#!/bin/bash

set -e

do_configure() {
  # make the CA available from the web interface
  if [ ! -f  /usr/share/yunohost/admin/ca.crt ]; then
      ln -s /etc/ssl/certs/ca-yunohost_crt.pem /usr/share/yunohost/admin/ca.crt
  fi

  # Set document root permissions
  chown -R root:root /usr/share/yunohost/admin

  # Replace RANDOMID with a random hash to invalidate
  # old cache ... we generate this locally on each machine
  # to avoid leaking stuff like the version
  # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
  RANDOMID=$(RANDFILE=.rnd openssl rand -hex 4)
  sed -i "s/RANDOMID/$RANDOMID/g" /usr/share/yunohost/admin/index.html
}

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
    configure)
        do_configure
    ;;
    abort-upgrade|abort-remove|abort-deconfigure)
    ;;
    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

#DEBHELPER#

exit 0