#!/bin/bash
set -eu
### --help Info: инициализация прав доступа и nss_wrapper в зависимости от uid.
### --help Usage: source /opt/bin/eva_init_access.sh
### --help Example: source /opt/bin/eva_init_access.sh
. /opt/fox_utils/crab_sys.sh

declare UID_ GID
UID_="$(id -u)"
GID="$(id -g)"

declare REDIS_SERVER_ENABLED POSTGRESQL_ENABLED NGINX_ENABLED
if [[ -f /opt/CONFIG ]]; then
	source /opt/CONFIG
fi


postgres_root() {
	# /var/lib/postgresql must be owned by postgres ang has permissions 0700
	if [[ $(stat -c %u /var/lib/postgresql/) != $(id -u postgres) ]]; then
		chown -R postgres /var/lib/postgresql/
	fi
	if [[ $(stat -c %a /var/lib/postgresql/) != 700 ]]; then
		chmod -R 0700 /var/lib/postgresql/
	fi
	return 0
}

postgres_non_root() {
	if [[ -e /var/run/postgresql ]]; then
		if [[ $(stat -c %u /var/run/postgresql/) != $(id -u postgres) ]]; then
			mv /var/run/postgresql /var/run/postgresql.bk
			# may be some warnings
			rsync -a /var/run/postgresql.bk/ /var/run/postgresql || true
			rm -rf --one-file-system /var/run/postgresql.bk
		fi
	else
		install -d -m 2770 /var/run/postgresql
	fi

	if [[ $(stat -c %u /mnt/shared/postgresql/) != $(id -u postgres) ]]; then
		mv /mnt/shared/postgresql /mnt/shared/postgresql.bk
		# may be some warnings
		rsync -a /mnt/shared/postgresql.bk/ /mnt/shared/postgresql || true
		rm -rf --one-file-system /mnt/shared/postgresql.bk
	fi

	if [[ $(stat -c %a /var/lib/postgresql/) != 700 ]]; then
		chmod -R 0700 /var/lib/postgresql/
	fi
	return 0
}


if [[ $UID_ = 0  ]]; then
	if [ "${POSTGRESQL_ENABLED:-TRUE}" = 'TRUE' ]; then
		postgres_root
	fi
else
	if [ "${POSTGRESQL_ENABLED:-TRUE}" = 'TRUE' ]; then
		postgres_non_root
	fi
fi

exit 0