#!/bin/sh
# (christer.edwards@gmail.com)
# initialize a Bastille repo

if [ $# -lt 3 ] || [ $# -gt 3 ]; then
    echo "Usage: bbsd-init-repo /path/to/repo name ipaddr"
    return 1
fi

REPOPATH=$1
JAILNAME=$2
JAILADDR=$3

RODIRS="root/bin root/boot root/dev root/lib\
        root/libexec root/rescue root/sbin\
        root/usr/bin root/usr/include root/usr/lib\
        root/usr/libdata root/usr/libexec\
        root/usr/sbin root/usr/share root/tmp"

RWDIRS="root/etc root/root root/usr/local root/var"

bbsd_init_rc_conf()
{
    cat << EOF > "${REPOPATH}"/root/etc/rc.conf
sendmail_enable="NONE"
syslogd_flags="-ss"
cron_flags="-J 15"
EOF
}

bbsd_jail_conf()
{
    touch "${REPOPATH}"/pkgs.conf
    cat << EOF > "${REPOPATH}"/jail.conf
interface = "lo1";
host.hostname = "\${name}";
exec.consolelog = "/usr/local/bastille/logs/\${name}.console.log";
path = "/usr/local/bastille/jails/\${name}/root";
ip6 = "disable";
securelevel = 2;
devfs_ruleset = 4;
enforce_statfs = 2;

exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";

exec.clean;
mount.devfs;

${JAILNAME} {
    mount.fstab = "/usr/local/bastille/fstab/\${name}.fstab";
    ip4.addr = ${JAILADDR};
}
EOF
}

bbsd_init_repo()
{
    local _dir

    for _dir in ${RWDIRS}; do
        mkdir -p "${REPOPATH}"/"${_dir}"
    done

    for _dir in ${RODIRS}; do
        mkdir -p "${REPOPATH}"/"${_dir}"
        cat << EOF > "${REPOPATH}"/"${_dir}"/.gitignore
# Ignore everything in this directory
# All directory contents will be lost
*
# Except this file
!.gitignore
EOF
done

chmod 1777 "${REPOPATH}"/root/tmp
cp -L /etc/resolv.conf "${REPOPATH}"/root/etc/resolv.conf
}

bbsd_init_repo
bbsd_jail_conf
bbsd_init_rc_conf