#!/bin/bash
#
# Copyright (C) 2019 OX Software GmbH
# 
# This file is part of OX Automation.
#
# OX Automation is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# OX Automation is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# 
# See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OX Automation. If not, see <http://www.gnu.org/licenses/>.
#
# Authors:
# Martin Heiland <martin.heiland@open-xchange.com>
# Nikolaos Tsapanidis <nikolaos.tsapanidis@open-xchange.com>
# Benedikt Kroening <benedikt.kroening@open-xchange.com>
#
# Note, this is for TESTING ONLY, DO NOT USE IT FOR PRODUCTION

shopt -s extglob
#================================================================================
# CONFIGURATION_VARIABLES
#================================================================================
#DN=$(hostname -f)
FQDN=$(hostname -s)

if [ "$?" -ne 0 ]; then
    FQDN=$(hostname -f)
    echo "FQDN not found, using computer name: "$FQDN
fi
DN=$FQDN

DC_PRO=false
DC_REPO_SOURCE=EXT

AS_BUILDKEY="http://software.open-xchange.com/oxbuildkey.pub"
DC_BUILDKEY="https://apt.dovecot.fi/dovecot-gpg.key"

#================================================================================
# FUNCTION_DEFINITIONS
#================================================================================

function sanity_checks() {
    # Checking if we are running as root
    echo -n "Checking user... "
    if [[ $EUID -ne 0 ]]; then
        die "This script must be run as root."
    else
        ok "OK."
    fi

    # Checking OS architecture
    echo -n "Checking architecture... "
    ARCH=$(uname -m)
    if [[ "${ARCH}" != "x86_64" ]]; then
        die "Failed.\nA 64bit operating system is mandatory to install."
    else
        ok "OK."
    fi

    # FQDN check
    # ping -c 1 -q "${FQDN}" > /dev/null 2>&1
    # if [[ $? -ne 0 ]]; then
    #    die "Cannot resolve FQDN (${FQDN}), please check the network configuration."
    # fi

    # Release detection
    echo -n "Checking operating system... "
    OS=$(uname -s)
    if [[ ${OS} != "Linux" ]] ; then
        die "non-Linux.\n\nError: This installer is designed for Linux based operating systems."
    fi
    if [[ -f /etc/os-release ]]; then
        OS=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d \")
        REV=$(awk -F= '/^VERSION_ID/{print $2}' /etc/os-release | tr -d \")
        if [[ ${OS} = "debian" ]]; then
            export DEBIAN_FRONTEND=noninteractive
            if [[ ${REV} = "9" ]]; then
                DIST="DebianStretch"
                COMPATIBLE=true
                DC_REPO_PREFIX="apt"
                DC_REPO_SUFFIX="debian/stretch/ stretch main"
            elif [[ ${REV} = "8" ]]; then
                DIST="DebianJessie"
                COMPATIBLE=true
                DC_REPO_PREFIX="apt"
                DC_REPO_SUFFIX="debian/jessie/ jessie main"
            elif [[ ${REV} = "7" ]]; then
                DIST="DebianWheezy"
                COMPATIBLE=true
                DC_REPO_PREFIX="apt"
                # no wheezy packages, may fail
                DC_REPO_SUFFIX="debian/jessie/ jessie main"
            fi
        elif [[ ${OS} = "ubuntu" ]]; then
            export DEBIAN_FRONTEND=noninteractive
            if [[ ${REV} = "16.04" ]]; then
                DIST="Ubuntu_16.04"
                COMPATIBLE=true
                DC_REPO_PREFIX="apt"
                DC_REPO_SUFFIX="ubuntu/xenial xenial main"
            fi
        elif [[ ${OS} = "rhel" ]]; then
            if [[ ${REV} = "7"* ]]; then
                DIST="RHEL7"
                COMPATIBLE=true
                DC_REPO_PREFIX="yum"
                DC_REPO_SUFFIX="rhel/7/RPMS/x86_64/"
            fi
        elif [[ ${OS} = "centos" ]]; then
            if [[ ${REV} = "7"* ]]; then
                DIST="CentOS7"
                COMPATIBLE=true
                DC_REPO_PREFIX="yum"
                DC_REPO_SUFFIX="centos/7/RPMS/x86_64/"
            fi
        fi
    elif [[ -f /etc/redhat-release ]]; then
        REV=$(sed s/.*Red\ Hat\ Enterprise\ Linux\ Server\ release\ // < /etc/redhat-release | sed s/\ .*//)
        if [[ ${REV} = "6."* ]]; then
            DIST="RHEL6"
            COMPATIBLE=true
            DC_REPO_PREFIX="yum"
            DC_REPO_SUFFIX="rhel/6/RPMS/x86_64/"
        fi
        REV=$(sed s/.*CentOS\ release\ // < /etc/redhat-release | sed s/\ .*//)
        if [[ ${REV} = "6."* ]]; then
            DIST="CentOS6"
            COMPATIBLE=true
            DC_REPO_PREFIX="yum"
            DC_REPO_SUFFIX="centos/6/RPMS/x86_64/"
        fi
    fi

