#!/bin/bash

## Colour for bash prompt
RED="\033[01;31m"
GREEN="\033[01;32m"
RESET="\033[00m"

## Check if running as root
if [[ $EUID -ne 0 ]]; then
   echo -e "${RED}[-]${RESET} Error: $0 must be ${RED}run as root${RESET}" 1>&2
   exit 1
fi

# check first if we have the correct postgresql version
systemctl start postgresql
postgres_version=$(pg_lsclusters --no-header | awk '$3 == "5432" { print $1 }')

# get the postgresql version used for gvmd compilation
gvmd_postgres_version=$(cat /usr/share/gvmd/postgresql-version)
gvmd_postgres_version=${gvmd_postgres_version%%.*}

if [ $postgres_version = "" ]; then
    echo "ERROR: No postgresql version uses the port 5432."
    echo "Error: Use pg_upgradecluster to update your postgres cluster" 1>&2
    exit 1
else
    if [ ${postgres_version%%.*} -ne $gvmd_postgres_version ]; then
        echo "ERROR: The default postgresql version is not $gvmd_postgres_version required by libgvmd"
	echo "Error: Use pg_upgradecluster to update your postgres cluster" 1>&2
        exit 1
    fi
fi

## Update feeds
gvm-feed-update

echo "Creating openvas-scanner's certificate files"
runuser -u _gvm -- gvm-manage-certs -a -q -f

# create database first
echo -e "\n${GREEN}[>]${RESET} Creating database"
runuser -u postgres -- /usr/share/gvm/create-postgresql-database

## migrate database if necessary
#echo -e "${GREEN}[>]${RESET} Migrating database"
#runuser -u _gvm -- gvmd --migrate

## change access rights to /var/lib/gvm/private/CA
# not needed if gvm-manage-certs as _gvm?
#chown -R _gvm:_gvm /var/lib/gvm/private/CA

## Create Admin User for GVM
echo -e "${GREEN}[>]${RESET} Checking for admin user"
gvmd_users=$(runuser -u _gvm -- gvmd --get-users)
if [ -z $gvmd_users ]; then
    echo -e "${GREEN}[*]${RESET} Creating user admin for gvm"
    password=$(runuser -u _gvm -- gvmd --create-user=admin)
    echo -e "${GREEN}[*]${RESET} Please note the generated admin password"
    echo -e "${GREEN}[*]${RESET} $password"
fi

## Update iana-service (needs to be done after the initialisation of db
## (with create-user)
echo -e "${GREEN}[*]${RESET} Updating: iana-service-ports" 
wget https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
runuser -u _gvm -- gvm-portnames-update service-names-port-numbers.xml
rm service-names-port-numbers.xml

echo -e "${GREEN}[*]${RESET} Checking Default scanner"
if ! runuser -u _gvm -- gvmd --get-scanners | grep /var/run/ospd/ospd.sock; then
    echo -e "${GREEN}[*]${RESET} Modifying Default Scanner"
    runuser -u _gvm -- gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/var/run/ospd/ospd.sock
fi

## Done
echo -e "\n${GREEN}[+]${RESET} Done"
echo -e "${GREEN}[*]${RESET} Please note the password for the admin user"
echo -e "${GREEN}[*]${RESET} $password"
