoke-rc.d xinetd restart
    else
        sed 's/^NO_START=1/NO_START=0/' /etc/default/dropbear > /tmp/db.$$ && \
            mv /tmp/db.$$ /etc/default/dropbear

        invoke-rc.d dropbear start
    fi
}

function install_syslogd {
    # We just need a simple vanilla syslogd. Also there is no need to log to
    # so many files (waste of fd). Just dump them into
    # /var/log/(cron/mail/messages)
    if [ ! -f /usr/sbin/syslogd ]
    then
        apt-get -y install inetutils-syslogd
    fi

    invoke-rc.d inetutils-syslogd stop

    for file in /var/log/*.log /var/log/mail.* /var/log/debug /var/log/syslog
    do
        [ -f "$file" ] && rm -f "$file"
    done
    for dir in fsck news
    do
        [ -d "/var/log/$dir" ] && rm -rf "/var/log/$dir"
    done

    cat > /etc/syslog.conf <<END
*.*;mail.none;cron.none -/var/log/messages
cron.*                  -/var/log/cron
mail.*                  -/var/log/mail
END

    [ -d /etc/logrotate.d ] || mkdir -p /etc/logrotate.d
    cat > /etc/logrotate.d/inetutils-syslogd <<END
/var/log/cron
/var/log/mail
/var/log/messages {
   rotate 4
   weekly
   missingok
   notifempty
   compress
   postrotate
      /etc/init.d/inetutils-syslogd reload >/dev/null
   endscript
}
END

    invoke-rc.d inetutils-syslogd start
}

function remove_rsyslog {
    # Remove rsyslogd, which allocates ~30MB privvmpages on an OpenVZ system,
    # which might make some low-end VPS inoperatable. We will do this even
    # before running apt-get update.
    if [ -f /usr/sbin/rsyslogd ]
    then
        apt-get -y remove --purge rsyslog
        [ -f /usr/sbin/rsyslogd ] && die 'rsyslog cannot be removed'
    fi
}

function remove_portmap {
    # Some Debian have portmap installed. We don't need that.
    if [ -f /sbin/portmap ]
    then
        apt-get -y remove --purge portmap
        [ -f /sbin/portmap ] && die 'portmap cannot be removed'
    fi
}

function update_upgrade {
    # Run through the apt-get update/upgrade first. This should be done before
    # we try to install any package
    apt-get -y update
    apt-get -y upgrade
}

########################################################################
# START OF PROGRAM
########################################################################
export PATH=/bin:/usr/bin:/sbin:/usr/sbin

check_sanity
remove_rsyslog
remove_portmap
update_upgrade
install_dash
install_syslogd
install_dropbear