#!/bin/bash
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
#
# Installation steps (ArchLinux using base/dhcpcd-6.0.5-1)
#
# Install "wget" and "dhcpcd"
#   $ pacman -S wget dhcpcd
#   $ systemctl enable dhcpcd@eth0
# Copy script to /usr/lib/systemd/scripts/
#   $ cp -v cloudstack-set-guest-password \
#           /usr/lib/systemd/scripts/
# Copy the service file to /usr/lib/systemd/system/
#   $ cp -v cloudstack-set-guest-password.service \
#     /usr/lib/systemd/system/
# Enable the service
#    $ systemctl enable cloudstack-set-guest-password.service

# Modified: Dong Xie, 02-09-2015

user=root
password_received=0

if [ ! -x /usr/sbin/chpasswd ]; then
  logger -t "cloudstack" "$0 requires /usr/sbin/chpasswd command"
  exit 1
fi

PASSWORD_SERVER_IP=${NIC_1_GATEWAY}

if [ -n $PASSWORD_SERVER_IP ]; then
  logger -t "cloudstack" "Found password server IP $PASSWORD_SERVER_IP"
  logger -t "cloudstack" "Sending request to password server at $PASSWORD_SERVER_IP"
  password=$(wget -q -t 3 -T 20 -O - --header "DomU_Request: send_my_password" $PASSWORD_SERVER_IP:8080)
  if [ $? -ne 0 ]; then
    logger -t "cloudstack" "Failed to run wget correctly. Network not ready?"
    exit 1
  fi
  password=$(echo $password | tr -d '\r')
  logger -t "cloudstack" "Got password as - $password - "

  if [ $? -eq 0 ]; then
    logger -t "cloudstack" "Got response from server at $PASSWORD_SERVER_IP"

    case $password in
      "")
        logger -t "cloudstack" "Password server at $PASSWORD_SERVER_IP did not have any password for the VM"
        ;;
                    
      "bad_request")
        logger -t "cloudstack" "VM sent an invalid request to password server at $PASSWORD_SERVER_IP"
        ;;
                                        
      "saved_password")
        logger -t "cloudstack" "VM has already saved a password from the password server at $PASSWORD_SERVER_IP"
        ;;
                                        
      *)
        logger -t "cloudstack" "VM got a valid password from server at $PASSWORD_SERVER_IP"
        password_received=1
        ;;
    esac
  else
    logger -t "cloudstack" "Failed to send request to password server at $PASSWORD_SERVER_IP"
  fi
else
  logger -t "cloudstack" "Could not find password server IP for $interface"
fi

if [ "$password_received" == "1" ]; then
  logger -t "cloudstack" "Changing password ..."
  echo $user:$password | /usr/sbin/chpasswd

  if [ $? -gt 0 ]; then
    logger -t "cloudstack" "Failed to change password for user $user"
    exit 1
  fi

  logger -t "cloudstack" "Successfully changed password for user $user"
  logger -t "cloudstack" "Sending acknowledgment to password server at $PASSWORD_SERVER_IP"

  wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080
fi

exit 0
# vim: set ts=2 sw=2 expandtab
