#!/bin/sh
# File: /usr/sbin/freeipa-helper-post-install
# License: CC-BY-SA 4.0
# Author: bgstack15
# Startdate: 2020-03-11
# Title: Script for configuring system after ipa-client-install on non-RH-like systems
# Purpose: Turn my configs into a one-liner
# History:
#    2020-03-11 contents ripped entirely from devuan.txt
#    2020-03-23 add sssd.conf templating
# Usage: 
#    sudo freeipa-helper-post-install
# References:
#    /mnt/public/Support/Platforms/devuan/devuan.txt
#    almost-bashism for templating from file https://stackoverflow.com/questions/2914220/bash-templating-how-to-build-configuration-files-from-templates-with-bash/60820800#60820800
# Improve:
# Dependencies:
#    raw: /usr/share/bgconf/confs/kerberos/kerberos.sh
#    devuan: bgconf
#    el7: bgconf

# add pam_mkhomedir
tf=/etc/pam.d/common-session ; ! grep -q 'mkhomedir' "${tf}" && { thisline="$(( $( grep -nE 'session\s+optional' "${tf}" | head -n1 | awk -F':' '{print $1}' ) - 0 ))" ; awk -v thisline="$thisline" 'NR == (thisline) {print "session optional        pam_mkhomedir.so"; } {print;}' "${tf}" > "${tf}.2" ; test -f "${tf}.2" && mv "${tf}.2" "${tf}" ; }
# set dns_canonicalize_hostname = true
sudo updateval -a /etc/krb5.conf -s '[libdefaults]' '^(\s*dns_canonicalize_hostname\s*=\s*).*' '  dns_canonicalize_hostname = true'
test -e /usr/share/bgconf/confs/kerberos/kerberos.sh && sudo sh /usr/share/bgconf/confs/kerberos/kerberos.sh
eval "cat <<EOF >/etc/sssd/sssd.conf
$( cat /usr/share/freeipa-helper/sssd.conf.in )
EOF
"
chmod 0600 /etc/sssd/sssd.conf
service sssd stop ; service sssd start
service ssh  stop ; service ssh  start