    if [[ -z ${COMPATIBLE} ]]; then
        echo "unknown."
        echo ""
        echo "This installer supports:"
        echo "* Debian GNU/Linux 7.0 (Wheezy)"
        echo "* Debian GNU/Linux 8.0 (Jessie)"
        echo "* Debian GNU/Linux 9.0 (Wheezy)"
        echo "* Ubuntu 16.04 (Xenial Xerus)"
        echo "* RedHat Enterprise Linux 6.0 (RHEL6)"
        echo "* RedHat Enterprise Linux 7.0 (RHEL7)"
        echo "* CentOS 6.0"
        echo "* CentOS 7.0"
        exit 1
    fi

    if [[ ${DIST} == "DebianStretch" ]] || [[ ${DIST} == "DebianJessie" ]] || [[ ${DIST} == "DebianWheezy" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        if [[ ${DC_PRO} == true ]]; then
            #IMAP_PACKAGES="dovecot-ee-*"
            IMAP_PACKAGES="dovecot-ee-core dovecot-ee-imapd dovecot-ee-lmtpd dovecot-ee-sieve dovecot-ee-managesieved dovecot-ee-pop3d dovecot-ee-cassandra-plugin dovecot-ee-dovemon dovecot-ee-fts dovecot-ee-license dovecot-ee-lucene dovecot-ee-mail-crypt-plugin dovecot-ee-solr dovecot-ee-virtual-attachments-plugin"
        else
            IMAP_PACKAGES="dovecot-core dovecot-imapd dovecot-lmtpd dovecot-managesieved dovecot-sieve dovecot-pop3d"
        fi
        TESTER_PACKAGES="python-pip psmisc"
    else
        if [[ ${DC_PRO} == true ]]; then
            IMAP_PACKAGES="dovecot-ee-core dovecot-ee-imapd dovecot-ee-lmtpd dovecot-ee-pigeonhole dovecot-ee-managesieve dovecot-ee-pop3d dovecot-ee-cassandra-plugin dovecot-ee-dovemon dovecot-ee-fts dovecot-ee-license dovecot-ee-lucene dovecot-ee-mail-crypt-plugin dovecot-ee-solr dovecot-ee-virtual-attachments-plugin"
        else
            IMAP_PACKAGES="dovecot dovecot-pigeonhole"
        fi
    fi

}

function generate_cert() {
    echo "Generating certificate for $FQDN"
    if [[ "${DIST}" == "DebianStretch" ]] || [[ "${DIST}" == "DebianJessie" ]] || [[ "${DIST}" == "DebianWheezy" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        SSL_DIR="/etc/ssl"
    elif [[ "${DIST}" == "RHEL6" ]] || [[ "${DIST}" == "RHEL7" ]] || [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "CentOS7" ]]; then
        SSL_DIR="/etc/pki/tls"
    fi

    openssl req -new -x509 -newkey rsa:2048 -days 3650 -nodes -subj "/CN=$FQDN" -keyout "${SSL_DIR}/private/${FQDN}.key" -out "${SSL_DIR}/certs/${FQDN}.crt"
    chmod 444 "${SSL_DIR}/certs/${FQDN}.crt"
    chmod 400 "${SSL_DIR}/private/${FQDN}.key"

}

function add_repo_info {

    echo "Adding repository information..."

    if [[ "${DC_REPO_SOURCE}" == "EXT" && ${DC_PRO} == false ]]; then
        # Using EXTernal repository 
        # Not installing PRO, using Community Edition (ce)
        # Using repo.dovecot.org build key
        DC_REPO_SRV="https://repo.dovecot.org/"
        DC_VERSION_PREFIX="ce-"
        DC_BUILDKEY="https://repo.dovecot.org/DOVECOT-REPO-GPG"

        echo "Using official dovecot community packages ... "
        URL=${DC_REPO_SRV}${DC_VERSION_PREFIX}${DC_VERSION}/${DC_REPO_SUFFIX}
    elif [[ "${DC_REPO_SOURCE}" == "EXT" && ${DC_PRO} == true ]]; then
        if [[ ${DIST} = *"Debian"* ]]; then           
            DC_REPO_SRV="https://${DC_USER}:${DC_PASS}@apt.dovecot.fi/"
        elif [[ ${DIST} == *"RHEL"* ]] || [[ ${DIST} == *"CentOS"* ]]; then          
            DC_REPO_SRV="https://${DC_USER}:${DC_PASS}@yum.dovecot.fi/"
        fi

