#!/bin/bash

node_domain=$1
dont_force_entropy=$2

spec_path=`gem contents openshift-origin-dns-bind | grep gemspec`
base_path=${spec_path%openshift-origin-dns-bind.gemspec}

echo "Install selinux module"
semodule -l | grep dhcpnamedforward
if (( $? )) ; then
  pushd /usr/share/selinux/packages/rubygem-openshift-origin-dns-bind/ && make -f /usr/share/selinux/devel/Makefile ; popd
  semodule -i /usr/share/selinux/packages/rubygem-openshift-origin-dns-bind/dhcpnamedforward.pp
fi

echo "Install bind config"
rm -rf /var/named/dynamic
mkdir -p /var/named/dynamic
rm -f /var/named/K$node_domain*
sed "s/example.com/$node_domain/g" < $base_path/doc/examples/example.com.db > /var/named/dynamic/$node_domain.db


mkdir -p /tmp/named
pushd /tmp/named

if ! [ $dont_force_entropy ] ; then
  rngd -r /dev/urandom
fi

/usr/sbin/dnssec-keygen -a HMAC-MD5 -n HOST -b 128 $node_domain

if ! [ $dont_force_entropy ] ; then
  killall rngd
fi

KEY=$( grep Key: /tmp/named/*.private | cut -d' ' -f 2 )
mv /tmp/named/K$node_domain.* /var/named
popd
rm -rf /tmp/named

cat <<EOF > /var/named/$node_domain.key
  key $node_domain {
    algorithm HMAC-MD5 ;
    secret "${KEY}" ;
  } ;
EOF

# preserve the existing named config
if [ ! -f /etc/named.conf.orig ]
then
  mv /etc/named.conf /etc/named.conf.orig
fi

sed "s/example.com/$node_domain/g" < $base_path/doc/examples/named.conf > /etc/named.conf
chown root:named /etc/named.conf
/usr/bin/chcon system_u:object_r:named_conf_t:s0 -v /etc/named.conf

touch /var/named/data/named.run
touch /var/named/data/queries.log
touch /var/named/data/cache_dump.db
touch /var/named/data/named_stats.txt
touch /var/named/data/named_mem_stats.txt
touch /var/named/forwarders.conf
chmod 755 /var/named/forwarders.conf
chown named:named -R /var/named
restorecon -R /var/named

mkdir -p /etc/openshift/plugins.d
cat <<EOF > /etc/openshift/plugins.d/openshift-origin-dns-bind.conf
BIND_SERVER="127.0.0.1"
BIND_PORT=53
BIND_KEYNAME="${node_domain}"
BIND_KEYVALUE="${KEY}"
BIND_ZONE="${node_domain}"
EOF
perl -p -i -e "s/.*:domain_suffix.*/    :domain_suffix => \"$node_domain\",/" /var/www/openshift/broker/config/environments/*.rb
