#!/bin/bash

echo
echo "  => Configuration"
echo

config_file="/etc/.netig.conf"

# Skip if already configured
if [ -f $config_file ]; then
    source $config_file
    if [ $config = done ]; then
        echo "Configuration already applied !"
        exit
    fi
fi

# Server configuration
if [ $profile = server ]; then
    # Firewall basic configuration
    ufw default deny incoming
    ufw default allow outgoing
    
    # Open needed ports
    ports="ssh
           http
           https
           imap
           imaps
           smtp
           smtps"
    for i in $ports
    do
        ufw allow $i
    done
fi

# Desktop configuration
if [ $profile = desktop ]; then
    # Firewall configuration
    ufw default deny incoming
    ufw default allow outgoing

    # Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
    sed -i '/# The primary network interface/Q' /etc/network/interfaces
fi

# Remember configuration is applied
echo "config=done" > $config_file
chmod +x $config_file