        # Using EXTernal repository 
        # Installing PRO, using Enterprise Edition (ee, pro)
        # Using apt.dovecot.fi build key
        DC_VERSION_PREFIX="stable-"
        DC_BUILDKEY="https://apt.dovecot.fi/dovecot-gpg.key"

        echo "Using official dovecot pro packages ... "
        URL=${DC_REPO_SRV}${DC_VERSION_PREFIX}${DC_VERSION}/${DC_REPO_SUFFIX}

        # We will need 3rdparty drivers for pro:
        DC_3RD_PARTY="${DC_REPO_SRV}3rdparty/${DC_REPO_SUFFIX}"

    elif [[ "${DC_REPO_SOURCE}" == "INT" && ${DC_PRO} == true ]]; then
        if [[ ${DIST} = *"Debian"* ]]; then           
            DC_REPO_SRV="https://apt.dovecot.net/"
        elif [[ ${DIST} == *"RHEL"* ]] || [[ ${DIST} == *"CentOS"* ]]; then          
            DC_REPO_SRV="https://yum.dovecot.net/"
        fi

        # Using INTernal repository 
        # Installing PRO, using ee packages
        # Using ?? build key        
        DC_VERSION_PREFIX=""
        DC_BUILDKEY="https://repo.dovecot.org/DOVECOT-REPO-GPG" # ??

        echo "Using internal dovecot enterprise packages ... "
        URL="${DC_REPO_SRV}${DC_VERSION}/${DC_REPO_SUFFIX}"
        
        # We will need 3rdparty drivers for pro:
        DC_3RD_PARTY="${DC_REPO_SRV}3rdparty/${DC_REPO_SUFFIX}"

        # Right now there seems to be no access to the build key to the public
        # We have to override the key check
        OVERRIDE_BUILDKEY_CHECK=true
    elif [[ "${DC_REPO_SOURCE}" == "SNAPSHOT" && ${DC_PRO} == false ]]; then
        if [[ -z ${DC_USER} ]] || [[ -z ${DC_PASS} ]]; then
            die "ERROR: Missing credentials for dovecot pro repository (specify in set-install.sh)"
        fi

        if [[ ${DIST} = *"Debian"* ]]; then           
            # Using external snapshot repository 
            # SEE: https://wiki2.dovecot.org/PrebuiltBinaries
            # Not installing PRO, using Community Edition (ce)
            # Using xi.dovecot.fi build key

            DC_BUILDKEY="http://xi.dovecot.fi/debian/archive.key"
            DC_REPO_SRV="https://xi.dovecot.fi/"

            # Building debian snapshot url
            URL="${DC_REPO_SRV}debian/ "
            if [[ ${DIST} == "DebianStretch" ]]; then
                URL=${URL}"stretch"
            elif [[ ${DIST} == "DebianJessie" ]]; then
                URL=${URL}"jessie"
            elif [[ ${DIST} == "DebianWheezy" ]]; then
                URL=${URL}"wheezy"
            fi
            URL="${URL}-auto/dovecot-${DC_VERSION} main"
            
            echo "Using official dovecot snapshot packages (debian only, ce only)... "

        else
            die "ERROR: Snapshot packages are only available for Debian based distributions ..."
        fi
    fi

    
    echo "Repository url: "$URL
    if [[ -z ${URL} ]]; then
        die "ERROR: could not determine repository url ..."
    fi
    # At this time a valid repository url for the current distro is required.
    # Otherwise it may install outdated dovecot packages that are delievered with the distro

    # write repo data   
    if [[ ${DIST} == "DebianStretch" ]] || [[ ${DIST} == "DebianJessie" ]] || [[ ${DIST} == "DebianWheezy" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        echo "deb ${URL}" > /etc/apt/sources.list.d/dovecot.list 

        if [[ -n ${DC_3RD_PARTY} ]]; then
            echo "Adding 3rd party dovecot repo ..."
            echo "deb ${DC_3RD_PARTY}" > /etc/apt/sources.list.d/dovecot-3rd.list 
        fi
    elif [[ ${DIST} == "RHEL6" ]] || [[ ${DIST} == "RHEL7" ]] || [[ ${DIST} == "CentOS6" ]] || [[ ${DIST} == "CentOS7" ]]; then

        {
            echo "[dovecot]"
            echo "name=Dovecot Repo"
            echo "baseurl=${URL}/"
            echo "enabled=1"    
        } > /etc/yum.repos.d/dovecot.repo


        {
            echo "[dovecot-3rdparty]"
            echo "name=Dovecot 3rdparty"
            echo "baseurl=${DC_3RD_PARTY}/"
            echo "enabled=1"    
        } > /etc/yum.repos.d/dovecot-3rd.repo
    fi
}

function install_packages() {
    # Adding OX App Suite and Dovecot repository build key
    echo -n "Adding OX App Suite and Dovecot repository build key..."
    if [[ "${DIST}" == "DebianStretch" ]] || [[ "${DIST}" == "DebianJessie" ]] || [[ "${DIST}" == "DebianWheezy" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        wget -q ${AS_BUILDKEY} -O - | apt-key add -
        wget -q ${DC_BUILDKEY} -O - | apt-key add -
    elif [[ "${DIST}" == "RHEL6" ]] || [[ "${DIST}" == "RHEL7" ]]; then
        rpm --import ${AS_BUILDKEY}
        rpm --import ${DC_BUILDKEY}
    elif [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "CentOS7" ]]; then
        rpm --import ${AS_BUILDKEY}
        rpm --import ${DC_BUILDKEY}
    fi

    if [[ true == "${POSTFIX}" ]]; then
        SMTP_PACKAGES="postfix"
    fi

    PACKAGES="${IMAP_PACKAGES} ${SMTP_PACKAGES}"

    echo "Installing mail backend packages..."

    INSTALL_OPTIONS="-y "

    if [[ ${DIST} == "DebianStretch" ]] || [[ ${DIST} == "DebianWheezy" ]] || [[ ${DIST} == "DebianJessie" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        if [[ true == "${POSTFIX}" ]]; then
            echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections
            echo "postfix postfix/mailname string $FQDN" | debconf-set-selections
            echo "postfix postfix/relayhost string \$mydomain" | debconf-set-selections
            echo "postfix postfix/protocols select all" | debconf-set-selections
            echo "postfix postfix/procmail boolean false" | debconf-set-selections
        fi

        if [[ "${OVERRIDE_BUILDKEY_CHECK}" == true ]]; then
            INSTALL_OPTIONS="${INSTALL_OPTIONS}--allow-unauthenticated "
        fi

        apt-get clean
        apt-get -qq update
        apt-get ${INSTALL_OPTIONS} install ${PACKAGES} ${TESTER_PACKAGES}
    elif [[ ${DIST} == "RHEL6" ]] || [[ ${DIST} == "RHEL7" ]]; then
        if [[ "${OVERRIDE_BUILDKEY_CHECK}" == true ]]; then
            INSTALL_OPTIONS="${INSTALL_OPTIONS}--nogpgcheck "
        fi

        subscription-manager refresh
        yum clean all
        yum ${INSTALL_OPTIONS} install ${PACKAGES} ${TESTER_PACKAGES}
    elif [[ ${DIST} == "CentOS6" ]] || [[ ${DIST} == "CentOS7" ]]; then
        if [[ "${OVERRIDE_BUILDKEY_CHECK}" == true ]]; then
            INSTALL_OPTIONS="${INSTALL_OPTIONS}--nogpgcheck "
        fi
        yum clean all
        yum ${INSTALL_OPTIONS} install ${PACKAGES} ${TESTER_PACKAGES}
    fi
}

function configure_postfix() {
    echo "Configure postfix main.cf"
    postconf -e "myorigin = \$mydomain"
    postconf -e "mydestination = "
    postconf -e "relayhost = "\$mydomain
    postconf -e "smtpd_tls_cert_file=${SSL_DIR}/certs/${FQDN}.crt"
    postconf -e "smtpd_tls_key_file=${SSL_DIR}/private/${FQDN}.key"
    postconf -e "dovecot_destination_recipient_limit = 1"
    postconf -e "virtual_mailbox_domains = $FQDN, $DN, $DN.localdomain"
    postconf -e "virtual_transport = dovecot"

    echo "Configure postfix master.cf"
    # uncomment the next line if you want debug output
    #postconf -M smtp/inet="smtp	  inet  n	   -	   -	   -	   -	   smtpd -v"

    if [[ ${DIST} == "DebianStretch" ]] || [[ ${DIST} == "DebianWheezy" ]] || [[ ${DIST} == "DebianJessie" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
        LDA_PATH="/usr/lib/dovecot/dovecot-lda"
    else
        LDA_PATH="/usr/libexec/dovecot/dovecot-lda"
    fi


    echo "dovecot     unix     -     n     n     -     -     pipe" >> /etc/postfix/master.cf
    echo "  flags=DRhu user=vmail:vmail argv=${LDA_PATH} -f \${sender} -d \${user}" >> /etc/postfix/master.cf
}

function configure_dovecot() {
    echo "Configure dovecot"
    DC_CONF_DIR="/etc/dovecot/conf.d/"

    if [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "CentOS7" ]]; then
        selinuxenabled
        if [ $? -ne 0 ]
        then
            echo "Selinux not enabled"
        else
            echo "Enabling selinux dovecot policies"
            semanage permissive -a dovecot_t
        fi
    fi

    if [[ true == "${DC_PRO}" ]]; then
        if [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "CentOS7" ]] || [[ "${DIST}" == "RHEL6" ]] || [[ "${DIST}" == "RHEL7" ]]; then
            DC_DEFAULT_CONF_DIR="/usr/share/doc/dovecot-ee-*/example-config/conf.d/"
            declare -a CONF_FILE_LIST=("10-mail.conf" "10-master.conf" "10-auth.conf" "10-ssl.conf" "10-logging.conf" "15-lda.conf" "20-imap.conf" "20-managesieve.conf" "90-quota.conf" "90-plugin.conf" "90-sieve.conf" "90-acl.conf" "auth-static.conf.ext" "../dovecot.conf")
        elif [[ "${DIST}" == "DebianStretch" ]] || [[ "${DIST}" == "DebianWheezy" ]] || [[ "${DIST}" == "DebianJessie" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
            DC_DEFAULT_CONF_DIR="/usr/share/doc/dovecot-ee-core/example-config/conf.d/"
            declare -a CONF_FILE_LIST=("10-master.conf" "10-logging.conf" "15-lda.conf" "10-ssl.conf" "20-imap.conf" "20-managesieve.conf" "90-quota.conf" "90-plugin.conf" "90-acl.conf" "auth-static.conf.ext")

            cp /usr/share/doc/dovecot-ee-core/example-config/conf.d/10-mail.conf "${DC_CONF_DIR}"10-mail.conf
            cp /usr/share/doc/dovecot-ee-core/example-config/conf.d/10-auth.conf "${DC_CONF_DIR}"10-auth.conf
            cp /usr/share/doc/dovecot-ee-core/example-config/dovecot.conf "${DC_CONF_DIR}"../dovecot.conf
            gunzip /usr/share/doc/dovecot/example-config/conf.d/90-sieve.conf.gz -c > "${DC_CONF_DIR}"90-sieve.conf
            cp /usr/share/doc/dovecot/example-config/conf.d/20-managesieve.conf "${DC_CONF_DIR}"20-managesieve.conf
        fi
    else
        DC_DEFAULT_CONF_DIR="/usr/share/dovecot/conf.d/"
        declare -a CONF_FILE_LIST=("20-imap.conf" "20-managesieve.conf" "90-sieve.conf" "../dovecot.conf")
    fi

    for file in "${CONF_FILE_LIST[@]}"
    do
        if [ ! -f "${DC_CONF_DIR}/${file}" ]
            then
            echo -n "Copying $file to ${DC_CONF_DIR}... "
            cp ${DC_DEFAULT_CONF_DIR}${file} ${DC_CONF_DIR}${file}
            ok "OK"
        fi
    done

    echo "Backing up config files"
    for file in "10-mail.conf" "10-master.conf" "10-auth.conf" "10-ssl.conf" "auth-static.conf.ext" "10-logging.conf" "15-lda.conf" "20-imap.conf" "20-managesieve.conf" "90-quota.conf" "90-acl.conf" "90-plugin.conf"
    do
        echo -n "Renaming file ${file} to ${file}.orig... "
        mv -- "${DC_CONF_DIR}${file}" "${DC_CONF_DIR}${file}.orig"
        echo "OK"
    done

    # dovecot.conf
    sed -i '/\!include\_try.*protocol/a protocols = imap lmtp' /etc/dovecot/dovecot.conf

    # 10-mail.conf
    if [[ "${DC_VERSION}" == "2.3" ]] || [[ "${DC_VERSION}" > "2.3."* ]]; then
        DC_MAIL_PLUGINS="acl mail_log notify quota old_stats virtual zlib"
    else
        DC_MAIL_PLUGINS="acl mail_log notify quota stats virtual zlib"
    fi

    if [[ "${DC_VERSION}" > "2.2.27"* ]] || [[ "${DC_REPO}" == "nightly" ]]; then
      cat > "${DC_CONF_DIR}"/10-mail.conf <<EOF
mail_vsize_bg_after_count = 100
EOF
    fi

    cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF
mailbox_list_index = yes
mail_always_cache_fields = body.snippet
mail_location = maildir:~/Maildir
mail_uid = vmail
mail_gid = vmail
EOF

    if [[ true == "${DC_PRO}" ]]; then
        cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF
mail_plugins = \$mail_plugins ${DC_MAIL_PLUGINS} virtual_attachments
EOF
    else
        cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF
mail_plugins = \$mail_plugins ${DC_MAIL_PLUGINS}
EOF
    fi

    cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF

namespace inbox {
  inbox = yes
  prefix = INBOX/
  separator = /
}

namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  location = maildir:%%h/Maildir:INDEX=%h/shared/%%u:CONTROL=%h/shared/%%u
  subscriptions = yes
  list = children
}
EOF

    if [[ "${DIST}" != "CentOS6" ]] && [[ "${DIST}" != "RHEL6" ]]; then
    cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF
namespace virtual {
  prefix = virtual/
  separator = /
  hidden = yes
  list = no
  subscriptions = no
  location = virtual:/var/lib/dovecot/virtual:INDEX=~/Maildir/virtual
  mailbox all {
    special_use = \All
  }
}
EOF
    fi

    if [[ ${DC_PRO} == true ]]; then
    cat >> "${DC_CONF_DIR}"/10-mail.conf <<EOF
namespace virtualattachments {
  prefix = VirtualAttachments/
  separator = /
  hidden = yes
  list = no
  subscriptions = no
  location = attachments:~/Maildir/virtual-attachments
  mailbox INBOX {
    auto = create
  }
  mailbox "INBOX/Sent Items" {
    auto = create
  }
  mailbox virtual/all {
    auto = create
    special_use = \All
  }
}
EOF
    fi

    # TLS cert
    if [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "CentOS7" ]] || [[ "${DIST}" == "RHEL6" ]] || [[ "${DIST}" == "RHEL7" ]]; then
    DC_CERT_FILE="/etc/pki/dovecot/certs/dovecot.pem"
    DC_KEY_FILE="/etc/pki/dovecot/private/dovecot.pem"
    elif [[ "${DIST}" == "DebianStretch" ]] || [[ "${DIST}" == "DebianWheezy" ]] || [[ "${DIST}" == "DebianJessie" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
      if [[ true == "${DC_PRO}" ]]; then
        DC_CERT_FILE="/etc/ssl/certs/dovecot.pem"
        DC_KEY_FILE="/etc/ssl/private/dovecot.pem"
      else
        DC_CERT_FILE="/etc/dovecot/dovecot.pem"
        DC_KEY_FILE="/etc/dovecot/private/dovecot.pem"
      fi
    fi

    if [[ "${DIST}" == "CentOS7" ]] || [[ "${DIST}" == "RHEL7" ]]; then
      if [[ true == "${DC_PRO}" ]]; then
        cd /usr/share/doc/dovecot-ee-+([0-9])*
      else
        cd /usr/share/doc/dovecot-+([0-9])*
      fi
    elif [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "RHEL6" ]]; then
      if [[ true == "${DC_PRO}" ]]; then
        cd /usr/share/doc/dovecot-ee-+([0-9])*
      else
        cd /usr/libexec/dovecot/
      fi
    elif [[ "${DIST}" == "DebianStretch" ]] || [[ "${DIST}" == "DebianWheezy" ]] || [[ "${DIST}" == "DebianJessie" ]] || [[ ${DIST} == "Ubuntu_16.04" ]]; then
      if [[ true == "${DC_PRO}" ]]; then
        cd /usr/share/doc/dovecot-ee-core/
      else
        cd /usr/share/dovecot/
      fi
    fi

    # 10-ssl.conf
    cat > "${DC_CONF_DIR}"/10-ssl.conf <<EOF
ssl = yes
ssl_cert = <${DC_CERT_FILE}
ssl_key = <${DC_KEY_FILE}
EOF

    if [[ "${DC_VERSION}" == "2.3" ]] || [[ "${DC_VERSION}" > "2.3."* ]]; then
      DC_SSL_DH_FILE="/etc/dovecot/dh.pem"
      echo "Generating ssl dh file with openssl dhparam 1024 at ${DC_SSL_DH_FILE}"
      openssl dhparam -out ${DC_SSL_DH_FILE} 1024
      cat >> "${DC_CONF_DIR}"/10-ssl.conf <<EOF
ssl_dh = <${DC_SSL_DH_FILE}
EOF
    fi
    bash mkcert.sh

    # 10-master.conf
    cat > "${DC_CONF_DIR}"/10-master.conf <<EOF
service auth {
  unix_listener auth-userdb {
    mode = 0666
    user = vmail
    group = vmail
  }
}
EOF

    # 10-auth.conf
    cat > "${DC_CONF_DIR}"/10-auth.conf <<EOF
disable_plaintext_auth = no
auth_mechanisms = plain
!include auth-static.conf.ext
EOF

    # auth-static.conf.ext
    cat > "${DC_CONF_DIR}"/auth-static.conf.ext <<EOF
passdb {
  driver = static
  args = password=secret
}

userdb {
  driver = static
  args = uid=vmail gid=vmail home=/home/vmail/%u
}
EOF

    # 10-logging.conf
    cat > "${DC_CONF_DIR}"/10-logging.conf <<EOF
#log_path = /var/log/dovecot.log
auth_verbose = yes
plugin {
  mail_log_events = delete undelete expunge copy flag_change append mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
}
EOF

    # 15-lda.conf
    cat > "${DC_CONF_DIR}"/15-lda.conf <<EOF
protocol lda {
  mail_plugins = \$mail_plugins sieve
}
postmaster_address = invalid@invalid.invalid
EOF

    if [[ "${DC_VERSION}" == "2.3" ]] || [[ "${DC_VERSION}" > "2.3."* ]]; then
        DC_IMAP_PLUGINS="imap_acl imap_quota imap_old_stats imap_filter_sieve"
    else
        DC_IMAP_PLUGINS="imap_acl imap_quota imap_stats"
    fi

    # 20-imap.conf
    cat > "${DC_CONF_DIR}"/20-imap.conf <<EOF
imap_capability = +SEARCH=X-MIMEPART XDOVECOT
protocol imap {
  mail_plugins = \$mail_plugins ${DC_IMAP_PLUGINS}
}
EOF

    # 20-managesieve.conf
    cat > "${DC_CONF_DIR}"/20-managesieve.conf <<EOF
protocols = \$protocols sieve
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}
EOF

    # 90-quota.conf
    cat > "${DC_CONF_DIR}"/90-quota.conf <<EOF
plugin {
  quota = count:User quota
  quota_rule = *:storage=1G
  quota_rule2 = INBOX/Trash:storage=+100M
  quota_grace = 10%%
}
plugin {
  quota = maildir:User quota
}
EOF

    # 90-acl.conf
    cat > "${DC_CONF_DIR}"/90-acl.conf <<EOF
plugin {
  acl = vfile
  acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
}
EOF

    # 91-stats.conf
    if [[ "${DC_VERSION}" == "2.3" ]] || [[ "${DC_VERSION}" > "2.3."* ]]; then
      cat >> "${DC_CONF_DIR}"/91-stats.conf <<EOF
service old-stats {
  fifo_listener old-stats-mail {
    user = vmail
    mode = 0600
  }
  ## permission denied issues @RHEL
  #inet_listener {
  #  address = 127.0.0.1
  #  port = 24242
  #}
}
EOF
    else
      cat >> "${DC_CONF_DIR}"/91-stats.conf <<EOF
service stats {
  fifo_listener stats-mail {
    user = vmail
    mode = 0600
  }
  ## permission denied issues @RHEL
  #inet_listener {
  #  address = 127.0.0.1
  #  port = 24242
  #}
}
EOF
    fi

