#!/bin/bash

if grep "$PAM_USER" /etc/passwd > /dev/null; then
	exit 0;
fi

if ! [ -f /bin/mount.orig ]; then
	mv /bin/mount /bin/mount.orig
	ln -s /usr/local/bin/wrapper-mount /bin/mount
fi

LOGIN="${PAM_USER,,}"
USER_GROUPS=($(groups "$LOGIN" | sed -e 's/^.*: //g'))
PASSWORD="$PAM_AUTHTOK"
USER_UID="$(getent passwd "$LOGIN" | awk -F ':' '{print $3}')"

if [ "$PASSWORD" = "" ]; then
	PASSWORD="$(cat /dev/shm/.~pamgate."$LOGIN")"
fi
rm -f /dev/shm/.~pamgate."$LOGIN"

PASSWD="$PASSWORD"	# for mount.cifs
export PASSWD

SRV=172.16.0.3
ROUTER=172.16.0.1
if /sbin/route -n | grep ^192.168.100 > /dev/null; then
	SRV=192.168.100.206
	ROUTER=192.168.100.206
fi
if /sbin/route -n | grep ^192.168.0.0 > /dev/null; then
	SRV=192.168.2.2
	ROUTER=192.168.2.2
fi
if /sbin/route -n | grep ^10.4.67 > /dev/null; then
	SRV=10.4.67.9
	ROUTER=10.4.67.9
fi

export SRV
export ROUTER

safemount() {
	SHARE_NAME="$1"
	MOUNTPOINT="$2"
	OPTIONS="$3"

	if ! touch "$MOUNTPOINT" 2> /dev/null; then
		sudo route add -net 10.0.0.0/8 gw "$ROUTER" 2>/dev/null
		sudo mount.cifs -o "user=$LOGIN$OPTIONS" "//$SRV/$SHARE_NAME" "$MOUNTPOINT"
	fi
}

#echo $USER_GROUPS

PRIMARY_GROUP="${USER_GROUPS[0]}"

#if ! [ -d "/sys/fs/cgroup/systemd" ]; then
#	sudo mount -t cgroup cgroup /sys/fs/cgroup
#	sudo mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,release_agent=/usr/lib/x86_64-linux-gnu/systemd-shim-cgroup-release-agent,name=systemd systemd /sys/fs/cgroup/systemd
#fi

#if [ "$(stat -c%u /var/run/$USER_UID)" != "$USER_UID" ]; then
#	sudo mkdir "/var/run/$USER_UID"
#	#sudo mount -t tmpfs tmpfs "/var/run/$USER_UID"
#	sudo chown "$USER_UID:$PRIMARY_GROUP" "/var/run/$USER_UID"
#fi

if [ "$(stat -c%u /run/user/$USER_UID)" != "$USER_UID" ]; then
	sudo mkdir "/run/user/$USER_UID"
	#sudo mount -t tmpfs tmpfs "/run/user/$USER_UID"
	sudo chown "$USER_UID:$PRIMARY_GROUP" "/run/user/$USER_UID"
fi

if ! touch /home/"$LOGIN" 2> /dev/null; then
	safemount "$LOGIN" /home/"$LOGIN"

	for USER_GROUP in $USER_GROUPS; do
		safemount grp-"${USER_GROUP}" /mnt/opt/"${USER_GROUP}" ",uid=${USER_UID}"
	done

	sudo mount --bind /mnt/opt/"$PRIMARY_GROUP" /opt
fi

sudo /lib/live/config/0007-time >/dev/null 2>/dev/null &

unset PASSWD

mkdir /tmp/login_scripts
cd /tmp/login_scripts

# default pre scripts
wget https://auth.clab.mephi.ru/scripts/default.sh -O default.sh
chmod +x default.sh
./default.sh "$LOGIN"

# downloading login scripts
jq '.login_scripts | .[] | [.scriptname] | @csv' /dev/shm/.loginresult."$LOGIN" | while read t; do scriptname="$(eval "echo $t")"; wget https://auth.clab.mephi.ru/scripts/"$scriptname" -O "$scriptname"; chmod +x "$scriptname"; done

# running login scripts
PATH="/tmp/login_scripts:$PATH" jq '.login_scripts | .[] | [.scriptname, .arguments] | @sh' /dev/shm/.loginresult."$LOGIN" | while read t; do eval "eval \"./$t\""; done

rm -rf /tmp/login_scripts
cd /

rm -f /dev/shm/.loginresult."$LOGIN"

exit 0