set -e 

force=$1

function safe_copy () {
    if [ ! -f /etc/yunohost/installed ]; then
        sudo cp $1 $2
    else
        if [[ "$force" == "True" ]]; then
            sudo yunohost service safecopy \
              -s slapd $1 $2 --force
        else
            sudo yunohost service safecopy \
              -s slapd $1 $2
        fi
    fi
}

cd /usr/share/yunohost/templates/slapd

# Remove legacy configuration file
[ ! -f /etc/yunohost/installed ] \
  || sudo yunohost service saferemove -s slapd \
    /etc/ldap/slapd-yuno.conf

# Retrieve current backend
backend=$(sudo slapcat -n 0 | sed -n 's/^dn: olcDatabase={1}\(.*\),cn=config$/\1/p')

# Save current database in case of a backend change
BACKEND_CHANGE=0
BACKUP_DIR="/var/backups/dc=yunohost,dc=org-${backend}-$(date +%s)"
if [[ -n "$backend" && "$backend" != "mdb" && "$force" == "True" ]]; then
    BACKEND_CHANGE=1
    sudo mkdir -p "$BACKUP_DIR"
    sudo slapcat -b dc=yunohost,dc=org \
      -l "${BACKUP_DIR}/dc=yunohost-dc=org.ldif"
fi

safe_copy sudo.schema /etc/ldap/schema/sudo.schema
safe_copy mailserver.schema /etc/ldap/schema/mailserver.schema
safe_copy ldap.conf /etc/ldap/ldap.conf
safe_copy slapd.default /etc/default/slapd
safe_copy slapd.conf /etc/ldap/slapd.conf

# Fix some permissions
sudo chown root:openldap /etc/ldap/slapd.conf
sudo chown -R openldap:openldap /etc/ldap/schema/
sudo chown -R openldap:openldap /etc/ldap/slapd.d/

# Check the slapd config file at first
sudo slaptest -Q -u -f /etc/ldap/slapd.conf

if [[ $BACKEND_CHANGE -eq 1 ]]; then
    # Regenerate LDAP config directory and import database as root
    # since the admin user may be unavailable
    sudo sh -c "rm -Rf /etc/ldap/slapd.d;
mkdir /etc/ldap/slapd.d;
slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d;
chown -R openldap:openldap /etc/ldap/slapd.d;
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \
  -l '${BACKUP_DIR}/dc=yunohost-dc=org.ldif';
chown -R openldap:openldap /var/lib/ldap" 2>&1
else
    # Regenerate LDAP config directory from slapd.conf
    sudo rm -Rf /etc/ldap/slapd.d
    sudo mkdir /etc/ldap/slapd.d
    sudo slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
    sudo chown -R openldap:openldap /etc/ldap/slapd.d/
fi

sudo service slapd force-reload