#!/bin/sh
# postinst script for shibboleth-identity-provider
#
# see: dh_installdeb(1)

set -e
# Source debconf library.
. /usr/share/debconf/confmodule

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package


case "$1" in
    configure)
        if ! id shib-idp > /dev/null 2>&1 ; then
            adduser --system --home /usr/share/shibboleth-identity-provider --no-create-home \
            --group --disabled-password --shell /bin/false \
            shib-idp
        fi
        /usr/sbin/shibboleth-identity-provider-configure

        #change owner of IdP files
        chown -R shib-idp:shib-idp /etc/shibboleth-identity-provider/metadata
        chown -R shib-idp:shib-idp /etc/shibboleth-identity-provider/tomcat-conf
        chown -R shib-idp:shib-idp /var/cache/shibboleth-identity-provider
        chown -R shib-idp:shib-idp /var/log/shibboleth-identity-provider

		#change execut state of executable shell files in bin
		chmod +x /etc/shibboleth-identity-provider/bin/*.sh

		#remove cache
		rm -rf /var/cache/shibboleth-identity-provider/*

        echo "enable virtual hosts with: a2ensite shib_idp" >&2

    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

db_stop

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#

exit 0
