#!/bin/bash

source $config_file

echo
echo "  => Configuration"
echo

# Check config
if [ ! -z $config ]; then
    echo "Configuration already applied."
    exit
fi

# Enable firewall
ufw enable
ufw default deny incoming
ufw default allow outgoing

# Grub configuration
sed -i "s/GRUB_CMDLINE_LINUX_DEFAULT=\"quiet/& loglevel=3 nowatchdog/" /etc/default/grub
update-grub

# Server only configuration
if [ $profile = server ]; then
    # Firewall configuration
    ports="ssh
           http
           https
           imap
           imaps
           smtp
           smtps"
    for i in $ports
    do
        ufw allow $i
    done

    # SSH keys only
    echo -e "# SSH keys only\nPasswordAuthentication no\nPubkeyAuthentication yes" > /etc/ssh/sshd_config.d/custom.conf
fi

# Desktop only configuration
if [ $profile = desktop ]; then
    # Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
    sed -i '/# The primary network interface/Q' /etc/network/interfaces
fi