#!/usr/bin/env python3

# Copyright (C) 2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

# T3008: move from ntpd to chrony and migrate "system ntp" to "service ntp"

import sys

from vyos.configtree import ConfigTree

if (len(sys.argv) < 1):
    print("Must specify file name!")
    sys.exit(1)

file_name = sys.argv[1]

with open(file_name, 'r') as f:
    config_file = f.read()

config = ConfigTree(config_file)

base_path = ['system', 'ntp']
new_base_path = ['service', 'ntp']
if not config.exists(base_path):
    # Nothing to do
    sys.exit(0)

# config.copy does not recursively create a path, so create ['service'] if
# it doesn't yet exist, such as for config.boot.default
if not config.exists(['service']):
    config.set(['service'])

# copy "system ntp" to "service ntp"
config.copy(base_path, new_base_path)
config.delete(base_path)

# chrony does not support the preempt option, drop it
for server in config.list_nodes(new_base_path + ['server']):
    server_base =  new_base_path + ['server', server]
    if config.exists(server_base + ['preempt']):
        config.delete(server_base + ['preempt'])

# Rename "allow-clients" -> "allow-client"
if config.exists(new_base_path + ['allow-clients']):
    config.rename(new_base_path + ['allow-clients'], 'allow-client')

# By default VyOS 1.3 allowed NTP queries for all networks - in chrony we
# explicitly disable this behavior and clients need to be specified using the
# allow-client CLI option. In order to be fully backwards compatible, we specify
# 0.0.0.0/0 and ::/0 as allow networks if not specified otherwise explicitly.
if not config.exists(new_base_path + ['allow-client']):
    config.set(new_base_path + ['allow-client', 'address'], value='0.0.0.0/0', replace=False)
    config.set(new_base_path + ['allow-client', 'address'], value='::/0', replace=False)

try:
    with open(file_name, 'w') as f:
        f.write(config.to_string())
except OSError as e:
    print("Failed to save the modified config: {}".format(e))
    sys.exit(1)