#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-2.0-only
# Created by Tobias Powalowski <tpowa@archlinux.org>

build ()
{
    map add_binary findssl.sh scp sftp ssh-add ssh-agent ssh-copy-id ssh-keygen ssh-keyscan sshd \
      exportfs nfsstat rpc.idmapd rpc.mountd rpc.nfsd rpc.statd rpcdebug showmount \
      sm-notify start-statd rpcbind rpcinfo rpc.gssd \
      nfsdcltrack gssproxy screen tmux rsync ttyd
    map add_file /etc/screenrc /etc/ssh/ssh_config /etc/ssh/sshd_config /etc/ssh/moduli \
        /etc/rsyncd.conf /etc/exports  /usr/lib/ssh/sftp-server /usr/lib/ssh/ssh-keysign \
        /usr/lib/ssh/ssh-pkcs11-helper /etc/conf.d/rpcbind \
        /etc/netconfig
    add_file /etc/ssh/sshd_config
    # allow root login and empty passwords
    echo "PermitRootLogin yes" >> "${BUILDROOT}/etc/ssh/sshd_config"
    echo "PermitEmptyPasswords yes" >> "${BUILDROOT}/etc/ssh/sshd_config"
    add_full_dir /usr/lib/libnfsidmap
    map add_dir  /var/empty /var/lib/nfs/sm /var/lib/nfs/sm.bak /var/lib/nfs/v4recovery \
        /var/lib/nfs/rpc_pipefs /var/lib/rpcbind /var/log/gssproxy
    chmod 700 "${BUILDROOT}/var/lib/rpcbind"
    chown 32:32 "${BUILDROOT}/var/lib/rpcbind"
    # mask nfs3 systemd
    for i in rpcbind.service rpcbind.socket rpcbind.target nfs-server.service; do
        add_symlink "/etc/systemd/system/${i}" "/dev/null"
    done
    map add_full_dir /etc/gss /etc/gssproxy /var/lib/gssproxy
    add_dir /var/lib/openldap
    chmod 700 "${BUILDROOT}/var/lib/openldap"
    chown 439:439 "${BUILDROOT}/var/lib/openldap"
    # start sshd on startup
    add_symlink /etc/systemd/system/multi-user.target.wants/sshd.service /usr/lib/systemd/system/sshd.service
    # start ttyd on startup
    add_file /usr/lib/libwebsockets-evlib_uv.so
    add_file /usr/share/archboot/remote/etc/systemd/system/ttyd.service /etc/systemd/system/ttyd.service
    add_symlink /etc/systemd/system/multi-user.target.wants/ttyd.service /etc/systemd/system/ttyd.service
    # fix licenses
    map add_file /usr/share/licenses/rpcbind/COPYING /usr/share/licenses/nfsidmap/LICENSE \
        /usr/share/licenses/tmux/LICENSE /usr/share/licenses/ttyd/LICENSE
}

help ()
{
cat<<HELPEOF
  This hook includes remote tools on an archboot image.
HELPEOF
}
# vim: set ft=sh ts=4 sw=4 et: