# vim:ft=sh:noexpandtab
# System sanity checks

# Check that we are root (this tool can be run only as root)
# TODO uncomment
# [ "$(id -u)" = "0" ] || echo_die "Distconfig have to be run as root."

# We have sudo or su
which sudo >/dev/null || which su >/dev/null || echo_die "There is no sudo or su command."

# Check that we are not using csh or tcsh
# Note: variable shell should be defined only on csh or tcsh (note lowercase)
[ -z "$shell" ] || echo_die "Distconfig doesn't support csh nor tcsh."

# Check that we have gpg
which gpg >/dev/null || echo_die "There is no gpg command."

# Check that trunk is signed using correct key
# TODO

# Check root owner (should be root)
# TODO uncomment
#[ "$(stat -c '%u')" = 0 ] || echo_die "Root directory of distconfig isn't owned by root! Investigate why!"

# Check access right to root (only root should have access)
# TODO uncomment
#[ "$(stat -c '%a')" = "700" ] || echo_die "Root directory of distconfig has incorect access rights. 700 expected!"

# Check that we have openssl
which openssl >/dev/null || echo_die "There is no openssl command."

# Check that we can decrypt using openssl and aes-192-cbc
OPENSSL_TEST_PASSWORD="XduF2T_opDknbzN0EyJJCBFyS1i6yaBU5Beb6IZkFVHWZGWOIZCF1Cc0zrupjEaV"
[ "$(openssl aes-192-cbc -d -a -k "$OPENSSL_TEST_PASSWORD" < files/openssl_test_file)" = "It works!" ] || \
	echo_die "Test message couldn't been decrypted."

# Check that we have key file
[ -n "$KEY_FILE" ] || echo_die "No key specified. Please pass --key."

# Check that given key works with our machinery
# TODO

# Check that we have internet connection
DC_INTERNET=true
if ! ping -c 5 -w 30 cynerd.cz >/dev/null; then 
	echo_warn "No internet connection detected. All operations requiring internet connection will be skipped"
	DC_INTERNET=false
fi