#!/usr/bin/env python3
#
# Copyright (C) 2018 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#

import sys
import os
import pwd
import socket

import jinja2

from vyos.config import Config
from vyos import ConfigError

config_file = r'/etc/salt/minion'

# Please be careful if you edit the template.
config_tmpl = """

### Autogenerated by salt-minion.py ###

##### Primary configuration settings #####
##########################################

# Set the location of the salt master server, if the master server cannot be
# resolved, then the minion will fail to start.
{% for host in master -%}
master: {{ host }}
{% endfor %}

# The user to run salt
user: {{ user }}

# The directory to store the pki information in
pki_dir: /config/salt/pki/minion

# Explicitly declare the id for this minion to use, if left commented the id
# will be the hostname as returned by the python call: socket.getfqdn()
# Since salt uses detached ids it is possible to run multiple minions on the
# same machine but with different ids, this can be useful for salt compute
# clusters.
id: {{ salt_id }}

mine_enabled: True
mine_return_job: False
mine_interval: 60
"""

default_config_data = {
    'master' : 'salt',
    'user': 'vyos',
    'salt_id': socket.gethostname()
}

def get_config():
    salt = default_config_data
    conf = Config()
    if not conf.exists('service salt-minion'):
        return None
    else:
        conf.set_level('service salt-minion')

    if conf.exists('master'):
        master = conf.return_values('master')
        salt['master'] = master

    if conf.exists('ID'):
        salt['salt_id'] = conf.return_value('ID')

    if conf.exists('user'):
        salt['user'] = conf.return_value('user')

    return salt

def generate(salt):
    paths = ['/etc/salt/','/var/run/salt','/opt/vyatta/etc/config/salt/'] 
    directory = '/opt/vyatta/etc/config/salt/pki/minion'
    uid = pwd.getpwnam(salt['user']).pw_uid

    if salt is None:
        return None

    if not os.path.exists(directory):
        os.makedirs(directory)

    tmpl = jinja2.Template(config_tmpl)
    config_text = tmpl.render(salt)
    with open(config_file, 'w') as f:
        f.write(config_text)
    path = "/etc/salt/"  
    for path in paths:
      for root, dirs, files in os.walk(path):  
        for usgr in dirs:  
          os.chown(os.path.join(root, usgr), uid, 100)
        for usgr in files:
          os.chown(os.path.join(root, usgr), uid, 100)
    return None

def apply(salt):
    if salt is not None:
        os.system("sudo systemctl restart salt-minion")
    else:
        # Salt access is removed in the commit
        os.system("sudo systemctl stop salt-minion")
        os.unlink(config_file)

    return None

if __name__ == '__main__':
    try:
        c = get_config()
        generate(c)
        apply(c)
    except ConfigError as e:
        print(e)
        sys.exit(1)