}

function prerequisites() {
    echo "Creating user and group: vmail"
    groupadd -g 5000 vmail
    useradd -u 5000 -g 5000 -m -d /home/vmail -s /bin/false vmail
    chown -R vmail:vmail /home/vmail
    chmod 2770 /home/vmail

    echo "Creating directory for dovecot acl informations"
    mkdir -p /var/lib/dovecot/db
    chmod 0770 /var/lib/dovecot

    echo "Creating dictionary for shared namespace"
    touch /var/lib/dovecot/db/shared-mailboxes.db

    echo "Creating virtual directories"
    mkdir -p /var/lib/dovecot/virtual/all
    chmod -R 700 /var/lib/dovecot/virtual

    echo "*
-INBOX/Trash
-INBOX/Trash/*
-INBOX/Spam
-INBOX/Spam/*
  all" > /var/lib/dovecot/virtual/all/dovecot-virtual

  chown -R vmail:vmail /var/lib/dovecot
}

function restart_services() {
    if [[ "${DIST}" == "DebianWheezy" ]] || [[ "${DIST}" == "CentOS6" ]] || [[ "${DIST}" == "RHEL6" ]]; then
        service dovecot restart
        if [[ true == "${POSTFIX}" ]]; then
            service postfix restart
        fi
    else
        systemctl unmask dovecot.service
        systemctl enable dovecot.service
        systemctl restart dovecot.service
        if [[ true == "${POSTFIX}" ]]; then
            systemctl restart postfix.service
        fi
    fi
}

# Green
function ok() {
    echo -e '\e[32m'${1}'\e[m';
}

# Red
function die() {
    echo -e '\e[1;31m'${1}'\e[m';
    exit 1;
}

function usage() {
echo -n "
  $0 [OPTIONS]

When not providing any option, the script will attempt to source \"set-install.sh\". If no information can be found, the distribution specific Dovecot package is being installed as fallback.

OPTIONS:
  -e	Sets the environment, e.g. \"release\" or \"nightly\"
  -v	Sets the version, e.g. \"2.2.26.1-10\" or \"2.2\"
  -p	Use Dovecot Pro
  -s	Installs and configures a SMTP service (Postfix)
  -h	Display this help and exit
"
}

#================================================================================
# MAIN_CODE
#================================================================================

while getopts "he::v::ps" OPTION
do
    case ${OPTION} in
        h)
            usage
            exit 1
            ;;
        e)
            DC_REPO=${OPTARG}
            ;;
        v)
            DC_VERSION=${OPTARG}
            ;;
        p)
            DC_PRO=true
            ;;
        s)
            POSTFIX=true
            ;;
        \?)
            echo "Invalid option: -${OPTARG}" >&2
            usage
            exit 1
            ;;
        :)
            echo "Option -${OPTARG} requires an argument." >&2
            exit 1
            ;;
    esac
done


if [[ -z "${DC_VERSION}" ]]; then
    echo "Version not specified, sourcing set-install.sh."
    source set-install.sh

    if [[ -z "${DC_VERSION}" ]]; then
        echo "DC_VERSION environment variable still not set"
        die "No dovecot version specified. Either set DC_VERSION in set-install.sh or as environment variable. Or use the parameter '-v'"
    fi
fi

# if [[ -z "${DC_REPO}" ]] && [[ -z "${DC_VERSION}" ]]; then
#     echo "Repository and version not specified, sourcing set-install.sh."
#     source set-install.sh
#     if [[ -n "${DC_REPO}" ]] && [[ "EXT" == "${DC_REPO_SOURCE}" ]]; then
#         if [[ -n "${DC_USER}" ]] && [[ -n "${DC_PASS}" ]]; then
#             echo "Found credentials for Dovecot Pro repository."
#             DC_REPO="${DC_REPO}"
#             DC_PRO=true

#             # todo: re-implement ...
#             die "Enterprise dovecot with custom credentials not yet re-implemented"
#         # else
#         #     echo "No Dovecot Pro repository credentials found, fallback to distro specific Dovecot"
#         #     DC_PRO=false
#         fi
#     # elif [[ -n "${DC_REPO}" ]] && [[ "OBS" == "${DC_REPO_SOURCE}" ]]; then
#     #     echo "Using internal repository source"
#     # else
#         # echo "No repo settings found at set-install.sh, fallback to distro specific Dovecot."
#         # DC_PRO=false
#     fi
# fi

sanity_checks
prerequisites
generate_cert
add_repo_info
INSTALLCOUNT=0
while [[ ${INSTALLCOUNT} -lt 6 ]]; do
        install_packages
        if [[ $? -ne 0 ]]; then
            INSTALLCOUNT=$((INSTALLCOUNT+1))
            echo "Error while installing packages, retrying in 30s ($INSTALLCOUNT/5)."
            sleep 30
        else
            break
        fi
done
if [[ ${INSTALLCOUNT} -ge 5 ]]; then
    echo "Error while installing packages, aborting."
    exit 1
fi
if [[ true == "${POSTFIX}" ]]; then
    configure_postfix
fi
configure_dovecot
restart_services

echo "
Installation complete, thanks for using Dovecot. Have a lot of fun!
"